diff --git a/2000/CVE-2000-0114.md b/2000/CVE-2000-0114.md
index 5f256bf28..ee2b6adca 100644
--- a/2000/CVE-2000-0114.md
+++ b/2000/CVE-2000-0114.md
@@ -16,6 +16,7 @@ No PoCs from references.
- https://github.com/0xPugal/One-Liners
- https://github.com/0xPugazh/One-Liners
- https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Cappricio-Securities/CVE-2000-0114
- https://github.com/Live-Hack-CVE/CVE-2000-0114
- https://github.com/POORVAJA-195/Nuclei-Analysis-main
diff --git a/2000/CVE-2000-0170.md b/2000/CVE-2000-0170.md
index 6203530d0..c4386d5e8 100644
--- a/2000/CVE-2000-0170.md
+++ b/2000/CVE-2000-0170.md
@@ -15,5 +15,6 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/mike182/exploit
diff --git a/2000/CVE-2000-0649.md b/2000/CVE-2000-0649.md
index f7f2c8291..ca6e7b6f1 100644
--- a/2000/CVE-2000-0649.md
+++ b/2000/CVE-2000-0649.md
@@ -16,6 +16,8 @@ No PoCs from references.
- https://github.com/0xNVAN/win-iisadmin
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
+- https://github.com/Downgraderz/PoC-CVE-2000-0649
- https://github.com/JimboJimbabwe/HackGPTV2
- https://github.com/amtzespinosa/lord-of-the-root-walkthrough
- https://github.com/hanmin0512/Web-hacking-LAB
diff --git a/2000/CVE-2000-0979.md b/2000/CVE-2000-0979.md
index 9132d1a5c..424d482e1 100644
--- a/2000/CVE-2000-0979.md
+++ b/2000/CVE-2000-0979.md
@@ -16,6 +16,7 @@ File and Print Sharing service in Windows 95, Windows 98, and Windows Me does no
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Ascotbe/Kernelhub
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Cruxer8Mech/Idk
- https://github.com/Z6543/CVE-2000-0979
- https://github.com/ycdxsb/WindowsPrivilegeEscalation
diff --git a/2001/CVE-2001-0550.md b/2001/CVE-2001-0550.md
index 5a07f8fba..70968945c 100644
--- a/2001/CVE-2001-0550.md
+++ b/2001/CVE-2001-0550.md
@@ -18,6 +18,7 @@ wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" a
- https://github.com/Badbug6/EQGRP
- https://github.com/CKmaenn/EQGRP
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CybernetiX-S3C/EQGRP_Linux
- https://github.com/Drift-Security/Shadow_Brokers-Vs-NSA
- https://github.com/IHA114/EQGRP
diff --git a/2001/CVE-2001-0680.md b/2001/CVE-2001-0680.md
index 858fe2306..de65db22c 100644
--- a/2001/CVE-2001-0680.md
+++ b/2001/CVE-2001-0680.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2001/CVE-2001-0758.md b/2001/CVE-2001-0758.md
index 44cfbbae1..d27403f17 100644
--- a/2001/CVE-2001-0758.md
+++ b/2001/CVE-2001-0758.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2001/CVE-2001-0931.md b/2001/CVE-2001-0931.md
index 7ba8fd033..56b0da601 100644
--- a/2001/CVE-2001-0931.md
+++ b/2001/CVE-2001-0931.md
@@ -15,4 +15,5 @@ Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 allows attac
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2001/CVE-2001-0932.md b/2001/CVE-2001-0932.md
index 3b998b11f..b5934dce9 100644
--- a/2001/CVE-2001-0932.md
+++ b/2001/CVE-2001-0932.md
@@ -15,4 +15,5 @@ Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cau
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2001/CVE-2001-0933.md b/2001/CVE-2001-0933.md
index a93f3b2a2..1e2e425c1 100644
--- a/2001/CVE-2001-0933.md
+++ b/2001/CVE-2001-0933.md
@@ -15,4 +15,5 @@ Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of a
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2001/CVE-2001-0934.md b/2001/CVE-2001-0934.md
index bc6f8c439..d8726b820 100644
--- a/2001/CVE-2001-0934.md
+++ b/2001/CVE-2001-0934.md
@@ -15,4 +15,5 @@ Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the physical pa
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2001/CVE-2001-1442.md b/2001/CVE-2001-1442.md
index c252c6d91..581556135 100644
--- a/2001/CVE-2001-1442.md
+++ b/2001/CVE-2001-1442.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2001/CVE-2001-1473.md b/2001/CVE-2001-1473.md
index 5786b2e1e..a49aec0ac 100644
--- a/2001/CVE-2001-1473.md
+++ b/2001/CVE-2001-1473.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/0xget/cve-2001-1473
- https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/codine7/Hacking_Automated
- https://github.com/codine7/fox
- https://github.com/codine7/jungle
diff --git a/2002/CVE-2002-0200.md b/2002/CVE-2002-0200.md
index c157d0a1e..a75486833 100644
--- a/2002/CVE-2002-0200.md
+++ b/2002/CVE-2002-0200.md
@@ -15,4 +15,5 @@ Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial o
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2002/CVE-2002-0201.md b/2002/CVE-2002-0201.md
index f425ed380..10b9c4970 100644
--- a/2002/CVE-2002-0201.md
+++ b/2002/CVE-2002-0201.md
@@ -15,4 +15,5 @@ Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial o
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2002/CVE-2002-0288.md b/2002/CVE-2002-0288.md
index cfaa3e6b9..d6a481263 100644
--- a/2002/CVE-2002-0288.md
+++ b/2002/CVE-2002-0288.md
@@ -15,4 +15,5 @@ Directory traversal vulnerability in Phusion web server 1.0 allows remote attack
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2002/CVE-2002-0289.md b/2002/CVE-2002-0289.md
index fcaa1c026..8b82f6e2b 100644
--- a/2002/CVE-2002-0289.md
+++ b/2002/CVE-2002-0289.md
@@ -15,4 +15,5 @@ Buffer overflow in Phusion web server 1.0 allows remote attackers to cause a den
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2002/CVE-2002-0346.md b/2002/CVE-2002-0346.md
index 1ce007022..c78f1a727 100644
--- a/2002/CVE-2002-0346.md
+++ b/2002/CVE-2002-0346.md
@@ -15,4 +15,5 @@ Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to ex
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2002/CVE-2002-0347.md b/2002/CVE-2002-0347.md
index 5816e0243..6db66d407 100644
--- a/2002/CVE-2002-0347.md
+++ b/2002/CVE-2002-0347.md
@@ -15,4 +15,5 @@ Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to rea
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2002/CVE-2002-0348.md b/2002/CVE-2002-0348.md
index c5c614193..d01c7085f 100644
--- a/2002/CVE-2002-0348.md
+++ b/2002/CVE-2002-0348.md
@@ -15,4 +15,5 @@ service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2002/CVE-2002-0448.md b/2002/CVE-2002-0448.md
index 47f01b515..63f2bdfb5 100644
--- a/2002/CVE-2002-0448.md
+++ b/2002/CVE-2002-0448.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2002/CVE-2002-0740.md b/2002/CVE-2002-0740.md
index ef627d9da..312edb7aa 100644
--- a/2002/CVE-2002-0740.md
+++ b/2002/CVE-2002-0740.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2002/CVE-2002-0748.md b/2002/CVE-2002-0748.md
index 7557e9795..e10ab15e3 100644
--- a/2002/CVE-2002-0748.md
+++ b/2002/CVE-2002-0748.md
@@ -13,5 +13,6 @@ LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause a denial o
No PoCs from references.
#### Github
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/fauzanwijaya/CVE-2002-0748
diff --git a/2002/CVE-2002-0991.md b/2002/CVE-2002-0991.md
index 8feb3a816..913632347 100644
--- a/2002/CVE-2002-0991.md
+++ b/2002/CVE-2002-0991.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2002/CVE-2002-1614.md b/2002/CVE-2002-1614.md
index eedbe65db..6f53cb05b 100644
--- a/2002/CVE-2002-1614.md
+++ b/2002/CVE-2002-1614.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/DrewSC13/Linpeas
- https://github.com/cedelasen/htb-laboratory
- https://github.com/chorankates/Irked
diff --git a/2002/CVE-2002-20001.md b/2002/CVE-2002-20001.md
index 24b08dcac..e23972df4 100644
--- a/2002/CVE-2002-20001.md
+++ b/2002/CVE-2002-20001.md
@@ -20,7 +20,9 @@ The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the clie
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Balasys/dheater
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Live-Hack-CVE/CVE-2002-20001
- https://github.com/Live-Hack-CVE/CVE-2022-40735
- https://github.com/anquanscan/sec-tools
diff --git a/2002/CVE-2002-2420.md b/2002/CVE-2002-2420.md
index ddd33b5d6..4d7895c6d 100644
--- a/2002/CVE-2002-2420.md
+++ b/2002/CVE-2002-2420.md
@@ -15,5 +15,6 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/krdsploit/CVE-2002-2420
diff --git a/2004/CVE-2004-0077.md b/2004/CVE-2004-0077.md
index b6606c469..8a9bd1542 100644
--- a/2004/CVE-2004-0077.md
+++ b/2004/CVE-2004-0077.md
@@ -21,6 +21,7 @@ The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
@@ -59,6 +60,7 @@ The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to
- https://github.com/rakjong/LinuxElevation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2004/CVE-2004-0558.md b/2004/CVE-2004-0558.md
index 6009400e7..c5a64c268 100644
--- a/2004/CVE-2004-0558.md
+++ b/2004/CVE-2004-0558.md
@@ -16,4 +16,5 @@ The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
+- https://github.com/fibonascii/CVE-2004-0558
diff --git a/2004/CVE-2004-1235.md b/2004/CVE-2004-1235.md
index 5e8ef449c..063e6081e 100644
--- a/2004/CVE-2004-1235.md
+++ b/2004/CVE-2004-1235.md
@@ -20,6 +20,7 @@ Race condition in the (1) load_elf_library and (2) binfmt_aout function calls fo
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2005/CVE-2005-0736.md b/2005/CVE-2005-0736.md
index c4fb0ea4e..fafe3b146 100644
--- a/2005/CVE-2005-0736.md
+++ b/2005/CVE-2005-0736.md
@@ -20,6 +20,7 @@ Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2005/CVE-2005-1263.md b/2005/CVE-2005-1263.md
index 8d6401074..f8c5c2fd2 100644
--- a/2005/CVE-2005-1263.md
+++ b/2005/CVE-2005-1263.md
@@ -19,6 +19,7 @@ The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2,
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2005/CVE-2005-1794.md b/2005/CVE-2005-1794.md
index cecb0feea..f8b18f0e4 100644
--- a/2005/CVE-2005-1794.md
+++ b/2005/CVE-2005-1794.md
@@ -18,4 +18,5 @@ No PoCs from references.
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/InitRoot/CVE-2005-1794Scanner
- https://github.com/Ressurect0/fluffyLogic
+- https://github.com/anvithalolla/Tesla_PenTest
diff --git a/2005/CVE-2005-2428.md b/2005/CVE-2005-2428.md
index 9b19dcdc9..d1a3ea10b 100644
--- a/2005/CVE-2005-2428.md
+++ b/2005/CVE-2005-2428.md
@@ -22,6 +22,7 @@ Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, sto
- https://github.com/POORVAJA-195/Nuclei-Analysis-main
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/gojhonny/Pentesting-Scripts
+- https://github.com/jobroche/Pentesting-Scripts
- https://github.com/merlinepedra/nuclei-templates
- https://github.com/merlinepedra25/nuclei-templates
- https://github.com/schwankner/CVE-2005-2428-IBM-Lotus-Domino-R8-Password-Hash-Extraction-Exploit
diff --git a/2006/CVE-2006-0001.md b/2006/CVE-2006-0001.md
index 0b596d0d6..91cdcc630 100644
--- a/2006/CVE-2006-0001.md
+++ b/2006/CVE-2006-0001.md
@@ -10,6 +10,7 @@ Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 allows user
### POC
#### Reference
+- http://www.computerterrorism.com/research/ct12-09-2006-2.htm
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-054
#### Github
diff --git a/2006/CVE-2006-20001.md b/2006/CVE-2006-20001.md
index 080cb3e96..50bf6ddc3 100644
--- a/2006/CVE-2006-20001.md
+++ b/2006/CVE-2006-20001.md
@@ -18,6 +18,7 @@ No PoCs from references.
- https://github.com/ByteXenon/IP-Security-Database
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/Live-Hack-CVE/CVE-2006-20001
- https://github.com/Saksham2002/CVE-2006-20001
- https://github.com/bioly230/THM_Skynet
diff --git a/2006/CVE-2006-2451.md b/2006/CVE-2006-2451.md
index f2f6b0030..20a26eeda 100644
--- a/2006/CVE-2006-2451.md
+++ b/2006/CVE-2006-2451.md
@@ -20,6 +20,7 @@ No PoCs from references.
