Update Sun May 26 16:36:09 UTC 2024

2025-05-05 18:27:17 +00:00 · 2024-05-26 16:36:09 +00:00 · 2024-05-26 16:36:09 +00:00 · 2226095616
commit 2226095616
parent 49bdc782b3
64 changed files with 114041 additions and 96 deletions
--- a/2020/CVE-2020-18713.md
+++ b/2020/CVE-2020-18713.md
@ -0,0 +1,17 @@
+### [CVE-2020-18713](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18713)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in customerAction.php
+
+### POC
+
+#### Reference
+- https://www.seebug.org/vuldb/ssvid-97859
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2021/CVE-2021-22942.md
+++ b/2021/CVE-2021-22942.md
@ -14,4 +14,5 @@ No PoCs from references.

 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/Rootskery/Ethical-Hacking

--- a/2021/CVE-2021-34527.md
+++ b/2021/CVE-2021-34527.md
@ -109,6 +109,7 @@
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
 - https://github.com/RNBBarrett/CrewAI-examples
 - https://github.com/RafaelwDuarte/Trabalho_Grau_B
+- https://github.com/Rootskery/Ethical-Hacking
 - https://github.com/Royalboy2000/codeRDPbreaker
 - https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
 - https://github.com/S3cur3Th1sSh1t/PowerSharpPack
--- a/2021/CVE-2021-4104.md
+++ b/2021/CVE-2021-4104.md
@ -50,6 +50,7 @@ JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when
 - https://github.com/doris0213/assignments
 - https://github.com/elicha023948/44228
 - https://github.com/govgitty/log4shell-
+- https://github.com/grvuolo/wsa-spgi-lab
 - https://github.com/helsecert/CVE-2021-44228
 - https://github.com/k0mi-tg/CVE-POC
 - https://github.com/kpostreich/WAS-Automation-CVE
--- a/2021/CVE-2021-4154.md
+++ b/2021/CVE-2021-4154.md
@ -21,6 +21,7 @@ A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v
 - https://github.com/NaInSec/CVE-PoC-in-GitHub
 - https://github.com/SYRTI/POC_to_review
 - https://github.com/WhooAmii/POC_to_review
+- https://github.com/a8stract-lab/SeaK
 - https://github.com/bsauce/kernel-exploit-factory
 - https://github.com/bsauce/kernel-security-learning
 - https://github.com/k0mi-tg/CVE-POC
--- a/2021/CVE-2021-44228.md
+++ b/2021/CVE-2021-44228.md
@ -427,6 +427,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/RinkuDas7857/Vuln
 - https://github.com/Rk-000/Log4j_scan_Advance
 - https://github.com/RonnyLevy/vul
+- https://github.com/Rootskery/Ethical-Hacking
 - https://github.com/RrUZi/Awesome-CVE-2021-44228
 - https://github.com/Ryan2065/Log4ShellDetection
 - https://github.com/SYRTI/POC_to_review
@ -839,6 +840,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/grey0ut/Log4j-PoSH
 - https://github.com/greymd/CVE-2021-44228
 - https://github.com/grimch/log4j-CVE-2021-44228-workaround
+- https://github.com/grvuolo/wsa-spgi-lab
 - https://github.com/guardicode/CVE-2021-44228_IoCs
 - https://github.com/guerzon/guerzon
 - https://github.com/guerzon/log4shellpoc
--- a/2021/CVE-2021-45046.md
+++ b/2021/CVE-2021-45046.md
@ -152,6 +152,7 @@ It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was i
 - https://github.com/gjrocks/TestLog4j
 - https://github.com/google/security-research
 - https://github.com/govgitty/log4shell-
+- https://github.com/grvuolo/wsa-spgi-lab
 - https://github.com/gumimin/dependency-check-sample
 - https://github.com/hari-mutyala/HK-JmeterDocker
 - https://github.com/hari-mutyala/jmeter-api-perf
--- a/2022/CVE-2022-0185.md
+++ b/2022/CVE-2022-0185.md
@ -35,6 +35,7 @@ A heap-based buffer overflow flaw was found in the way the legacy_parse_param fu
 - https://github.com/Shoeb-K/MANAGE-SECURE-VALIDATE-DEBUG-MONITOR-HARDENING-AND-PREVENT-MISCONFIGURATION-OF-KUBERNETES
 - https://github.com/WhooAmii/POC_to_review
 - https://github.com/XiaozaYa/CVE-Recording
+- https://github.com/a8stract-lab/SeaK
 - https://github.com/adavarski/HomeLab-Proxmox-k8s-DevSecOps-playground
 - https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground
 - https://github.com/arveske/Github-language-trends
--- a/2022/CVE-2022-0316.md
+++ b/2022/CVE-2022-0316.md
@ -23,6 +23,8 @@ The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform W