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/Jasut1n/CVE
- https://github.com/Jasut1n/c-exploits
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
diff --git a/2006/CVE-2006-3311.md b/2006/CVE-2006-3311.md
index f273b34e6..5b357b573 100644
--- a/2006/CVE-2006-3311.md
+++ b/2006/CVE-2006-3311.md
@@ -11,6 +11,7 @@ Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8
#### Reference
- http://securityreason.com/securityalert/1546
+- http://www.computerterrorism.com/research/ct12-09-2006.htm
#### Github
No PoCs found on GitHub currently.
diff --git a/2006/CVE-2006-3626.md b/2006/CVE-2006-3626.md
index 710560d6d..67a857a9c 100644
--- a/2006/CVE-2006-3626.md
+++ b/2006/CVE-2006-3626.md
@@ -19,6 +19,7 @@ Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain r
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2007/CVE-2007-0034.md b/2007/CVE-2007-0034.md
index 857bb7362..0aa51963e 100644
--- a/2007/CVE-2007-0034.md
+++ b/2007/CVE-2007-0034.md
@@ -10,6 +10,7 @@ Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook
### POC
#### Reference
+- http://www.computerterrorism.com/research/ct09-01-2007.htm
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-003
#### Github
diff --git a/2007/CVE-2007-4573.md b/2007/CVE-2007-4573.md
index de0a00c2e..99ec0ebbc 100644
--- a/2007/CVE-2007-4573.md
+++ b/2007/CVE-2007-4573.md
@@ -27,5 +27,6 @@ The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x bef
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2008/CVE-2008-0009.md b/2008/CVE-2008-0009.md
index 985613ad2..73cd36890 100644
--- a/2008/CVE-2008-0009.md
+++ b/2008/CVE-2008-0009.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2008/CVE-2008-0010.md b/2008/CVE-2008-0010.md
index af201cc75..03209d04d 100644
--- a/2008/CVE-2008-0010.md
+++ b/2008/CVE-2008-0010.md
@@ -27,5 +27,6 @@ The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 t
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2008/CVE-2008-0600.md b/2008/CVE-2008-0600.md
index 4bb03bf80..ee01001d1 100644
--- a/2008/CVE-2008-0600.md
+++ b/2008/CVE-2008-0600.md
@@ -19,6 +19,7 @@ The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not v
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
@@ -57,6 +58,7 @@ The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not v
- https://github.com/rakjong/LinuxElevation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2008/CVE-2008-0900.md b/2008/CVE-2008-0900.md
index 74d5edb49..9048e00e2 100644
--- a/2008/CVE-2008-0900.md
+++ b/2008/CVE-2008-0900.md
@@ -14,6 +14,7 @@ No PoCs from references.
#### Github
- https://github.com/Al1ex/LinuxEelvation
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
- https://github.com/fei9747/LinuxEelvation
diff --git a/2008/CVE-2008-4210.md b/2008/CVE-2008-4210.md
index 81cd37365..a1d766c76 100644
--- a/2008/CVE-2008-4210.md
+++ b/2008/CVE-2008-4210.md
@@ -19,6 +19,7 @@ fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and s
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2009/CVE-2009-0065.md b/2009/CVE-2009-0065.md
index fd6a287e3..9a559a041 100644
--- a/2009/CVE-2009-0065.md
+++ b/2009/CVE-2009-0065.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2009/CVE-2009-1046.md b/2009/CVE-2009-1046.md
index d708c75c8..1a0ed3109 100644
--- a/2009/CVE-2009-1046.md
+++ b/2009/CVE-2009-1046.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2009/CVE-2009-1185.md b/2009/CVE-2009-1185.md
index c18b341e2..6084daaea 100644
--- a/2009/CVE-2009-1185.md
+++ b/2009/CVE-2009-1185.md
@@ -20,6 +20,7 @@ udev before 1.4.1 does not verify whether a NETLINK message originates from kern
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
diff --git a/2009/CVE-2009-1337.md b/2009/CVE-2009-1337.md
index 18464ea3e..72eb333c9 100644
--- a/2009/CVE-2009-1337.md
+++ b/2009/CVE-2009-1337.md
@@ -20,6 +20,7 @@ The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2009/CVE-2009-2692.md b/2009/CVE-2009-2692.md
index 7e9784b8a..16f6ab08f 100644
--- a/2009/CVE-2009-2692.md
+++ b/2009/CVE-2009-2692.md
@@ -21,6 +21,7 @@ The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not in
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
@@ -71,6 +72,7 @@ The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not in
- https://github.com/talent-x90c/cve_list
- https://github.com/tangsilian/android-vuln
- https://github.com/taviso/iknowthis
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/x90hack/vulnerabilty_lab
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
diff --git a/2009/CVE-2009-2698.md b/2009/CVE-2009-2698.md
index 165a7d210..c69dbede6 100644
--- a/2009/CVE-2009-2698.md
+++ b/2009/CVE-2009-2698.md
@@ -23,6 +23,7 @@ The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2)
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2009/CVE-2009-2910.md b/2009/CVE-2009-2910.md
index a5975e908..d906789da 100644
--- a/2009/CVE-2009-2910.md
+++ b/2009/CVE-2009-2910.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2009/CVE-2009-3001.md b/2009/CVE-2009-3001.md
index 0471bca33..c7ccd655d 100644
--- a/2009/CVE-2009-3001.md
+++ b/2009/CVE-2009-3001.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2009/CVE-2009-3547.md b/2009/CVE-2009-3547.md
index 16e0308bd..6fd82fa74 100644
--- a/2009/CVE-2009-3547.md
+++ b/2009/CVE-2009-3547.md
@@ -19,6 +19,7 @@ Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allo
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
diff --git a/2009/CVE-2009-3895.md b/2009/CVE-2009-3895.md
new file mode 100644
index 000000000..8127b16c4
--- /dev/null
+++ b/2009/CVE-2009-3895.md
@@ -0,0 +1,17 @@
+### [CVE-2009-3895](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3895)
+
+
+
+
+### Description
+
+Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party information.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ch1hyun/fuzzing-class
+
diff --git a/2010/CVE-2010-1146.md b/2010/CVE-2010-1146.md
index 4ba78f838..ef1afd8ed 100644
--- a/2010/CVE-2010-1146.md
+++ b/2010/CVE-2010-1146.md
@@ -19,6 +19,7 @@ No PoCs from references.
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
diff --git a/2010/CVE-2010-2240.md b/2010/CVE-2010-2240.md
index 28b63bbe0..3b31aba15 100644
--- a/2010/CVE-2010-2240.md
+++ b/2010/CVE-2010-2240.md
@@ -26,5 +26,6 @@ The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2010/CVE-2010-2568.md b/2010/CVE-2010-2568.md
index 56ad17217..3b5e33943 100644
--- a/2010/CVE-2010-2568.md
+++ b/2010/CVE-2010-2568.md
@@ -16,6 +16,7 @@ Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, S
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Kuromesi/Py4CSKG
+- https://github.com/MN439/bingduziyuan
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/jisosomppi/pentesting
diff --git a/2010/CVE-2010-2883.md b/2010/CVE-2010-2883.md
index ffdd65eee..152500fde 100644
--- a/2010/CVE-2010-2883.md
+++ b/2010/CVE-2010-2883.md
@@ -18,6 +18,7 @@ No PoCs from references.
- https://github.com/ThunderJie/CVE
- https://github.com/Zhouyi827/myblog
- https://github.com/amliaW4/amliaW4.github.io
+- https://github.com/fangdada/ctf
- https://github.com/int0/pdfexplorer
- https://github.com/season-lab/rop-collection
- https://github.com/xinali/articles
diff --git a/2010/CVE-2010-2959.md b/2010/CVE-2010-2959.md
index c50fae370..f616f78ee 100644
--- a/2010/CVE-2010-2959.md
+++ b/2010/CVE-2010-2959.md
@@ -27,6 +27,7 @@ No PoCs from references.
- https://github.com/DhivaKD/OSCP-Notes
- https://github.com/Elinpf/OSCP-survival-guide
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/MLGBSec/os-survival
@@ -102,6 +103,7 @@ No PoCs from references.
- https://github.com/spencerdodd/kernelpop
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/whackmanic/OSCP_Found
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2010/CVE-2010-2963.md b/2010/CVE-2010-2963.md
index 5c9dccfca..896cf0bc2 100644
--- a/2010/CVE-2010-2963.md
+++ b/2010/CVE-2010-2963.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2010/CVE-2010-3081.md b/2010/CVE-2010-3081.md
index a9cbeefc7..aab71e7a5 100644
--- a/2010/CVE-2010-3081.md
+++ b/2010/CVE-2010-3081.md
@@ -20,6 +20,7 @@ The compat_alloc_user_space functions in include/asm/compat.h files in the Linux
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
@@ -63,6 +64,7 @@ The compat_alloc_user_space functions in include/asm/compat.h files in the Linux
- https://github.com/ram4u/Linux_Exploit_Suggester
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2010/CVE-2010-3301.md b/2010/CVE-2010-3301.md
index 47137ab77..9f8858b16 100644
--- a/2010/CVE-2010-3301.md
+++ b/2010/CVE-2010-3301.md
@@ -20,6 +20,7 @@ The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
@@ -62,6 +63,7 @@ The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the
- https://github.com/ram4u/Linux_Exploit_Suggester
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2010/CVE-2010-3333.md b/2010/CVE-2010-3333.md
index c6e817910..22cebecf4 100644
--- a/2010/CVE-2010-3333.md
+++ b/2010/CVE-2010-3333.md
@@ -30,6 +30,7 @@ No PoCs from references.
- https://github.com/doshyt/cve-monitor
- https://github.com/enthought/cve-search
- https://github.com/extremenetworks/cve-search-src
+- https://github.com/fangdada/ctf
- https://github.com/jerfinj/cve-search
- https://github.com/miradam/cve-search
- https://github.com/pandazheng/Threat-Intelligence-Analyst
diff --git a/2010/CVE-2010-3437.md b/2010/CVE-2010-3437.md
index 24b2ae6b8..20f0dad8b 100644
--- a/2010/CVE-2010-3437.md
+++ b/2010/CVE-2010-3437.md
@@ -62,6 +62,7 @@ No PoCs from references.
- https://github.com/ram4u/Linux_Exploit_Suggester
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2010/CVE-2010-3904.md b/2010/CVE-2010-3904.md
index 9b570191c..ac18c6716 100644
--- a/2010/CVE-2010-3904.md
+++ b/2010/CVE-2010-3904.md
@@ -35,6 +35,7 @@ The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Socke
- https://github.com/Elinpf/OSCP-survival-guide
- https://github.com/Feng4/linux-kernel-exploits
- https://github.com/Gajasurve/The-Security-Handbook
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/MLGBSec/os-survival
- https://github.com/Micr067/linux-kernel-exploits
diff --git a/2010/CVE-2010-4073.md b/2010/CVE-2010-4073.md
index 354264b0b..ff6bc75a3 100644
--- a/2010/CVE-2010-4073.md
+++ b/2010/CVE-2010-4073.md
@@ -21,6 +21,7 @@ The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize cert
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
diff --git a/2010/CVE-2010-4258.md b/2010/CVE-2010-4258.md
index 398dd6e36..eaae0c5ae 100644
--- a/2010/CVE-2010-4258.md
+++ b/2010/CVE-2010-4258.md
@@ -21,6 +21,7 @@ The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does n
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
- https://github.com/HUSTSeclab/Kernel-Exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
@@ -65,6 +66,7 @@ The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does n
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tranquac/Linux-Privilege-Escalation
- https://github.com/usamaelshazly/Linux-Privilege-Escalation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2010/CVE-2010-4347.md b/2010/CVE-2010-4347.md
index bea1962a5..327136789 100644
--- a/2010/CVE-2010-4347.md
+++ b/2010/CVE-2010-4347.md
@@ -19,6 +19,7 @@ No PoCs from references.