 #### Github
 - https://github.com/KTN1990/CVE-2022-0316_wordpress_multiple_themes_exploit
+- https://github.com/KTN1990/CVE-2024-31351_wordpress_exploit
+- https://github.com/KTN1990/CVE-2024-5084
 - https://github.com/k0mi-tg/CVE-POC
 - https://github.com/manas3c/CVE-POC
 - https://github.com/nomi-sec/PoC-in-GitHub
--- a/2022/CVE-2022-21894.md
+++ b/2022/CVE-2022-21894.md
@ -49,6 +49,7 @@ No PoCs from references.
 - https://github.com/Iveco/xknow_infosec
 - https://github.com/Mr-xn/Penetration_Testing_POC
 - https://github.com/NaInSec/CVE-PoC-in-GitHub
+- https://github.com/Rootskery/Ethical-Hacking
 - https://github.com/SYRTI/POC_to_review
 - https://github.com/Wack0/CVE-2022-21894
 - https://github.com/Wack0/batondrop_armv7
--- a/2022/CVE-2022-27666.md
+++ b/2022/CVE-2022-27666.md
@ -29,6 +29,7 @@ A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ip
 - https://github.com/NaInSec/CVE-PoC-in-GitHub
 - https://github.com/SYRTI/POC_to_review
 - https://github.com/WhooAmii/POC_to_review
+- https://github.com/a8stract-lab/SeaK
 - https://github.com/bsauce/kernel-exploit-factory
 - https://github.com/bsauce/kernel-security-learning
 - https://github.com/cyberanand1337x/bug-bounty-2022
--- a/2022/CVE-2022-39197.md
+++ b/2022/CVE-2022-39197.md
@ -39,6 +39,7 @@ An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Stri
 - https://github.com/TryGOTry/CobaltStrike_Cat_4.5
 - https://github.com/TryGOTry/DogCs4.4
 - https://github.com/WhooAmii/POC_to_review
+- https://github.com/Wine0000/cs_agent_plus
 - https://github.com/adeljck/CVE-2022-39197
 - https://github.com/aneasystone/github-trending
 - https://github.com/atomxw/cobaltstrike4.5_cdf
--- a/2024/CVE-2024-0230.md
+++ b/2024/CVE-2024-0230.md
@ -13,6 +13,8 @@ A session management issue was addressed with improved checks. This issue is fix
 No PoCs from references.

 #### Github
+- https://github.com/gato001k1/helt
+- https://github.com/keldnorman/cve-2024-0230-blue
 - https://github.com/marcnewlin/hi_my_name_is_keyboard
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/shirin-ehtiram/hi_my_name_is_keyboard
--- a/2024/CVE-2024-1234.md
+++ b/2024/CVE-2024-1234.md
@ -18,6 +18,7 @@ No PoCs from references.
 - https://github.com/KyJr3os/Ethical-Hacking-Technical-Report
 - https://github.com/West-wise/nuclei_template_generater
 - https://github.com/chinocchio/EthicalHacking
+- https://github.com/dumpnidadai/Ethical_Final
 - https://github.com/mncbndy/Final-Project---Ethical-Hacking-Report
 - https://github.com/nattino9/Ethical-Hacking-Finals-Project

--- a/2024/CVE-2024-1561.md
+++ b/2024/CVE-2024-1561.md
@ -18,6 +18,7 @@ No PoCs from references.
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/tanjiti/sec_profile
+- https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki

--- a/2024/CVE-2024-1709.md
+++ b/2024/CVE-2024-1709.md
@ -27,6 +27,7 @@ ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Byp
 - https://github.com/Ostorlab/KEV
 - https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE
 - https://github.com/cjybao/CVE-2024-1709-and-CVE-2024-1708
+- https://github.com/codeb0ss/CVE-2024-1709-PoC
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/myseq/vcheck-cli
 - https://github.com/nomi-sec/PoC-in-GitHub
--- a/2024/CVE-2024-20356.md
+++ b/2024/CVE-2024-20356.md
@ -15,6 +15,7 @@ A vulnerability in the web-based management interface of Cisco Integrated Manage
 - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-bLuPcb