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
diff --git a/2010/CVE-2010-5137.md b/2010/CVE-2010-5137.md
index 66af5af16..8c94db487 100644
--- a/2010/CVE-2010-5137.md
+++ b/2010/CVE-2010-5137.md
@@ -14,6 +14,7 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/cryptoquick/ossification
- https://github.com/uvhw/conchimgiangnang
- https://github.com/uvhw/wallet.cpp
diff --git a/2011/CVE-2011-0923.md b/2011/CVE-2011-0923.md
index c59c21a54..ca32378a0 100644
--- a/2011/CVE-2011-0923.md
+++ b/2011/CVE-2011-0923.md
@@ -15,5 +15,5 @@ The client in HP Data Protector does not properly validate EXEC_CMD arguments, w
- http://securityreason.com/securityalert/8329
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/marcocarolasec/CVE-2016-2004-Exploit
diff --git a/2011/CVE-2011-1493.md b/2011/CVE-2011-1493.md
index 175516cdd..218287788 100644
--- a/2011/CVE-2011-1493.md
+++ b/2011/CVE-2011-1493.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2011/CVE-2011-2523.md b/2011/CVE-2011-2523.md
index 39e933db1..38b9da29b 100644
--- a/2011/CVE-2011-2523.md
+++ b/2011/CVE-2011-2523.md
@@ -71,6 +71,7 @@ vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which
- https://github.com/shamsulchowdhury/Unit-16-Homework-Penetration-Testing1
- https://github.com/slxwzk/slxwzkBotnet
- https://github.com/sponkmonk/Ladon_english_update
+- https://github.com/sug4r-wr41th/CVE-2011-2523
- https://github.com/sunzu94/vsftpd_2.3.4_Exploit
- https://github.com/tarikemal/exploit-ftp-samba
- https://github.com/thanawut2903/Port-21-tcp-vsftpd-2.3.4-exploit
diff --git a/2011/CVE-2011-3374.md b/2011/CVE-2011-3374.md
index ad0ac59fa..817984825 100644
--- a/2011/CVE-2011-3374.md
+++ b/2011/CVE-2011-3374.md
@@ -36,6 +36,7 @@ No PoCs from references.
- https://github.com/garethr/snykout
- https://github.com/goharbor/pluggable-scanner-spec
- https://github.com/jnsgruk/trivy-cvss-tools
+- https://github.com/m-pasima/CI-CD-Security-image-scan
- https://github.com/mauraneh/WIK-DPS-TP02
- https://github.com/sharmapravin1001/Kubernetes-cks
- https://github.com/siddharthraopotukuchi/trivy
diff --git a/2011/CVE-2011-3389.md b/2011/CVE-2011-3389.md
index d4105dc7a..1eaff481c 100644
--- a/2011/CVE-2011-3389.md
+++ b/2011/CVE-2011-3389.md
@@ -40,6 +40,7 @@ The SSL protocol, as used in certain configurations in Microsoft Windows and Mic
- https://github.com/alexandrburyakov/Rep2
- https://github.com/alexgro1982/devops-netology
- https://github.com/bysart/devops-netology
+- https://github.com/catsploit/catsploit
- https://github.com/cdupuis/image-api
- https://github.com/daniel1302/litecoin
- https://github.com/dmitrii1312/03-sysadmin-09
diff --git a/2011/CVE-2011-3556.md b/2011/CVE-2011-3556.md
index bfaeaf426..2b080eaae 100644
--- a/2011/CVE-2011-3556.md
+++ b/2011/CVE-2011-3556.md
@@ -16,6 +16,7 @@ Unspecified vulnerability in the Java Runtime Environment component in Oracle Ja
#### Github
- https://github.com/20142995/Goby
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/HimmelAward/Goby_POC
- https://github.com/MelanyRoob/Goby
- https://github.com/Z0fhack/Goby_POC
diff --git a/2011/CVE-2011-3730.md b/2011/CVE-2011-3730.md
new file mode 100644
index 000000000..3c89ba8e4
--- /dev/null
+++ b/2011/CVE-2011-3730.md
@@ -0,0 +1,17 @@
+### [CVE-2011-3730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3730)
+
+
+
+
+### Description
+
+Drupal 7.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/simpletest/tests/upgrade/drupal-6.upload.database.php and certain other files.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/catsploit/catsploit
+
diff --git a/2011/CVE-2011-4461.md b/2011/CVE-2011-4461.md
index bc7e5d556..2be6c9c2e 100644
--- a/2011/CVE-2011-4461.md
+++ b/2011/CVE-2011-4461.md
@@ -18,5 +18,6 @@ Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without res
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/javirodriguezzz/Shodan-Browser
diff --git a/2011/CVE-2011-4969.md b/2011/CVE-2011-4969.md
index c220c5c46..951d796e9 100644
--- a/2011/CVE-2011-4969.md
+++ b/2011/CVE-2011-4969.md
@@ -14,6 +14,7 @@ Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using loca
#### Github
- https://github.com/FallibleInc/retirejslib
+- https://github.com/catsploit/catsploit
- https://github.com/ctcpip/jquery-security
- https://github.com/eliasgranderubio/4depcheck
diff --git a/2012/CVE-2012-0056.md b/2012/CVE-2012-0056.md
index 15aa65faa..e80131bdd 100644
--- a/2012/CVE-2012-0056.md
+++ b/2012/CVE-2012-0056.md
@@ -35,6 +35,7 @@ No PoCs from references.
- https://github.com/Elinpf/OSCP-survival-guide
- https://github.com/Feng4/linux-kernel-exploits
- https://github.com/Gajasurve/The-Security-Handbook
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/MLGBSec/os-survival
@@ -141,6 +142,7 @@ No PoCs from references.
- https://github.com/tranquac/Linux-Privilege-Escalation
- https://github.com/usamaelshazly/Linux-Privilege-Escalation
- https://github.com/whackmanic/OSCP_Found
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xcsrf/OSCP-PWK-Notes-Public
- https://github.com/xfinest/linux-kernel-exploits
diff --git a/2012/CVE-2012-0158.md b/2012/CVE-2012-0158.md
index d109c3ab5..d1688a387 100644
--- a/2012/CVE-2012-0158.md
+++ b/2012/CVE-2012-0158.md
@@ -28,6 +28,7 @@ The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX control
- https://github.com/amliaW4/amliaW4.github.io
- https://github.com/cnhouzi/APTNotes
- https://github.com/czq945659538/-study
+- https://github.com/fangdada/ctf
- https://github.com/havocykp/Vulnerability-analysis
- https://github.com/helloandrewpaul/Mandiant---APT
- https://github.com/houjingyi233/office-exploit-case-study
diff --git a/2012/CVE-2012-1823.md b/2012/CVE-2012-1823.md
index 3da90be41..5f6228956 100644
--- a/2012/CVE-2012-1823.md
+++ b/2012/CVE-2012-1823.md
@@ -38,9 +38,11 @@ No PoCs from references.
- https://github.com/Soundaryakambhampati/test-6
- https://github.com/Unix13/metasploitable2
- https://github.com/Vibragence/Dockersploit
+- https://github.com/XiangDongCJC/CVE-2024-4577-PHP-CGI-RCE
- https://github.com/ajread4/cve_pull
- https://github.com/alex14324/Eagel
- https://github.com/beched/libpywebhack
+- https://github.com/bl4cksku11/CVE-2024-4577
- https://github.com/cyberdeception/deepdig
- https://github.com/cyberharsh/PHP_CVE-2012-1823
- https://github.com/daai1/CVE-2012-1823
diff --git a/2012/CVE-2012-2098.md b/2012/CVE-2012-2098.md
index cdb8783c3..6cf3595eb 100644
--- a/2012/CVE-2012-2098.md
+++ b/2012/CVE-2012-2098.md
@@ -18,5 +18,6 @@ Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compress
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/BrunoBonacci/lein-binplus
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/markus-wa/clj-bin
diff --git a/2012/CVE-2012-2836.md b/2012/CVE-2012-2836.md
index 078116867..7bb8bcff5 100644
--- a/2012/CVE-2012-2836.md
+++ b/2012/CVE-2012-2836.md
@@ -15,5 +15,6 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/asur4s/fuzzing
+- https://github.com/ch1hyun/fuzzing-class
- https://github.com/chiehw/fuzzing
diff --git a/2012/CVE-2012-2982.md b/2012/CVE-2012-2982.md
index 2cd7ea1de..9b190bb1e 100644
--- a/2012/CVE-2012-2982.md
+++ b/2012/CVE-2012-2982.md
@@ -28,6 +28,7 @@ file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to e
- https://github.com/Mithlonde/Mithlonde
- https://github.com/OstojaOfficial/CVE-2012-2982
- https://github.com/R00tendo/CVE-2012-2982
+- https://github.com/Shadow-Spinner/CVE-2012-2982_python
- https://github.com/SlizBinksman/CVE_2012-2982
- https://github.com/Will-Banksy/My-Exploits
- https://github.com/alien-keric/webmin-v1.580-exploit
diff --git a/2012/CVE-2012-3174.md b/2012/CVE-2012-3174.md
index acb8f726c..4171ef8bd 100644
--- a/2012/CVE-2012-3174.md
+++ b/2012/CVE-2012-3174.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ferdinandmudjialim/metasploit-cve-search
+- https://github.com/tunnelcat/metasploit-cve-search
diff --git a/2012/CVE-2012-4929.md b/2012/CVE-2012-4929.md
index 4cd92716a..e33033a76 100644
--- a/2012/CVE-2012-4929.md
+++ b/2012/CVE-2012-4929.md
@@ -62,6 +62,7 @@ The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt,
- https://github.com/ilya-starchikov/devops-netology
- https://github.com/jselvi/docker-crime
- https://github.com/mohitrex7/Wap-Recon
+- https://github.com/mpgn/CRIME-poc
- https://github.com/nikolay480/devops-netology
- https://github.com/nkiselyov/devops-netology
- https://github.com/paroteen/SecurEagle
diff --git a/2012/CVE-2012-5321.md b/2012/CVE-2012-5321.md
index 70d40948e..d70c5b246 100644
--- a/2012/CVE-2012-5321.md
+++ b/2012/CVE-2012-5321.md
@@ -13,5 +13,5 @@ tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to
- http://st2tea.blogspot.com/2012/02/tiki-wiki-cms-groupware-frame-injection.html
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/Cappricio-Securities/CVE-2012-5321
diff --git a/2012/CVE-2012-6664.md b/2012/CVE-2012-6664.md
new file mode 100644
index 000000000..46f362ab2
--- /dev/null
+++ b/2012/CVE-2012-6664.md
@@ -0,0 +1,17 @@
+### [CVE-2012-6664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6664)
+
+
+
+
+### Description
+
+Multiple directory traversal vulnerabilities in the TFTP Server in Distinct Intranet Servers 3.10 and earlier allow remote attackers to read or write arbitrary files via a .. (dot dot) in the (1) get or (2) put commands.
+
+### POC
+
+#### Reference
+- https://www.exploit-db.com/exploits/41714
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2012/CVE-2012-6708.md b/2012/CVE-2012-6708.md
index 71a718a7c..e0c4844b6 100644
--- a/2012/CVE-2012-6708.md
+++ b/2012/CVE-2012-6708.md
@@ -17,6 +17,7 @@ jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQu
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/catdever/watchdog
+- https://github.com/catsploit/catsploit
- https://github.com/ctcpip/jquery-security
- https://github.com/flipkart-incubator/watchdog
- https://github.com/rohankumardubey/watchdog
diff --git a/2013/CVE-2013-0268.md b/2013/CVE-2013-0268.md
index ab2e2a766..b02aa84dd 100644
--- a/2013/CVE-2013-0268.md
+++ b/2013/CVE-2013-0268.md
@@ -19,6 +19,7 @@ No PoCs from references.
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2013/CVE-2013-1763.md b/2013/CVE-2013-1763.md
index 7fef43b91..8a8708040 100644
--- a/2013/CVE-2013-1763.md
+++ b/2013/CVE-2013-1763.md
@@ -21,6 +21,7 @@ Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
@@ -61,6 +62,7 @@ Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in
- https://github.com/rakjong/LinuxElevation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2013/CVE-2013-1768.md b/2013/CVE-2013-1768.md
index 0cf2a6162..68a8b312b 100644
--- a/2013/CVE-2013-1768.md
+++ b/2013/CVE-2013-1768.md
@@ -18,6 +18,7 @@ The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x befor
- https://github.com/BrittanyKuhn/javascript-tutorial
- https://github.com/CGCL-codes/PHunter
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
+- https://github.com/LibHunter/LibHunter
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/klausware/Java-Deserialization-Cheat-Sheet
- https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
diff --git a/2013/CVE-2013-1858.md b/2013/CVE-2013-1858.md
index 205197b7b..8f423f5ff 100644
--- a/2013/CVE-2013-1858.md
+++ b/2013/CVE-2013-1858.md
@@ -19,6 +19,7 @@ The clone system-call implementation in the Linux kernel before 3.8.3 does not p
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2013/CVE-2013-1959.md b/2013/CVE-2013-1959.md
index fbb27de16..5d29fc0c2 100644
--- a/2013/CVE-2013-1959.md
+++ b/2013/CVE-2013-1959.md
@@ -13,5 +13,6 @@ kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropria
- http://www.openwall.com/lists/oss-security/2013/04/29/1
#### Github
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
diff --git a/2013/CVE-2013-2094.md b/2013/CVE-2013-2094.md
index f894a6a49..491887725 100644
--- a/2013/CVE-2013-2094.md
+++ b/2013/CVE-2013-2094.md
@@ -25,6 +25,7 @@ The perf_swevent_init function in kernel/events/core.c in the Linux kernel befor
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/I-Prashanth-S/CybersecurityTIFAC
- https://github.com/IMCG/awesome-c
- https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
@@ -96,6 +97,7 @@ The perf_swevent_init function in kernel/events/core.c in the Linux kernel befor
- https://github.com/timhsutw/cve-2013-2094
- https://github.com/vnik5287/CVE-2013-2094
- https://github.com/weeka10/-hktalent-TOP
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2013/CVE-2013-6805.md b/2013/CVE-2013-6805.md
index 9b3ade0e4..9a92fe18a 100644
--- a/2013/CVE-2013-6805.md
+++ b/2013/CVE-2013-6805.md
@@ -13,4 +13,5 @@ OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, which makes
- https://github.com/koto/exceed-mitm
#### Github
+- https://github.com/koto/exceed-mitm
diff --git a/2013/CVE-2013-6806.md b/2013/CVE-2013-6806.md
index b82c1bfa6..7eb13a400 100644
--- a/2013/CVE-2013-6806.md
+++ b/2013/CVE-2013-6806.md
@@ -13,4 +13,5 @@ OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to disable b
- https://github.com/koto/exceed-mitm
#### Github
+- https://github.com/koto/exceed-mitm
diff --git a/2013/CVE-2013-6807.md b/2013/CVE-2013-6807.md
index d0430969a..c992aa945 100644
--- a/2013/CVE-2013-6807.md
+++ b/2013/CVE-2013-6807.md
@@ -13,4 +13,5 @@ The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by def
- https://github.com/koto/exceed-mitm
#### Github
+- https://github.com/koto/exceed-mitm
diff --git a/2013/CVE-2013-7285.md b/2013/CVE-2013-7285.md
index bf85bfa30..b88fa7bf0 100644
--- a/2013/CVE-2013-7285.md
+++ b/2013/CVE-2013-7285.md
@@ -17,6 +17,7 @@ Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework h
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/Live-Hack-CVE/CVE-2019-10173
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/Whoopsunix/PPPVULNS
diff --git a/2014/CVE-2014-0038.md b/2014/CVE-2014-0038.md
index 31a7ee801..37ba9b5ac 100644
--- a/2014/CVE-2014-0038.md
+++ b/2014/CVE-2014-0038.md
@@ -24,6 +24,7 @@ The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
- https://github.com/GhostTroops/TOP
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/IMCG/awesome-c
- https://github.com/JERRY123S/all-poc
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -77,6 +78,7 @@ The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/sujayadkesar/Linux-Privilege-Escalation
- https://github.com/weeka10/-hktalent-TOP
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2014/CVE-2014-0193.md b/2014/CVE-2014-0193.md
index d1940a384..3964756fe 100644
--- a/2014/CVE-2014-0193.md
+++ b/2014/CVE-2014-0193.md
@@ -15,5 +15,6 @@ No PoCs from references.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/ian4hu/super-pom
diff --git a/2014/CVE-2014-0196.md b/2014/CVE-2014-0196.md
index e9335fc62..adc2cf965 100644
--- a/2014/CVE-2014-0196.md
+++ b/2014/CVE-2014-0196.md
@@ -22,6 +22,7 @@ The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/Ostorlab/KEV
@@ -70,6 +71,7 @@ The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tangsilian/android-vuln
- https://github.com/tempbottle/CVE-2014-0196
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2014/CVE-2014-125093.md b/2014/CVE-2014-125093.md
new file mode 100644
index 000000000..251e7b30c
--- /dev/null
+++ b/2014/CVE-2014-125093.md
@@ -0,0 +1,17 @@
+### [CVE-2014-125093](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-125093)
+
+
+
+
+### Description
+
+A vulnerability has been found in Ad Blocking Detector Plugin up to 1.2.1 on WordPress and classified as problematic. This vulnerability affects unknown code of the file ad-blocking-detector.php. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to version 1.2.2 is able to address this issue. The patch is identified as 3312b9cd79e5710d1e282fc9216a4e5ab31b3d94. It is recommended to upgrade the affected component. VDB-222610 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.222610
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2014/CVE-2014-2851.md b/2014/CVE-2014-2851.md
index 15cbc6bff..f58000842 100644
--- a/2014/CVE-2014-2851.md
+++ b/2014/CVE-2014-2851.md
@@ -30,5 +30,6 @@ No PoCs from references.
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/thomaxxl/group_info
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2014/CVE-2014-3153.md b/2014/CVE-2014-3153.md
index 035a31fb5..230df7617 100644
--- a/2014/CVE-2014-3153.md
+++ b/2014/CVE-2014-3153.md
@@ -23,6 +23,7 @@ No PoCs from references.
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
- https://github.com/GhostTroops/TOP
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/I-Prashanth-S/CybersecurityTIFAC
- https://github.com/IMCG/awesome-c
- https://github.com/JERRY123S/all-poc
@@ -94,6 +95,7 @@ No PoCs from references.
- https://github.com/timwr/CVE-2014-3153
- https://github.com/tymat/android_futex_root
- https://github.com/weeka10/-hktalent-TOP
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2014/CVE-2014-3488.md b/2014/CVE-2014-3488.md
index 212c9fb01..9ba94960c 100644
--- a/2014/CVE-2014-3488.md
+++ b/2014/CVE-2014-3488.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/cezapata/appconfiguration-sample
- https://github.com/ian4hu/super-pom
diff --git a/2014/CVE-2014-3566.md b/2014/CVE-2014-3566.md
index 29ca84753..c5993f7df 100644
--- a/2014/CVE-2014-3566.md
+++ b/2014/CVE-2014-3566.md
@@ -95,6 +95,7 @@ The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses
- https://github.com/mawinkler/c1-ws-ansible
- https://github.com/mikemackintosh/ruby-qualys
- https://github.com/mikesplain/CVE-2014-3566-poodle-cookbook
+- https://github.com/mpgn/poodle-PoC
- https://github.com/n13l/measurements
- https://github.com/neominds/ric13351
- https://github.com/nikolay480/devops-netology
diff --git a/2014/CVE-2014-3577.md b/2014/CVE-2014-3577.md
index 2c9c67876..a1408bcbe 100644
--- a/2014/CVE-2014-3577.md
+++ b/2014/CVE-2014-3577.md
@@ -18,6 +18,7 @@ org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient be
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/albfernandez/commons-httpclient-3
- https://github.com/argon-gh-demo/clojure-sample
- https://github.com/rm-hull/nvd-clojure
diff --git a/2014/CVE-2014-3704.md b/2014/CVE-2014-3704.md
index becd81193..1e205068b 100644
--- a/2014/CVE-2014-3704.md
+++ b/2014/CVE-2014-3704.md
@@ -39,6 +39,7 @@ The expandArguments function in the database abstraction API in Drupal core 7.x
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/Z0fhack/Goby_POC
- https://github.com/bakery312/Vulhub-Reproduce
+- https://github.com/catsploit/catsploit
- https://github.com/enomothem/PenTestNote
- https://github.com/happynote3966/CVE-2014-3704
- https://github.com/hxysaury/saury-vulnhub
diff --git a/2014/CVE-2014-3791.md b/2014/CVE-2014-3791.md
index d137d1b1e..a4275a7d0 100644
--- a/2014/CVE-2014-3791.md
+++ b/2014/CVE-2014-3791.md
@@ -16,5 +16,6 @@ Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows rem
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/Parist0nH1ll/Vulnerabilities-Write-Ups
+- https://github.com/fangdada/ctf
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2014/CVE-2014-4014.md b/2014/CVE-2014-4014.md
index 6c6322f49..518daa452 100644
--- a/2014/CVE-2014-4014.md
+++ b/2014/CVE-2014-4014.md
@@ -19,6 +19,7 @@ The capabilities implementation in the Linux kernel before 3.14.8 does not prope
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
@@ -60,6 +61,7 @@ The capabilities implementation in the Linux kernel before 3.14.8 does not prope
- https://github.com/spencerdodd/kernelpop
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/vnik5287/cve-2014-4014-privesc
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2014/CVE-2014-4322.md b/2014/CVE-2014-4322.md
index 937d5edd2..d29ae43ea 100644
--- a/2014/CVE-2014-4322.md
+++ b/2014/CVE-2014-4322.md
@@ -47,5 +47,6 @@ No PoCs from references.
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tangsilian/android-vuln
- https://github.com/weeka10/-hktalent-TOP
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2014/CVE-2014-4699.md b/2014/CVE-2014-4699.md
index fe65e0454..38716a4e9 100644
--- a/2014/CVE-2014-4699.md
+++ b/2014/CVE-2014-4699.md
@@ -23,6 +23,7 @@ The Linux kernel before 3.15.4 on Intel processors does not properly restrict us
- https://github.com/C0dak/local-root-exploit-
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
@@ -66,6 +67,7 @@ The Linux kernel before 3.15.4 on Intel processors does not properly restrict us
- https://github.com/spencerdodd/kernelpop
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/vnik5287/cve-2014-4699-ptrace
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xfinest/linux-kernel-exploits
- https://github.com/xssfile/linux-kernel-exploits
diff --git a/2014/CVE-2014-4943.md b/2014/CVE-2014-4943.md
index ed339b3bd..255a09cee 100644
--- a/2014/CVE-2014-4943.md
+++ b/2014/CVE-2014-4943.md
@@ -28,5 +28,6 @@ The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 a
- https://github.com/redes-2015/l2tp-socket-bug
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2014/CVE-2014-5329.md b/2014/CVE-2014-5329.md
index 83fd10d46..8cd6f352d 100644
--- a/2014/CVE-2014-5329.md
+++ b/2014/CVE-2014-5329.md
@@ -8,8 +8,7 @@
### Description
-GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation.
-8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition.
+GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation.
8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition.
### POC
diff --git a/2014/CVE-2014-5470.md b/2014/CVE-2014-5470.md
new file mode 100644
index 000000000..ca33617d4
--- /dev/null
+++ b/2014/CVE-2014-5470.md
@@ -0,0 +1,17 @@
+### [CVE-2014-5470](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5470)
+
+
+
+
+### Description
+
+Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation.