 #### Github
+- https://github.com/SherllyNeo/CVE_2024_20356
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/nettitude/CVE-2024-20356
 - https://github.com/nomi-sec/PoC-in-GitHub
--- a/2024/CVE-2024-21306.md
+++ b/2024/CVE-2024-21306.md
@ -30,6 +30,7 @@ No PoCs from references.
 - https://github.com/PhucHauDeveloper/BadbBlue
 - https://github.com/d4rks1d33/C-PoC-for-CVE-2024-21306
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/gato001k1/helt
 - https://github.com/marcnewlin/hi_my_name_is_keyboard
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/shirin-ehtiram/hi_my_name_is_keyboard
--- a/2024/CVE-2024-21413.md
+++ b/2024/CVE-2024-21413.md
@ -32,6 +32,7 @@ Microsoft Outlook Remote Code Execution Vulnerability
 - https://github.com/bkzk/cisco-email-filters
 - https://github.com/dshabani96/CVE-2024-21413
 - https://github.com/duy-31/CVE-2024-21413
+- https://github.com/eddmen2812/lab_hacking
 - https://github.com/fireinrain/github-trending
 - https://github.com/hktalent/bug-bounty
 - https://github.com/jafshare/GithubTrending
@ -46,5 +47,6 @@ Microsoft Outlook Remote Code Execution Vulnerability
 - https://github.com/tanjiti/sec_profile
 - https://github.com/th3Hellion/CVE-2024-21413
 - https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
+- https://github.com/xaitax/SploitScan
 - https://github.com/zhaoxiaoha/github-trending

--- a/2024/CVE-2024-21683.md
+++ b/2024/CVE-2024-21683.md
@ -13,10 +13,20 @@ This High severity RCE (Remote Code Execution) vulnerability was introduced in v
 No PoCs from references.

 #### Github
+- https://github.com/Arbeys/CVE-2024-21683-PoC
 - https://github.com/W01fh4cker/CVE-2024-21683-RCE
+- https://github.com/ZonghaoLi777/githubTrending
+- https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server
+- https://github.com/aneasystone/github-trending
+- https://github.com/fireinrain/github-trending
+- https://github.com/jafshare/GithubTrending
 - https://github.com/johe123qwe/github-trending
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server
+- https://github.com/sampsonv/github-trending
 - https://github.com/tanjiti/sec_profile
+- https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki
+- https://github.com/zhaoxiaoha/github-trending

--- a/2024/CVE-2024-22120.md
+++ b/2024/CVE-2024-22120.md
@ -22,6 +22,7 @@ Zabbix server can perform command execution for configured scripts. After comman
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/sampsonv/github-trending
 - https://github.com/tanjiti/sec_profile
+- https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki
 - https://github.com/zhaoxiaoha/github-trending
--- a/2024/CVE-2024-23897.md
+++ b/2024/CVE-2024-23897.md
@ -30,6 +30,7 @@ Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of
 - https://github.com/Nebian/CVE-2024-23897
 - https://github.com/Ostorlab/KEV
 - https://github.com/Praison001/CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability
+- https://github.com/Surko888/Surko-Exploit-Jenkins-CVE-2024-23897
 - https://github.com/ThatNotEasy/CVE-2024-23897
 - https://github.com/TheBeastofwar/JenkinsExploit-GUI
 - https://github.com/TheRedDevil1/CVE-2024-23897
--- a/2024/CVE-2024-26304.md
+++ b/2024/CVE-2024-26304.md
@ -16,6 +16,7 @@ No PoCs from references.
 - https://github.com/Roud-Roud-Agency/CVE-2024-26304-RCE-exploits
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki

--- a/2024/CVE-2024-27130.md
+++ b/2024/CVE-2024-27130.md
@ -16,8 +16,10 @@ A buffer copy without checking size of input vulnerability has been reported to
 No PoCs from references.

 #### Github
+- https://github.com/d0rb/CVE-2024-27130
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/watchtowrlabs/CVE-2024-27130
+- https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki

--- a/2024/CVE-2024-29269.md
+++ b/2024/CVE-2024-29269.md
@ -13,6 +13,7 @@ An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers t
 No PoCs from references.