+
+### POC
+
+#### Reference
+- https://www.exploit-db.com/exploits/35549
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2014/CVE-2014-9322.md b/2014/CVE-2014-9322.md
index c3635414f..a9c406db9 100644
--- a/2014/CVE-2014-9322.md
+++ b/2014/CVE-2014-9322.md
@@ -15,6 +15,7 @@ arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly h
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Flerov/WindowsExploitDev
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/R0B1NL1N/linux-kernel-exploitation
- https://github.com/RKX1209/CVE-2014-9322
@@ -34,5 +35,6 @@ arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly h
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tangsilian/android-vuln
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2014/CVE-2014-9418.md b/2014/CVE-2014-9418.md
index a4e61ab8a..441f844b2 100644
--- a/2014/CVE-2014-9418.md
+++ b/2014/CVE-2014-9418.md
@@ -13,5 +13,6 @@ The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Deskt
- http://packetstormsecurity.com/files/152968/Huawei-eSpace-1.1.11.103-Meeting-Heap-Overflow.html
#### Github
+- https://github.com/javierparadadev/python-value-objects
- https://github.com/jparadadev/python-value-objects
diff --git a/2015/CVE-2015-0204.md b/2015/CVE-2015-0204.md
index 64555a8d1..68ffab384 100644
--- a/2015/CVE-2015-0204.md
+++ b/2015/CVE-2015-0204.md
@@ -49,6 +49,7 @@ The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0
- https://github.com/anthophilee/A2SV--SSL-VUL-Scan
- https://github.com/bysart/devops-netology
- https://github.com/camel-clarkson/non-controlflow-hijacking-datasets
+- https://github.com/catsploit/catsploit
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/clic-kbait/A2SV--SSL-VUL-Scan
- https://github.com/clino-mania/A2SV--SSL-VUL-Scan
diff --git a/2015/CVE-2015-0568.md b/2015/CVE-2015-0568.md
index 02332843a..d918dbe9e 100644
--- a/2015/CVE-2015-0568.md
+++ b/2015/CVE-2015-0568.md
@@ -25,5 +25,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2015/CVE-2015-0570.md b/2015/CVE-2015-0570.md
index 99007b01b..fc4add973 100644
--- a/2015/CVE-2015-0570.md
+++ b/2015/CVE-2015-0570.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2015/CVE-2015-1328.md b/2015/CVE-2015-1328.md
index a7f1abaab..6bb25624d 100644
--- a/2015/CVE-2015-1328.md
+++ b/2015/CVE-2015-1328.md
@@ -23,6 +23,7 @@ The overlayfs implementation in the linux (aka Linux kernel) package before 3.19
- https://github.com/DarkenCode/PoC
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
diff --git a/2015/CVE-2015-1805.md b/2015/CVE-2015-1805.md
index fa170ebbf..bec7f458f 100644
--- a/2015/CVE-2015-1805.md
+++ b/2015/CVE-2015-1805.md
@@ -48,5 +48,6 @@ The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux k
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tangsilian/android-vuln
- https://github.com/weeka10/-hktalent-TOP
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2015/CVE-2015-1833.md b/2015/CVE-2015-1833.md
index 2caabd9d8..e52f5bda9 100644
--- a/2015/CVE-2015-1833.md
+++ b/2015/CVE-2015-1833.md
@@ -18,6 +18,7 @@ XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/Raz0r/aemscan
- https://github.com/TheRipperJhon/AEMVS
- https://github.com/amarnathadapa-sec/aem
diff --git a/2015/CVE-2015-2080.md b/2015/CVE-2015-2080.md
index 85360f0fb..9e1056b4b 100644
--- a/2015/CVE-2015-2080.md
+++ b/2015/CVE-2015-2080.md
@@ -22,6 +22,7 @@ The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remot
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/Elsfa7-110/kenzer-templates
+- https://github.com/LibHunter/LibHunter
- https://github.com/albinowax/ActiveScanPlusPlus
- https://github.com/cranelab/webapp-tech
- https://github.com/ilmila/J2EEScan
diff --git a/2015/CVE-2015-2156.md b/2015/CVE-2015-2156.md
index 6db1dd3da..9d9db23f9 100644
--- a/2015/CVE-2015-2156.md
+++ b/2015/CVE-2015-2156.md
@@ -16,5 +16,6 @@ Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final,
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/cezapata/appconfiguration-sample
diff --git a/2015/CVE-2015-3253.md b/2015/CVE-2015-3253.md
index a95f99d13..bce7f1a33 100644
--- a/2015/CVE-2015-3253.md
+++ b/2015/CVE-2015-3253.md
@@ -29,6 +29,7 @@ The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 thr
- https://github.com/CodeIntelligenceTesting/java-demo
- https://github.com/CodeIntelligenceTesting/java-demo-old
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
+- https://github.com/LibHunter/LibHunter
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/TheGrinch/elastic
- https://github.com/angelwhu/XStream_unserialization
diff --git a/2015/CVE-2015-3636.md b/2015/CVE-2015-3636.md
index a7342aa59..5e36db49d 100644
--- a/2015/CVE-2015-3636.md
+++ b/2015/CVE-2015-3636.md
@@ -49,5 +49,6 @@ The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 doe
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tangsilian/android-vuln
- https://github.com/weeka10/-hktalent-TOP
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2015/CVE-2015-5256.md b/2015/CVE-2015-5256.md
index 01863d307..039d9778b 100644
--- a/2015/CVE-2015-5256.md
+++ b/2015/CVE-2015-5256.md
@@ -15,4 +15,5 @@ Apache Cordova-Android before 4.1.0, when an application relies on a remote serv
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2015/CVE-2015-5262.md b/2015/CVE-2015-5262.md
index 3a529b358..ef7e9de0c 100644
--- a/2015/CVE-2015-5262.md
+++ b/2015/CVE-2015-5262.md
@@ -17,6 +17,7 @@ http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClien
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/albfernandez/commons-httpclient-3
- https://github.com/argon-gh-demo/clojure-sample
- https://github.com/dotanuki-labs/android-oss-cves-research
diff --git a/2015/CVE-2015-6644.md b/2015/CVE-2015-6644.md
index 80b7071b1..8d88e0527 100644
--- a/2015/CVE-2015-6644.md
+++ b/2015/CVE-2015-6644.md
@@ -17,6 +17,7 @@ No PoCs from references.
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/brianhigh/us-cert-bulletins
- https://github.com/pctF/vulnerable-app
diff --git a/2015/CVE-2015-6748.md b/2015/CVE-2015-6748.md
index 9dcab375f..ee08bb745 100644
--- a/2015/CVE-2015-6748.md
+++ b/2015/CVE-2015-6748.md
@@ -16,5 +16,6 @@ Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/epicosy/VUL4J-59
diff --git a/2015/CVE-2015-6925.md b/2015/CVE-2015-6925.md
index af378dc3e..8b79788f5 100644
--- a/2015/CVE-2015-6925.md
+++ b/2015/CVE-2015-6925.md
@@ -14,6 +14,7 @@ wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/IAIK/wolfSSL-DoS
- https://github.com/MrE-Fog/wolfSSL-DoS
- https://github.com/MrE-Fog/wolfSSL-DoS3
diff --git a/2015/CVE-2015-8320.md b/2015/CVE-2015-8320.md
index 0b58a08a0..be3a11657 100644
--- a/2015/CVE-2015-8320.md
+++ b/2015/CVE-2015-8320.md
@@ -15,4 +15,5 @@ Apache Cordova-Android before 3.7.0 improperly generates random values for Bridg
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2015/CVE-2015-8399.md b/2015/CVE-2015-8399.md
index 60f663b63..b97a0240a 100644
--- a/2015/CVE-2015-8399.md
+++ b/2015/CVE-2015-8399.md
@@ -20,5 +20,6 @@ Atlassian Confluence before 5.8.17 allows remote authenticated users to read con
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/HimmelAward/Goby_POC
- https://github.com/Z0fhack/Goby_POC
+- https://github.com/enomothem/PenTestNote
- https://github.com/jweny/pocassistdb
diff --git a/2015/CVE-2015-8550.md b/2015/CVE-2015-8550.md
index c62292059..84c1fae43 100644
--- a/2015/CVE-2015-8550.md
+++ b/2015/CVE-2015-8550.md
@@ -14,6 +14,7 @@ Xen, when used on a system providing PV backends, allows local guest OS administ
#### Github
- https://github.com/Al1ex/LinuxEelvation
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/bsauce/kernel-exploit-factory
- https://github.com/jfbastien/no-sane-compiler
diff --git a/2015/CVE-2015-8660.md b/2015/CVE-2015-8660.md
index 73f6d07f0..ad62a57ab 100644
--- a/2015/CVE-2015-8660.md
+++ b/2015/CVE-2015-8660.md
@@ -19,6 +19,7 @@ The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Live-Hack-CVE/CVE-2015-8660
- https://github.com/chorankates/Irked
diff --git a/2016/CVE-2016-0701.md b/2016/CVE-2016-0701.md
index ba759d501..0885c8d33 100644
--- a/2016/CVE-2016-0701.md
+++ b/2016/CVE-2016-0701.md
@@ -25,6 +25,7 @@ The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.
- https://github.com/RClueX/Hackerone-Reports
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/erwinchang/utility-library
+- https://github.com/forget-eve/NSP
- https://github.com/imhunterand/hackerone-publicy-disclosed
- https://github.com/luanjampa/cve-2016-0701
diff --git a/2016/CVE-2016-0728.md b/2016/CVE-2016-0728.md
index 75f37effe..763ae5cdd 100644
--- a/2016/CVE-2016-0728.md
+++ b/2016/CVE-2016-0728.md
@@ -25,6 +25,7 @@ The join_session_keyring function in security/keys/process_keys.c in the Linux k
- https://github.com/De30/zabbix_community-templates
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Michael-Git-Web/templateszbx
- https://github.com/Micr067/linux-kernel-exploits
@@ -95,6 +96,7 @@ The join_session_keyring function in security/keys/process_keys.c in the Linux k
- https://github.com/th30d00r/Linux-Vulnerability-CVE-2016-0728-and-Exploit
- https://github.com/tndud042713/cve
- https://github.com/whiteHat001/Kernel-Security
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xfinest/linux-kernel-exploits
diff --git a/2016/CVE-2016-0819.md b/2016/CVE-2016-0819.md
index 840ddea35..2cc6978b2 100644
--- a/2016/CVE-2016-0819.md
+++ b/2016/CVE-2016-0819.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-0820.md b/2016/CVE-2016-0820.md
index ac0475b27..8436b1a82 100644
--- a/2016/CVE-2016-0820.md
+++ b/2016/CVE-2016-0820.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-1000339.md b/2016/CVE-2016-1000339.md
index 8effbb012..2f60bb274 100644
--- a/2016/CVE-2016-1000339.md
+++ b/2016/CVE-2016-1000339.md
@@ -17,6 +17,7 @@ In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine cl
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/pctF/vulnerable-app
- https://github.com/wolpert/crypto
diff --git a/2016/CVE-2016-1000341.md b/2016/CVE-2016-1000341.md
index 5760804bb..e618c8203 100644
--- a/2016/CVE-2016-1000341.md
+++ b/2016/CVE-2016-1000341.md
@@ -17,5 +17,6 @@ In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generat
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/pctF/vulnerable-app
diff --git a/2016/CVE-2016-1000342.md b/2016/CVE-2016-1000342.md
index 2a8ee8695..1bbf0c713 100644
--- a/2016/CVE-2016-1000342.md
+++ b/2016/CVE-2016-1000342.md
@@ -17,5 +17,6 @@ In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/pctF/vulnerable-app
diff --git a/2016/CVE-2016-1000343.md b/2016/CVE-2016-1000343.md
index 4bd44a5b8..15132cf37 100644
--- a/2016/CVE-2016-1000343.md
+++ b/2016/CVE-2016-1000343.md
@@ -18,5 +18,6 @@ In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair gene
- https://github.com/CGCL-codes/PHunter
- https://github.com/CyberSource/cybersource-sdk-java
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/pctF/vulnerable-app
diff --git a/2016/CVE-2016-1000344.md b/2016/CVE-2016-1000344.md
index 327838134..fc483ae6b 100644
--- a/2016/CVE-2016-1000344.md
+++ b/2016/CVE-2016-1000344.md
@@ -18,5 +18,6 @@ In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementat
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/pctF/vulnerable-app
diff --git a/2016/CVE-2016-1000345.md b/2016/CVE-2016-1000345.md
index 5a256786c..34c967f09 100644
--- a/2016/CVE-2016-1000345.md
+++ b/2016/CVE-2016-1000345.md
@@ -17,5 +17,6 @@ In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC m
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/pctF/vulnerable-app
diff --git a/2016/CVE-2016-1000346.md b/2016/CVE-2016-1000346.md
index 2cea80f66..4f85881df 100644
--- a/2016/CVE-2016-1000346.md
+++ b/2016/CVE-2016-1000346.md
@@ -17,5 +17,6 @@ In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH pu
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/pctF/vulnerable-app
diff --git a/2016/CVE-2016-1000352.md b/2016/CVE-2016-1000352.md
index f8840f9f4..4c64d1301 100644
--- a/2016/CVE-2016-1000352.md
+++ b/2016/CVE-2016-1000352.md
@@ -18,5 +18,6 @@ In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementat
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/pctF/vulnerable-app
diff --git a/2016/CVE-2016-10027.md b/2016/CVE-2016-10027.md
index 2b3244fc8..6b0d045ed 100644
--- a/2016/CVE-2016-10027.md
+++ b/2016/CVE-2016-10027.md
@@ -15,5 +15,6 @@ Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/tintinweb/striptls
diff --git a/2016/CVE-2016-10033.md b/2016/CVE-2016-10033.md
index f5fa3a4bb..0bda1481c 100644
--- a/2016/CVE-2016-10033.md
+++ b/2016/CVE-2016-10033.md
@@ -201,6 +201,7 @@ The mailSend function in the isMail transport in PHPMailer before 5.2.18 might a
- https://github.com/sliani/PHPMailer-File-Attachments-FTP-to-Mail
- https://github.com/superfish9/pt
- https://github.com/supreethsk/rental
+- https://github.com/sweta-web/Online-Registration-System
- https://github.com/trganda/dockerv
- https://github.com/tvirus-01/PHP_mail
- https://github.com/vaartjesd/test
diff --git a/2016/CVE-2016-10045.md b/2016/CVE-2016-10045.md
index 4791c48db..7d7ecd667 100644
--- a/2016/CVE-2016-10045.md
+++ b/2016/CVE-2016-10045.md
@@ -144,6 +144,7 @@ The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to
- https://github.com/sccontroltotal/phpmailer
- https://github.com/sliani/PHPMailer-File-Attachments-FTP-to-Mail
- https://github.com/supreethsk/rental
+- https://github.com/sweta-web/Online-Registration-System
- https://github.com/tvirus-01/PHP_mail
- https://github.com/vaartjesd/test
- https://github.com/vatann07/BloodConnect
diff --git a/2016/CVE-2016-10134.md b/2016/CVE-2016-10134.md
index 893428688..15b3f1a14 100644
--- a/2016/CVE-2016-10134.md
+++ b/2016/CVE-2016-10134.md
@@ -21,6 +21,7 @@ SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Awrrays/FrameVul
+- https://github.com/CLincat/vulcat
- https://github.com/HimmelAward/Goby_POC
- https://github.com/SexyBeast233/SecBooks
- https://github.com/TesterCC/exp_poc_library
diff --git a/2016/CVE-2016-10277.md b/2016/CVE-2016-10277.md
index 28ab4a49f..df4e68623 100644
--- a/2016/CVE-2016-10277.md
+++ b/2016/CVE-2016-10277.md
@@ -32,6 +32,7 @@ An elevation of privilege vulnerability in the Motorola bootloader could enable
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2016/CVE-2016-10728.md b/2016/CVE-2016-10728.md
index f157598d9..0506c7946 100644
--- a/2016/CVE-2016-10728.md
+++ b/2016/CVE-2016-10728.md
@@ -13,4 +13,5 @@ An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is r
- https://github.com/kirillwow/ids_bypass
#### Github
+- https://github.com/kirillwow/ids_bypass
diff --git a/2016/CVE-2016-1247.md b/2016/CVE-2016-1247.md
index 3fb266ba6..39ec32810 100644
--- a/2016/CVE-2016-1247.md
+++ b/2016/CVE-2016-1247.md
@@ -27,6 +27,7 @@ The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages bef
- https://github.com/hungslab/awd-tools
- https://github.com/lukeber4/usn-search
- https://github.com/notnue/Linux-Privilege-Escalation
+- https://github.com/redcountryroad/OSCP-shortsheet
- https://github.com/superfish9/pt
- https://github.com/txuswashere/Pentesting-Linux
- https://github.com/woods-sega/woodswiki
diff --git a/2016/CVE-2016-1583.md b/2016/CVE-2016-1583.md
index 06613b744..4047807cf 100644
--- a/2016/CVE-2016-1583.md
+++ b/2016/CVE-2016-1583.md
@@ -32,5 +32,6 @@ The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kern
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-2004.md b/2016/CVE-2016-2004.md
index 3856cbe83..489cb14ac 100644
--- a/2016/CVE-2016-2004.md
+++ b/2016/CVE-2016-2004.md
@@ -20,4 +20,6 @@ HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow r
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/CVEDB/awesome-cve-repo
+- https://github.com/marcocarolasec/CVE-2016-2004-Exploit
diff --git a/2016/CVE-2016-2059.md b/2016/CVE-2016-2059.md
index 1e5324663..3aae104e9 100644
--- a/2016/CVE-2016-2059.md
+++ b/2016/CVE-2016-2059.md
@@ -24,5 +24,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-2175.md b/2016/CVE-2016-2175.md
index 1dd2f03cd..c01762375 100644
--- a/2016/CVE-2016-2175.md
+++ b/2016/CVE-2016-2175.md
@@ -17,4 +17,5 @@ Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize th
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2016/CVE-2016-2183.md b/2016/CVE-2016-2183.md
index 97b04ef86..e6b1c1de8 100644
--- a/2016/CVE-2016-2183.md
+++ b/2016/CVE-2016-2183.md
@@ -51,6 +51,7 @@ The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and
- https://github.com/aous-al-salek/crypto
- https://github.com/biswajitde/dsm_ips
- https://github.com/bysart/devops-netology
+- https://github.com/catsploit/catsploit
- https://github.com/dmitrii1312/03-sysadmin-09
- https://github.com/gabrieljcs/ips-assessment-reports
- https://github.com/geon071/netolofy_12
diff --git a/2016/CVE-2016-2334.md b/2016/CVE-2016-2334.md
index 7ce0df891..39366e29a 100644
--- a/2016/CVE-2016-2334.md
+++ b/2016/CVE-2016-2334.md
@@ -13,6 +13,7 @@ Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile meth
- http://blog.talosintelligence.com/2017/11/exploiting-cve-2016-2334.html
#### Github
+- https://github.com/ch1hyun/fuzzing-class
- https://github.com/icewall/CVE-2016-2334
- https://github.com/integeruser/on-pwning
- https://github.com/litneet64/containerized-bomb-disposal
diff --git a/2016/CVE-2016-2384.md b/2016/CVE-2016-2384.md
index 989c90f5c..ff3a231f4 100644
--- a/2016/CVE-2016-2384.md
+++ b/2016/CVE-2016-2384.md
@@ -24,6 +24,7 @@ Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
- https://github.com/HackOvert/awesome-bugs
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
@@ -66,6 +67,7 @@ Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/spencerdodd/kernelpop
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/kernel-exploits
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2016/CVE-2016-2386.md b/2016/CVE-2016-2386.md
index 56025225a..492fead78 100644
--- a/2016/CVE-2016-2386.md
+++ b/2016/CVE-2016-2386.md
@@ -24,5 +24,6 @@ SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40
- https://github.com/lnick2023/nicenice
- https://github.com/murataydemir/CVE-2016-2386
- https://github.com/qazbnm456/awesome-cve-poc
+- https://github.com/vah13/SAP_exploit
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2016/CVE-2016-2411.md b/2016/CVE-2016-2411.md
index 268c53b26..56ca2c792 100644
--- a/2016/CVE-2016-2411.md
+++ b/2016/CVE-2016-2411.md
@@ -28,5 +28,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-2434.md b/2016/CVE-2016-2434.md
index c36b6d244..0255cd10f 100644
--- a/2016/CVE-2016-2434.md
+++ b/2016/CVE-2016-2434.md
@@ -42,5 +42,6 @@ No PoCs from references.
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tangsilian/android-vuln
- https://github.com/weeka10/-hktalent-TOP
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-2435.md b/2016/CVE-2016-2435.md
index f9993abfd..639f7a7a2 100644
--- a/2016/CVE-2016-2435.md
+++ b/2016/CVE-2016-2435.md
@@ -28,5 +28,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-2475.md b/2016/CVE-2016-2475.md
index ea67af0cc..3f1a9e362 100644
--- a/2016/CVE-2016-2475.md
+++ b/2016/CVE-2016-2475.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-2503.md b/2016/CVE-2016-2503.md
index f5b3c6a71..af3415122 100644
--- a/2016/CVE-2016-2503.md
+++ b/2016/CVE-2016-2503.md
@@ -24,5 +24,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-2781.md b/2016/CVE-2016-2781.md
index 725c1ae68..08d9c6052 100644
--- a/2016/CVE-2016-2781.md
+++ b/2016/CVE-2016-2781.md
@@ -44,6 +44,7 @@ No PoCs from references.
- https://github.com/hartwork/antijack
- https://github.com/khulnasoft-lab/vulnlist
- https://github.com/khulnasoft-labs/griffon
+- https://github.com/m-pasima/CI-CD-Security-image-scan
- https://github.com/metapull/attackfinder
- https://github.com/nedenwalker/spring-boot-app-using-gradle
- https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln
diff --git a/2016/CVE-2016-3720.md b/2016/CVE-2016-3720.md
index 3a1d70cf4..fefd7b1d5 100644
--- a/2016/CVE-2016-3720.md
+++ b/2016/CVE-2016-3720.md
@@ -17,6 +17,7 @@ No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/argon-gh-demo/clojure-sample
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/gitrobtest/Java-Security
diff --git a/2016/CVE-2016-3857.md b/2016/CVE-2016-3857.md
index 25f286994..950de5933 100644
--- a/2016/CVE-2016-3857.md
+++ b/2016/CVE-2016-3857.md
@@ -28,5 +28,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-3873.md b/2016/CVE-2016-3873.md
index 83bc7c9a6..9acac13c8 100644
--- a/2016/CVE-2016-3873.md
+++ b/2016/CVE-2016-3873.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-4557.md b/2016/CVE-2016-4557.md
index 4a4dead1b..a50a32cc5 100644
--- a/2016/CVE-2016-4557.md
+++ b/2016/CVE-2016-4557.md
@@ -14,6 +14,7 @@ The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux k
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/chreniuc/CTF
- https://github.com/dylandreimerink/gobpfld
diff --git a/2016/CVE-2016-4800.md b/2016/CVE-2016-4800.md
index 912fa273d..b475e74f2 100644
--- a/2016/CVE-2016-4800.md
+++ b/2016/CVE-2016-4800.md
@@ -16,5 +16,6 @@ The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x be
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/saidramirezh/Elvis-DAM
diff --git a/2016/CVE-2016-4970.md b/2016/CVE-2016-4970.md
index 5dee74848..4e049fe98 100644
--- a/2016/CVE-2016-4970.md
+++ b/2016/CVE-2016-4970.md
@@ -16,6 +16,7 @@ No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/eliasgranderubio/4depcheck
diff --git a/2016/CVE-2016-4994.md b/2016/CVE-2016-4994.md
new file mode 100644
index 000000000..9961e81e8
--- /dev/null
+++ b/2016/CVE-2016-4994.md
@@ -0,0 +1,17 @@
+### [CVE-2016-4994](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994)
+
+
+
+
+### Description
+
+Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ch1hyun/fuzzing-class
+
diff --git a/2016/CVE-2016-4997.md b/2016/CVE-2016-4997.md
index 24476f62c..3649b3fc9 100644
--- a/2016/CVE-2016-4997.md
+++ b/2016/CVE-2016-4997.md
@@ -16,5 +16,6 @@ The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations
- https://www.exploit-db.com/exploits/40489/
#### Github
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
diff --git a/2016/CVE-2016-5195.md b/2016/CVE-2016-5195.md
index a5c3e530a..b4b4b0aa1 100644
--- a/2016/CVE-2016-5195.md
+++ b/2016/CVE-2016-5195.md
@@ -29,6 +29,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo
- https://www.exploit-db.com/exploits/40847/
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/0xS3rgI0/OSCP
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xZipp0/OSCP
@@ -89,6 +90,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo
- https://github.com/GhostTroops/TOP
- https://github.com/GiorgosXou/Our-Xiaomi-Redmi-5A-riva-debloating-list
- https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/Hellnino18/ansible-dirty-cow
- https://github.com/Hellnino18/ansible-dirty-cow-2
- https://github.com/Hetti/PoC-Exploitchain-GS-VBox-DirtyCow-
@@ -404,6 +406,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo
- https://github.com/whackmanic/OSCP_Found
- https://github.com/whitephone/farm-root
- https://github.com/whu-enjoy/CVE-2016-5195
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/www-glasswall-nl/UT-DirtyCow
- https://github.com/x90hack/vulnerabilty_lab
- https://github.com/xXxhagenxXx/OSCP_Cheat_sheet
diff --git a/2016/CVE-2016-5340.md b/2016/CVE-2016-5340.md
index a203ee1fd..db399209f 100644
--- a/2016/CVE-2016-5340.md
+++ b/2016/CVE-2016-5340.md
@@ -24,5 +24,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-5425.md b/2016/CVE-2016-5425.md
index de0a11469..df67eedf9 100644
--- a/2016/CVE-2016-5425.md
+++ b/2016/CVE-2016-5425.md
@@ -19,4 +19,5 @@ The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/starnightcyber/vul-info-collect
+- https://github.com/versio-io/product-lifecycle-security-api
diff --git a/2016/CVE-2016-5696.md b/2016/CVE-2016-5696.md
index f02ff38e2..acc880935 100644
--- a/2016/CVE-2016-5696.md
+++ b/2016/CVE-2016-5696.md
@@ -19,6 +19,7 @@ net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/GhostTroops/TOP
+- https://github.com/Gnoxter/mountain_goat
- https://github.com/Subbuleo23/Cyberphantom
- https://github.com/ambynotcoder/C-libraries
- https://github.com/bplinux/chackd
diff --git a/2016/CVE-2016-6187.md b/2016/CVE-2016-6187.md
index 8f69c8fe4..6c1462a19 100644
--- a/2016/CVE-2016-6187.md
+++ b/2016/CVE-2016-6187.md
@@ -34,5 +34,6 @@ No PoCs from references.
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/vnik5287/cve-2016-6187-poc
- https://github.com/whiteHat001/Kernel-Security
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-6195.md b/2016/CVE-2016-6195.md
index e47e12c82..69b65c8ba 100644
--- a/2016/CVE-2016-6195.md
+++ b/2016/CVE-2016-6195.md
@@ -16,4 +16,5 @@ SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/TooLaidBack/vbchecker
+- https://github.com/drewlong/vbully
diff --git a/2016/CVE-2016-6271.md b/2016/CVE-2016-6271.md
index 264e2eb71..bc89a514b 100644
--- a/2016/CVE-2016-6271.md
+++ b/2016/CVE-2016-6271.md
@@ -14,4 +14,5 @@ The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle att
#### Github
- https://github.com/Parist0nH1ll/Vulnerabilities-Write-Ups
+- https://github.com/gteissier/CVE-2016-6271
diff --git a/2016/CVE-2016-6325.md b/2016/CVE-2016-6325.md
index b818bac4b..c755eb26e 100644
--- a/2016/CVE-2016-6325.md
+++ b/2016/CVE-2016-6325.md
@@ -14,4 +14,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/versio-io/product-lifecycle-security-api
diff --git a/2016/CVE-2016-6329.md b/2016/CVE-2016-6329.md
index 903d0d175..87b2485e5 100644
--- a/2016/CVE-2016-6329.md
+++ b/2016/CVE-2016-6329.md
@@ -25,6 +25,7 @@ OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers
- https://github.com/alexandrburyakov/Rep2
- https://github.com/alexgro1982/devops-netology
- https://github.com/bysart/devops-netology
+- https://github.com/catsploit/catsploit
- https://github.com/dmitrii1312/03-sysadmin-09
- https://github.com/geon071/netolofy_12
- https://github.com/ilya-starchikov/devops-netology
diff --git a/2016/CVE-2016-6787.md b/2016/CVE-2016-6787.md
index b4eece4d2..e75739310 100644
--- a/2016/CVE-2016-6787.md
+++ b/2016/CVE-2016-6787.md
@@ -29,6 +29,7 @@ No PoCs from references.