 #### Github
+- https://github.com/Chocapikk/CVE-2024-29269
 - https://github.com/Ostorlab/KEV
 - https://github.com/YongYe-Security/CVE-2024-29269
 - https://github.com/nomi-sec/PoC-in-GitHub
--- a/2024/CVE-2024-29392.md
+++ b/2024/CVE-2024-29392.md
@ -13,5 +13,5 @@ Silverpeas Core 6.3 is vulnerable to Cross Site Scripting (XSS) via ClipboardSes
 - https://gist.github.com/phulelouch/48ee63a7c46078574f3b3dc9a739052c

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/phulelouch/CVEs

--- a/2024/CVE-2024-2961.md
+++ b/2024/CVE-2024-2961.md
@ -15,5 +15,6 @@ No PoCs from references.
 #### Github
 - https://github.com/mattaperkins/FIX-CVE-2024-2961
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/rvizx/CVE-2024-2961
 - https://github.com/tarlepp/links-of-the-week

--- a/2024/CVE-2024-30007.md
+++ b/2024/CVE-2024-30007.md
@ -0,0 +1,17 @@
+### [CVE-2024-30007](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30007)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022%2C%2023H2%20Edition%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.887%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%3A%20Improper%20Privilege%20Management&color=brighgreen)
+
+### Description
+
+Microsoft Brokering File System Elevation of Privilege Vulnerability
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/angelov-1080/CVE_Checker
+
--- a/2024/CVE-2024-30008.md
+++ b/2024/CVE-2024-30008.md
@ -0,0 +1,40 @@
+### [CVE-2024-30008](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30008)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2022H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20Version%2023H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H3&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022%2C%2023H2%20Edition%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.20651%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.6981%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.5820%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19044.4412%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.4412%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.2461%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2960%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.3593%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.3593%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.887%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-191%3A%20Integer%20Underflow%20(Wrap%20or%20Wraparound)&color=brighgreen)
+
+### Description
+
+Windows DWM Core Library Information Disclosure  Vulnerability
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/angelov-1080/CVE_Checker
+
--- a/2024/CVE-2024-30009.md
+++ b/2024/CVE-2024-30009.md
@ -0,0 +1,54 @@
+### [CVE-2024-30009](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30009)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2022H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20Version%2023H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H3&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022%2C%2023H2%20Edition%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.20651%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.6981%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.5820%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19044.4412%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.4412%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.2461%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2960%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.3593%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.3593%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.887%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22668%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.27117%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.27117%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24868%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21972%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-197%3A%20Numeric%20Truncation%20Error&color=brighgreen)
+
+### Description
+
+Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/angelov-1080/CVE_Checker
+
--- a/2024/CVE-2024-30050.md
+++ b/2024/CVE-2024-30050.md
@ -0,0 +1,54 @@
+### [CVE-2024-30050](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30050)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2022H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20Version%2023H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H3&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022%2C%2023H2%20Edition%20(Server%20Core%20installation)&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.20651%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.6981%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.5820%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19044.4412%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.4412%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.2461%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2960%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.3593%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.3593%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.887%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22668%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.27117%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.27117%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24868%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21972%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen)
+
+### Description
+
+Windows Mark of the Web Security Feature Bypass Vulnerability
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/angelov-1080/CVE_Checker
+
--- a/2024/CVE-2024-30998.md
+++ b/2024/CVE-2024-30998.md
@ -13,5 +13,7 @@ SQL Injection vulnerability in PHPGurukul Men Salon Management System v.2.0, all
 - https://github.com/efekaanakkar/CVEs/blob/main/PHPGurukul-Men-Salon-Management-System-2.0.md

 #### Github
+- https://github.com/efekaanakkar/CVE-2024-30998
 - https://github.com/efekaanakkar/CVEs
+- https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-31351.md
+++ b/2024/CVE-2024-31351.md
@ -13,5 +13,6 @@ Unrestricted Upload of File with Dangerous Type vulnerability in Copymatic Copym
 No PoCs from references.