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/whiteHat001/Kernel-Security
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2016/CVE-2016-6801.md b/2016/CVE-2016-6801.md
index dd2bc07cf..4d483ad7e 100644
--- a/2016/CVE-2016-6801.md
+++ b/2016/CVE-2016-6801.md
@@ -15,5 +15,6 @@ No PoCs from references.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/TSNGL21/CVE-2016-6801
diff --git a/2016/CVE-2016-6814.md b/2016/CVE-2016-6814.md
index a4bde3647..49dac3310 100644
--- a/2016/CVE-2016-6814.md
+++ b/2016/CVE-2016-6814.md
@@ -21,6 +21,7 @@ When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/ilmari666/cybsec
diff --git a/2016/CVE-2016-7117.md b/2016/CVE-2016-7117.md
index 214483cf4..22b626e55 100644
--- a/2016/CVE-2016-7117.md
+++ b/2016/CVE-2016-7117.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-7200.md b/2016/CVE-2016-7200.md
index 5e370cef5..a86528424 100644
--- a/2016/CVE-2016-7200.md
+++ b/2016/CVE-2016-7200.md
@@ -33,6 +33,7 @@ The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers
- https://github.com/lnick2023/nicenice
- https://github.com/nyerkym/sectools
- https://github.com/qazbnm456/awesome-cve-poc
+- https://github.com/theori-io/chakra-2016-11
- https://github.com/trhacknon/chakra-2016-11
- https://github.com/tunz/js-vuln-db
- https://github.com/weeka10/-hktalent-TOP
diff --git a/2016/CVE-2016-7201.md b/2016/CVE-2016-7201.md
index 601297f91..8dbf9730a 100644
--- a/2016/CVE-2016-7201.md
+++ b/2016/CVE-2016-7201.md
@@ -32,6 +32,7 @@ The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers
- https://github.com/lnick2023/nicenice
- https://github.com/nyerkym/sectools
- https://github.com/qazbnm456/awesome-cve-poc
+- https://github.com/theori-io/chakra-2016-11
- https://github.com/trhacknon/chakra-2016-11
- https://github.com/tunz/js-vuln-db
- https://github.com/weeka10/-hktalent-TOP
diff --git a/2016/CVE-2016-8453.md b/2016/CVE-2016-8453.md
index c5af9a648..379f4812c 100644
--- a/2016/CVE-2016-8453.md
+++ b/2016/CVE-2016-8453.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-8462.md b/2016/CVE-2016-8462.md
index 72376c975..a0e067355 100644
--- a/2016/CVE-2016-8462.md
+++ b/2016/CVE-2016-8462.md
@@ -14,4 +14,5 @@ An information disclosure vulnerability in the bootloader could enable a local a
- https://securityresear.ch/2017/01/04/fastboot-oem-sha1sum/
#### Github
+- https://github.com/CunningLogic/PixelDump_CVE-2016-8462
diff --git a/2016/CVE-2016-8633.md b/2016/CVE-2016-8633.md
index 921aeea25..175b6a900 100644
--- a/2016/CVE-2016-8633.md
+++ b/2016/CVE-2016-8633.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2016/CVE-2016-8655.md b/2016/CVE-2016-8655.md
index 1f5142e43..757c4c92a 100644
--- a/2016/CVE-2016-8655.md
+++ b/2016/CVE-2016-8655.md
@@ -20,6 +20,7 @@ Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allo
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AabyssZG/AWD-Guide
- https://github.com/Aneesh-Satla/Linux-Kernel-Exploitation-Suggester
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/KosukeShimofuji/CVE-2016-8655
- https://github.com/LakshmiDesai/CVE-2016-8655
@@ -67,6 +68,7 @@ Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allo
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/stefanocutelle/linux-exploit-suggester
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xyongcn/exploit
diff --git a/2016/CVE-2016-9192.md b/2016/CVE-2016-9192.md
index 4bd17cda1..de120df9b 100644
--- a/2016/CVE-2016-9192.md
+++ b/2016/CVE-2016-9192.md
@@ -14,4 +14,5 @@ A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could all
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-anyconnect1
#### Github
+- https://github.com/serializingme/cve-2016-9192
diff --git a/2016/CVE-2016-9296.md b/2016/CVE-2016-9296.md
index dff946fda..b04e07988 100644
--- a/2016/CVE-2016-9296.md
+++ b/2016/CVE-2016-9296.md
@@ -15,4 +15,5 @@ A null pointer dereference bug affects the 16.02 and many old versions of p7zip.
#### Github
- https://github.com/andir/nixos-issue-db-example
+- https://github.com/yangke/7zip-null-pointer-dereference
diff --git a/2016/CVE-2016-9297.md b/2016/CVE-2016-9297.md
index 93d531f5f..511818617 100644
--- a/2016/CVE-2016-9297.md
+++ b/2016/CVE-2016-9297.md
@@ -14,6 +14,7 @@ The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to caus
#### Github
- https://github.com/RClueX/Hackerone-Reports
+- https://github.com/ch1hyun/fuzzing-class
- https://github.com/geeknik/cve-fuzzing-poc
- https://github.com/imhunterand/hackerone-publicy-disclosed
diff --git a/2016/CVE-2016-9793.md b/2016/CVE-2016-9793.md
index 36d1e867b..4b23acc38 100644
--- a/2016/CVE-2016-9793.md
+++ b/2016/CVE-2016-9793.md
@@ -20,6 +20,7 @@ The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.1
- https://github.com/CKmaenn/kernel-exploits
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2016/CVE-2016-9949.md b/2016/CVE-2016-9949.md
index 289705bfe..9e038147a 100644
--- a/2016/CVE-2016-9949.md
+++ b/2016/CVE-2016-9949.md
@@ -15,4 +15,5 @@ An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads t
- https://www.exploit-db.com/exploits/40937/
#### Github
+- https://github.com/DonnchaC/ubuntu-apport-exploitation
diff --git a/2016/CVE-2016-9950.md b/2016/CVE-2016-9950.md
index 35e39fa6e..de325e739 100644
--- a/2016/CVE-2016-9950.md
+++ b/2016/CVE-2016-9950.md
@@ -15,4 +15,5 @@ An issue was discovered in Apport before 2.20.4. There is a path traversal issue
- https://www.exploit-db.com/exploits/40937/
#### Github
+- https://github.com/DonnchaC/ubuntu-apport-exploitation
diff --git a/2016/CVE-2016-9951.md b/2016/CVE-2016-9951.md
index 6315944fb..073619b34 100644
--- a/2016/CVE-2016-9951.md
+++ b/2016/CVE-2016-9951.md
@@ -16,4 +16,5 @@ An issue was discovered in Apport before 2.20.4. A malicious Apport crash file c
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/DonnchaC/ubuntu-apport-exploitation
diff --git a/2017/CVE-2017-0038.md b/2017/CVE-2017-0038.md
index 0b427d1f9..68f798250 100644
--- a/2017/CVE-2017-0038.md
+++ b/2017/CVE-2017-0038.md
@@ -21,6 +21,7 @@ gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Win
- https://github.com/ExpLife0011/awesome-windows-kernel-security-development
- https://github.com/Ondrik8/exploit
- https://github.com/howknows/awesome-windows-security-development
+- https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS
- https://github.com/liuhe3647/Windows
- https://github.com/pr0code/https-github.com-ExpLife0011-awesome-windows-kernel-security-development
- https://github.com/pravinsrc/NOTES-windows-kernel-links
diff --git a/2017/CVE-2017-0146.md b/2017/CVE-2017-0146.md
index 188abf50e..67aafd1a6 100644
--- a/2017/CVE-2017-0146.md
+++ b/2017/CVE-2017-0146.md
@@ -45,6 +45,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2
- https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode
- https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag-
- https://github.com/chaao195/EBEKv2.0
+- https://github.com/enomothem/PenTestNote
- https://github.com/ericjiang97/SecScripts
- https://github.com/geeksniper/active-directory-pentest
- https://github.com/ginapalomo/ScanAll
diff --git a/2017/CVE-2017-0403.md b/2017/CVE-2017-0403.md
index a85a12512..75837d94e 100644
--- a/2017/CVE-2017-0403.md
+++ b/2017/CVE-2017-0403.md
@@ -26,5 +26,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2017/CVE-2017-0437.md b/2017/CVE-2017-0437.md
index 3f725d456..039cb861a 100644
--- a/2017/CVE-2017-0437.md
+++ b/2017/CVE-2017-0437.md
@@ -25,5 +25,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2017/CVE-2017-0478.md b/2017/CVE-2017-0478.md
index 9e82bc62f..f7f5830ac 100644
--- a/2017/CVE-2017-0478.md
+++ b/2017/CVE-2017-0478.md
@@ -13,6 +13,7 @@ A remote code execution vulnerability in the Framesequence library could enable
- https://github.com/JiounDai/CVE-2017-0478
#### Github
+- https://github.com/JiounDai/CVE-2017-0478
- https://github.com/bingghost/CVE-2017-0478
- https://github.com/likescam/CVE-2017-0478
- https://github.com/vnik5287/CVE-2017-16995
diff --git a/2017/CVE-2017-0541.md b/2017/CVE-2017-0541.md
index 4b6ef3b12..0875cadaf 100644
--- a/2017/CVE-2017-0541.md
+++ b/2017/CVE-2017-0541.md
@@ -15,6 +15,7 @@ A remote code execution vulnerability in sonivox in Mediaserver could enable an
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/C0dak/CVE-2017-0541
+- https://github.com/JiounDai/CVE-2017-0541
- https://github.com/likescam/CVE-2017-0541
- https://github.com/lnick2023/nicenice
- https://github.com/qazbnm456/awesome-cve-poc
diff --git a/2017/CVE-2017-0569.md b/2017/CVE-2017-0569.md
index b667d0c22..957b32ea3 100644
--- a/2017/CVE-2017-0569.md
+++ b/2017/CVE-2017-0569.md
@@ -24,5 +24,6 @@ An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enabl
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2017/CVE-2017-1000112.md b/2017/CVE-2017-1000112.md
index 0202baee8..bd9562d16 100644
--- a/2017/CVE-2017-1000112.md
+++ b/2017/CVE-2017-1000112.md
@@ -100,6 +100,7 @@ Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. W
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/stefanocutelle/linux-exploit-suggester
- https://github.com/teamssix/container-escape-check
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/kernel-exploits
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2017/CVE-2017-1000209.md b/2017/CVE-2017-1000209.md
index 6dca4b5b4..e125a83aa 100644
--- a/2017/CVE-2017-1000209.md
+++ b/2017/CVE-2017-1000209.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2017/CVE-2017-1000251.md b/2017/CVE-2017-1000251.md
index a9dd5736e..70e99303d 100644
--- a/2017/CVE-2017-1000251.md
+++ b/2017/CVE-2017-1000251.md
@@ -50,6 +50,7 @@ The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux ke
- https://github.com/sgxgsx/BlueToolkit
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tlatkdgus1/blueborne-CVE-2017-1000251
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2017/CVE-2017-1000253.md b/2017/CVE-2017-1000253.md
index 3ee0857a3..8e21e1e66 100644
--- a/2017/CVE-2017-1000253.md
+++ b/2017/CVE-2017-1000253.md
@@ -14,6 +14,7 @@ Linux distributions that have not patched their long-term kernels with https://g
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/RicterZ/PIE-Stack-Clash-CVE-2017-1000253
- https://github.com/kaosagnt/ansible-everyday
diff --git a/2017/CVE-2017-1000363.md b/2017/CVE-2017-1000363.md
index 3c1716a5f..62378552d 100644
--- a/2017/CVE-2017-1000363.md
+++ b/2017/CVE-2017-1000363.md
@@ -26,5 +26,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2017/CVE-2017-1000380.md b/2017/CVE-2017-1000380.md
index c52392c3e..6bca32790 100644
--- a/2017/CVE-2017-1000380.md
+++ b/2017/CVE-2017-1000380.md
@@ -27,5 +27,6 @@ sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data rac
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2017/CVE-2017-1000498.md b/2017/CVE-2017-1000498.md
index 21316c5c5..9a8d9e523 100644
--- a/2017/CVE-2017-1000498.md
+++ b/2017/CVE-2017-1000498.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2017/CVE-2017-10661.md b/2017/CVE-2017-10661.md
index 7c2db4a82..f8a5b7a93 100644
--- a/2017/CVE-2017-10661.md
+++ b/2017/CVE-2017-10661.md
@@ -29,6 +29,7 @@ Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local u
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tangsilian/android-vuln
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2017/CVE-2017-11176.md b/2017/CVE-2017-11176.md
index d076991f9..5f494ed15 100644
--- a/2017/CVE-2017-11176.md
+++ b/2017/CVE-2017-11176.md
@@ -20,6 +20,7 @@ The mq_notify function in the Linux kernel through 4.11.9 does not set the sock
- https://github.com/DoubleMice/cve-2017-11176
- https://github.com/Flerov/WindowsExploitDev
- https://github.com/Gobinath-B/Exploit-Developement
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/HckEX/CVE-2017-11176
- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -52,5 +53,6 @@ The mq_notify function in the Linux kernel through 4.11.9 does not set the sock
- https://github.com/pjlantz/optee-qemu
- https://github.com/prince-stark/Exploit-Developement
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2017/CVE-2017-11611.md b/2017/CVE-2017-11611.md
index 5a5a80eba..3689920fc 100644
--- a/2017/CVE-2017-11611.md
+++ b/2017/CVE-2017-11611.md
@@ -13,4 +13,5 @@ Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability ex
- https://github.com/faizzaidi/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc
#### Github
+- https://github.com/faizzaidi/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc
diff --git a/2017/CVE-2017-11882.md b/2017/CVE-2017-11882.md
index ec90e2cee..f8323e0b3 100644
--- a/2017/CVE-2017-11882.md
+++ b/2017/CVE-2017-11882.md
@@ -22,6 +22,7 @@ Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Micr
#### Github
- https://github.com/00xtrace/Red-Team-Ops-Toolbox
+- https://github.com/0x09AL/CVE-2017-11882-metasploit
- https://github.com/0xT11/CVE-POC
- https://github.com/0xdeadgeek/Red-Teaming-Toolkit
- https://github.com/0xh4di/Red-Teaming-Toolkit
@@ -117,6 +118,7 @@ Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Micr
- https://github.com/edeca/rtfraptor
- https://github.com/ekgg/Overflow-Demo-CVE-2017-11882
- https://github.com/emaan122/Note2
+- https://github.com/embedi/CVE-2017-11882
- https://github.com/emtee40/APT_CyberCriminal_Campagin_Collections
- https://github.com/eric-erki/APT_CyberCriminal_Campagin_Collections
- https://github.com/fengjixuchui/RedTeamer
diff --git a/2017/CVE-2017-12615.md b/2017/CVE-2017-12615.md
index bc20ac3ee..d56913481 100644
--- a/2017/CVE-2017-12615.md
+++ b/2017/CVE-2017-12615.md
@@ -56,6 +56,7 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.