 #### Github
+- https://github.com/KTN1990/CVE-2024-31351_wordpress_exploit
 - https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-31445.md
+++ b/2024/CVE-2024-31445.md
@ -0,0 +1,17 @@
+### [CVE-2024-31445](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31445)
+![](https://img.shields.io/static/v1?label=Product&message=cacti&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%201.2.27%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. In `api_automation.php` line 856, the `get_request_var('filter')` is being concatenated into the SQL statement without any sanitization. In `api_automation.php` line 717, The filter of `'filter'` is `FILTER_DEFAULT`, which means there is no filter for it. Version 1.2.27 contains a patch for the issue.
+
+### POC
+
+#### Reference
+- https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2024/CVE-2024-31510.md
+++ b/2024/CVE-2024-31510.md
@ -10,8 +10,9 @@ An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/liang-junkai/Fault-injection-of-ML-DSA

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/liang-junkai/Fault-injection-of-ML-DSA

--- a/2024/CVE-2024-31989.md
+++ b/2024/CVE-2024-31989.md
@ -0,0 +1,17 @@
+### [CVE-2024-31989](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31989)
+![](https://img.shields.io/static/v1?label=Product&message=argo-cd&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%202.8.19%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-327%3A%20Use%20of%20a%20Broken%20or%20Risky%20Cryptographic%20Algorithm&color=brighgreen)
+
+### Description
+
+Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS cluster, it requires manual enablement through configuration to enforce network policies. This raises concerns that many clients might unknowingly have open access to their Redis servers. This vulnerability could lead to Privilege Escalation to the level of cluster controller, or to information leakage, affecting anyone who does not have strict access controls on their Redis instance. This issue has been patched in version(s) 2.8.19, 2.9.15 and 2.10.10.
+
+### POC
+
+#### Reference
+- https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2024/CVE-2024-32002.md
+++ b/2024/CVE-2024-32002.md
@ -14,25 +14,60 @@ Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42
 No PoCs from references.

 #### Github
+- https://github.com/10cks/CVE-2024-32002-EXP
 - https://github.com/10cks/CVE-2024-32002-POC
 - https://github.com/10cks/CVE-2024-32002-hulk
 - https://github.com/10cks/CVE-2024-32002-linux-hulk
 - https://github.com/10cks/CVE-2024-32002-linux-submod
 - https://github.com/10cks/CVE-2024-32002-submod
+- https://github.com/10cks/hook
+- https://github.com/1mxml/CVE-2024-32002-poc
+- https://github.com/CrackerCat/CVE-2024-32002_EXP
 - https://github.com/GhostTroops/TOP
+- https://github.com/JJoosh/CVE-2024-32002-Reverse-Shell
+- https://github.com/JakobTheDev/cve-2024-32002-poc-aw
+- https://github.com/JakobTheDev/cve-2024-32002-poc-rce
+- https://github.com/JakobTheDev/cve-2024-32002-submodule-aw
+- https://github.com/JakobTheDev/cve-2024-32002-submodule-rce
 - https://github.com/M507/CVE-2024-32002
+- https://github.com/Roronoawjd/git_rce
+- https://github.com/Roronoawjd/hook
+- https://github.com/WOOOOONG/CVE-2024-32002
+- https://github.com/WOOOOONG/hook
+- https://github.com/YuanlooSec/CVE-2024-32002-poc
+- https://github.com/aitorcastel/poc_CVE-2024-32002
+- https://github.com/aitorcastel/poc_CVE-2024-32002_submodule
+- https://github.com/amalmurali47/demo_git_rce
+- https://github.com/amalmurali47/demo_hook
 - https://github.com/amalmurali47/git_rce
 - https://github.com/amalmurali47/hook
 - https://github.com/aneasystone/github-trending
+- https://github.com/bfengj/CVE-2024-32002-Exploit
+- https://github.com/bfengj/CVE-2024-32002-hook
+- https://github.com/bfengj/Security-Paper-Learing
+- https://github.com/fadhilthomas/hook
+- https://github.com/fadhilthomas/poc-cve-2024-32002
 - https://github.com/jafshare/GithubTrending
+- https://github.com/jerrydotlam/cve-2024-32002-1
+- https://github.com/jerrydotlam/cve-2024-32002-2
+- https://github.com/jerrydotlam/cve-2024-32002-3
 - https://github.com/johe123qwe/github-trending
+- https://github.com/jweny/CVE-2024-32002_EXP
+- https://github.com/jweny/CVE-2024-32002_HOOK
 - https://github.com/kun-g/Scraping-Github-trending
+- https://github.com/markuta/CVE-2024-32002
 - https://github.com/markuta/hooky
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/safebuffer/CVE-2024-32002
 - https://github.com/sampsonv/github-trending
+- https://github.com/seekerzz/MyRSSSync
 - https://github.com/tanjiti/sec_profile
+- https://github.com/vincepsh/CVE-2024-32002
+- https://github.com/vincepsh/CVE-2024-32002-hook
+- https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki
+- https://github.com/ycdxsb/CVE-2024-32002-hulk
+- https://github.com/ycdxsb/CVE-2024-32002-submod
 - https://github.com/zhaoxiaoha/github-trending

--- a/2024/CVE-2024-32004.md
+++ b/2024/CVE-2024-32004.md
@ -13,6 +13,7 @@ Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42
 No PoCs from references.

 #### Github
+- https://github.com/10cks/CVE-2024-32004-POC
 - https://github.com/Wadewfsssss/CVE-2024-32004
 - https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-32459.md
+++ b/2024/CVE-2024-32459.md
@ -13,5 +13,6 @@ FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based c
 No PoCs from references.

 #### Github
+- https://github.com/absholi7ly/FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-
 - https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-3272.md
+++ b/2024/CVE-2024-3272.md
@ -16,6 +16,7 @@
 No PoCs from references.

 #### Github
+- https://github.com/aliask/dinkleberry
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/nickswink/D-Link-NAS-Devices-Unauthenticated-RCE
 - https://github.com/nomi-sec/PoC-in-GitHub
--- a/2024/CVE-2024-33752.md
+++ b/2024/CVE-2024-33752.md
@ -14,6 +14,7 @@ No PoCs from references.

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki

--- a/2024/CVE-2024-3435.md
+++ b/2024/CVE-2024-3435.md
@ -14,4 +14,5 @@ No PoCs from references.

 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/ymuraki-csc/cve-2024-3435

--- a/2024/CVE-2024-34448.md
+++ b/2024/CVE-2024-34448.md
@ -0,0 +1,17 @@
+### [CVE-2024-34448](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34448)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Ghost before 5.82.0 allows CSV Injection during a member CSV export.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/phulelouch/CVEs
+
--- a/2024/CVE-2024-3495.md
+++ b/2024/CVE-2024-3495.md
@ -14,4 +14,5 @@ No PoCs from references.

 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/truonghuuphuc/CVE-2024-3495-Poc

--- a/2024/CVE-2024-34958.md
+++ b/2024/CVE-2024-34958.md
@ -13,6 +13,7 @@ idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via t
 No PoCs from references.

 #### Github
+- https://github.com/Gr-1m/CVE-2024-34958-1
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-35373.md
+++ b/2024/CVE-2024-35373.md
@ -13,5 +13,5 @@ Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via
 - https://chocapikk.com/posts/2024/mocodo-vulnerabilities/

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/Chocapikk/My-CVEs

--- a/2024/CVE-2024-35374.md
+++ b/2024/CVE-2024-35374.md
@ -13,5 +13,5 @@ Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case inp
 - https://chocapikk.com/posts/2024/mocodo-vulnerabilities/

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/Chocapikk/My-CVEs

--- a/2024/CVE-2024-35475.md
+++ b/2024/CVE-2024-35475.md
@ -13,5 +13,6 @@ A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Commu
 No PoCs from references.

 #### Github
+- https://github.com/carsonchan12345/CVE-2024-35475
 - https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-36079.md
+++ b/2024/CVE-2024-36079.md
@ -13,5 +13,6 @@ An issue was discovered in Vaultize 21.07.27. When uploading files, there is no
 No PoCs from references.

 #### Github
+- https://github.com/DxRvs/vaultize_CVE-2024-36079
 - https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-4323.md
+++ b/2024/CVE-2024-4323.md
@ -13,6 +13,8 @@ A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This
 No PoCs from references.

 #### Github
+- https://github.com/d0rb/CVE-2024-4323
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/skilfoy/CVE-2024-4323-Exploit-POC
+- https://github.com/yuansec/CVE-2024-4323-dos_poc

--- a/2024/CVE-2024-4331.md
+++ b/2024/CVE-2024-4331.md
@ -13,5 +13,6 @@ Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 al
 No PoCs from references.

 #### Github
+- https://github.com/angelov-1080/CVE_Checker
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-4367.md
+++ b/2024/CVE-2024-4367.md
@ -20,5 +20,6 @@ No PoCs from references.
 - https://github.com/google/fishy-pdf
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/s4vvysec/CVE-2024-4367-POC
+- https://github.com/spaceraccoon/detect-cve-2024-4367
 - https://github.com/tanjiti/sec_profile

--- a/2024/CVE-2024-4439.md
+++ b/2024/CVE-2024-4439.md
@ -17,4 +17,5 @@ No PoCs from references.
 - https://github.com/Ostorlab/KEV
 - https://github.com/d0rb/CVE-2024-4439
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/xssor-dz/-CVE-2024-4439

--- a/2024/CVE-2024-4875.md
+++ b/2024/CVE-2024-4875.md
@ -13,5 +13,6 @@ The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable
 No PoCs from references.

 #### Github
+- https://github.com/RandomRobbieBF/CVE-2024-4875
 - https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-4956.md
+++ b/2024/CVE-2024-4956.md
@ -13,9 +13,15 @@ Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker
 No PoCs from references.

 #### Github
+- https://github.com/banditzCyber0x/CVE-2024-4956
+- https://github.com/codeb0ss/CVE-2024-4956-PoC
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/gmh5225/CVE-2024-4956
+- https://github.com/ifconfig-me/CVE-2024-4956-Bulk-Scanner
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/tanjiti/sec_profile
+- https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki
+- https://github.com/xungzzz/CVE-2024-4956

--- a/2024/CVE-2024-4985.md
+++ b/2024/CVE-2024-4985.md
@ -0,0 +1,17 @@
+### [CVE-2024-4985](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4985)
+![](https://img.shields.io/static/v1?label=Product&message=Enterprise%20Server&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-303%3A%20Incorrect%20Implementation%20of%20Authentication%20Algorithm&color=brighgreen)
+
+### Description
+
+An authentication bypass vulnerability was present in the GitHub Enterprise Server (GHES) when utilizing SAML single sign-on authentication with the optional encrypted assertions feature. This vulnerability allowed an attacker to forge a SAML response to provision and/or gain access to a user with site administrator privileges. Exploitation of this vulnerability would allow unauthorized access to the instance without requiring prior authentication. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.13.0 and was fixed in versions 3.9.15, 3.10.12, 3.11.10 and 3.12.4. This vulnerability was reported via the GitHub Bug Bounty program.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/absholi7ly/Bypass-authentication-GitHub-Enterprise-Server
+
--- a/2024/CVE-2024-5084.md
+++ b/2024/CVE-2024-5084.md
@ -13,5 +13,6 @@ The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to
 No PoCs from references.

 #### Github
+- https://github.com/KTN1990/CVE-2024-5084
 - https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-5145.md
+++ b/2024/CVE-2024-5145.md
@ -12,6 +12,7 @@ A vulnerability was found in SourceCodester Vehicle Management System up to 1.0
 #### Reference
 - https://github.com/CveSecLook/cve/issues/38
 - https://github.com/CveSecLook/cve/issues/38CVE-2020-7009
+- https://github.com/CveSecLook/cve/issues/38CVE-2020-7009

 #### Github
 No PoCs found on GitHub currently.
--- a/2024/CVE-2024-5359.md
+++ b/2024/CVE-2024-5359.md
@ -0,0 +1,17 @@
+### [CVE-2024-5359](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5359)
+![](https://img.shields.io/static/v1?label=Product&message=Zoo%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%202.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been classified as critical. This affects an unknown part of the file /admin/foreigner-search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266271.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-5360.md
+++ b/2024/CVE-2024-5360.md
@ -0,0 +1,17 @@
+### [CVE-2024-5360](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5360)
+![](https://img.shields.io/static/v1?label=Product&message=Zoo%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%202.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/foreigner-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266272.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-5361.md
+++ b/2024/CVE-2024-5361.md
@ -0,0 +1,17 @@
+### [CVE-2024-5361](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5361)
+![](https://img.shields.io/static/v1?label=Product&message=Zoo%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%202.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some unknown processing of the file /admin/normal-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266273 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-5362.md
+++ b/2024/CVE-2024-5362.md
@ -0,0 +1,17 @@
+### [CVE-2024-5362](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5362)
+![](https://img.shields.io/static/v1?label=Product&message=Online%20Hospital%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability classified as critical has been found in SourceCodester Online Hospital Management System 1.0. Affected is an unknown function of the file departmentDoctor.php. The manipulation of the argument deptid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266274 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/CveSecLook/cve/issues/41
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/github.txt
+++ b/github.txt
--- a/references.txt
+++ b/references.txt