- https://github.com/Zero094/Vulnerability-verification
- https://github.com/amcai/myscan
- https://github.com/bakery312/Vulhub-Reproduce
+- https://github.com/breaktoprotect/CVE-2017-12615
- https://github.com/cved-sources/cve-2017-12615
- https://github.com/cyberharsh/Tomcat-CVE-2017-12615
- https://github.com/d4n-sec/d4n-sec.github.io
diff --git a/2017/CVE-2017-13028.md b/2017/CVE-2017-13028.md
index 34aa26478..c7c1bc85a 100644
--- a/2017/CVE-2017-13028.md
+++ b/2017/CVE-2017-13028.md
@@ -13,5 +13,6 @@ The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c
No PoCs from references.
#### Github
+- https://github.com/ch1hyun/fuzzing-class
- https://github.com/paras98/AFL_Fuzzing
diff --git a/2017/CVE-2017-13089.md b/2017/CVE-2017-13089.md
index 9836e1f01..1eae5f8fb 100644
--- a/2017/CVE-2017-13089.md
+++ b/2017/CVE-2017-13089.md
@@ -18,6 +18,7 @@ The http.c:skip_short_body() function is called in some circumstances, such as w
- https://github.com/lnick2023/nicenice
- https://github.com/mzeyong/CVE-2017-13089
- https://github.com/qazbnm456/awesome-cve-poc
+- https://github.com/r1b/CVE-2017-13089
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/yfoelling/yair
diff --git a/2017/CVE-2017-13098.md b/2017/CVE-2017-13098.md
index 9cffbb69d..cb43a5083 100644
--- a/2017/CVE-2017-13098.md
+++ b/2017/CVE-2017-13098.md
@@ -19,6 +19,7 @@ BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cr
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/dotanuki-labs/android-oss-cves-research
- https://github.com/pctF/vulnerable-app
diff --git a/2017/CVE-2017-13868.md b/2017/CVE-2017-13868.md
index 3b9ed8a7f..e70c248fe 100644
--- a/2017/CVE-2017-13868.md
+++ b/2017/CVE-2017-13868.md
@@ -13,5 +13,6 @@ An issue was discovered in certain Apple products. iOS before 11.2 is affected.
- https://github.com/bazad/ctl_ctloutput-leak
#### Github
+- https://github.com/bazad/ctl_ctloutput-leak
- https://github.com/houjingyi233/macOS-iOS-system-security
diff --git a/2017/CVE-2017-14105.md b/2017/CVE-2017-14105.md
index 833484232..1e394b5d0 100644
--- a/2017/CVE-2017-14105.md
+++ b/2017/CVE-2017-14105.md
@@ -13,5 +13,6 @@ HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifyi
- https://github.com/theguly/CVE-2017-14105
#### Github
+- https://github.com/theguly/CVE-2017-14105
- https://github.com/theguly/exploits
diff --git a/2017/CVE-2017-16524.md b/2017/CVE-2017-16524.md
index 38a850174..9b2d9e4be 100644
--- a/2017/CVE-2017-16524.md
+++ b/2017/CVE-2017-16524.md
@@ -14,4 +14,5 @@ Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted f
- https://www.exploit-db.com/exploits/43138/
#### Github
+- https://github.com/realistic-security/CVE-2017-16524
diff --git a/2017/CVE-2017-16778.md b/2017/CVE-2017-16778.md
index 0f5f78185..c071ef743 100644
--- a/2017/CVE-2017-16778.md
+++ b/2017/CVE-2017-16778.md
@@ -13,4 +13,5 @@ An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel all
- https://github.com/breaktoprotect/CVE-2017-16778-Intercom-DTMF-Injection
#### Github
+- https://github.com/breaktoprotect/CVE-2017-16778-Intercom-DTMF-Injection
diff --git a/2017/CVE-2017-16939.md b/2017/CVE-2017-16939.md
index 353f371a6..af6d0e468 100644
--- a/2017/CVE-2017-16939.md
+++ b/2017/CVE-2017-16939.md
@@ -16,6 +16,7 @@ No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Micr067/linux-kernel-exploits
- https://github.com/QChiLan/linux-exp
diff --git a/2017/CVE-2017-16995.md b/2017/CVE-2017-16995.md
index 04f8454d0..b12479252 100644
--- a/2017/CVE-2017-16995.md
+++ b/2017/CVE-2017-16995.md
@@ -28,6 +28,7 @@ The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Dk0n9/linux_exploit
- https://github.com/Getshell/LinuxTQ
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JMontRod/Pruebecita
- https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -121,6 +122,7 @@ The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4
- https://github.com/thelostvoice/inept-us-military
- https://github.com/tninh27/Lab
- https://github.com/vnik5287/CVE-2017-16995
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xfinest/linux-kernel-exploits
diff --git a/2017/CVE-2017-17485.md b/2017/CVE-2017-17485.md
index 46720d468..9c082d3d4 100644
--- a/2017/CVE-2017-17485.md
+++ b/2017/CVE-2017-17485.md
@@ -25,6 +25,7 @@ FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthe
- https://github.com/Drun1baby/JavaSecurityLearning
- https://github.com/GhostTroops/myhktools
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
+- https://github.com/LibHunter/LibHunter
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/Pear1y/Vuln-Env
diff --git a/2017/CVE-2017-18344.md b/2017/CVE-2017-18344.md
index f3a99211c..6fc3f6323 100644
--- a/2017/CVE-2017-18344.md
+++ b/2017/CVE-2017-18344.md
@@ -31,6 +31,7 @@ The timer_create syscall implementation in kernel/time/posix-timers.c in the Lin
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/kernel-exploits
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2017/CVE-2017-2636.md b/2017/CVE-2017-2636.md
index 818a5698a..55f98835e 100644
--- a/2017/CVE-2017-2636.md
+++ b/2017/CVE-2017-2636.md
@@ -35,6 +35,7 @@ Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows
- https://github.com/snorez/blog
- https://github.com/snorez/exploits
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xyongcn/exploit
diff --git a/2017/CVE-2017-3506.md b/2017/CVE-2017-3506.md
index 51b03cd8d..2e814226a 100644
--- a/2017/CVE-2017-3506.md
+++ b/2017/CVE-2017-3506.md
@@ -38,6 +38,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar
- https://github.com/MacAsure/WL_Scan_GO
- https://github.com/Maskhe/javasec
- https://github.com/Micr067/CMS-Hunter
+- https://github.com/Ostorlab/KEV
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot
- https://github.com/SecWiki/CMS-Hunter
diff --git a/2017/CVE-2017-5005.md b/2017/CVE-2017-5005.md
index cbe78e41a..7fd561c0a 100644
--- a/2017/CVE-2017-5005.md
+++ b/2017/CVE-2017-5005.md
@@ -14,4 +14,5 @@ Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earli
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/payatu/QuickHeal
diff --git a/2017/CVE-2017-5123.md b/2017/CVE-2017-5123.md
index b1aef4673..73418bdb8 100644
--- a/2017/CVE-2017-5123.md
+++ b/2017/CVE-2017-5123.md
@@ -20,6 +20,7 @@ Insufficient data validation in waitid allowed an user to escape sandboxes on Li
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/FloatingGuy/CVE-2017-5123
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Metarget/awesome-cloud-native-security
- https://github.com/Micr067/linux-kernel-exploits
@@ -88,6 +89,7 @@ Insufficient data validation in waitid allowed an user to escape sandboxes on Li
- https://github.com/teawater/CVE-2017-5123
- https://github.com/txuswashere/Privilege-Escalation
- https://github.com/whiteHat001/Kernel-Security
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xfinest/linux-kernel-exploits
diff --git a/2017/CVE-2017-5124.md b/2017/CVE-2017-5124.md
index 88eb6143c..73e4477bf 100644
--- a/2017/CVE-2017-5124.md
+++ b/2017/CVE-2017-5124.md
@@ -16,6 +16,7 @@ Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202
#### Github
- https://github.com/0xR0/uxss-db
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Bo0oM/CVE-2017-5124
- https://github.com/Metnew/uxss-db
- https://github.com/grandDancer/CVE-2017-5124-RCE-0-Day
- https://github.com/lnick2023/nicenice
diff --git a/2017/CVE-2017-5223.md b/2017/CVE-2017-5223.md
index 6cc758ff9..b8532ccc9 100644
--- a/2017/CVE-2017-5223.md
+++ b/2017/CVE-2017-5223.md
@@ -132,6 +132,7 @@ An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method a
- https://github.com/sccontroltotal/phpmailer
- https://github.com/sliani/PHPMailer-File-Attachments-FTP-to-Mail
- https://github.com/supreethsk/rental
+- https://github.com/sweta-web/Online-Registration-System
- https://github.com/tvirus-01/PHP_mail
- https://github.com/vaartjesd/test
- https://github.com/vatann07/BloodConnect
diff --git a/2017/CVE-2017-5645.md b/2017/CVE-2017-5645.md
index 9f42cedde..d009da319 100644
--- a/2017/CVE-2017-5645.md
+++ b/2017/CVE-2017-5645.md
@@ -37,6 +37,7 @@ In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket
- https://github.com/HackJava/HackLog4j2
- https://github.com/HackJava/Log4j2
- https://github.com/HynekPetrak/log4shell-finder
+- https://github.com/LibHunter/LibHunter
- https://github.com/Marcelektro/Log4J-RCE-Implementation
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/SexyBeast233/SecBooks
diff --git a/2017/CVE-2017-5929.md b/2017/CVE-2017-5929.md
index 0f76c3bdd..ab6618710 100644
--- a/2017/CVE-2017-5929.md
+++ b/2017/CVE-2017-5929.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/fergarrui/exploits
- https://github.com/hinat0y/Dataset1
diff --git a/2017/CVE-2017-6074.md b/2017/CVE-2017-6074.md
index b4f8f7ec2..ab4f43078 100644
--- a/2017/CVE-2017-6074.md
+++ b/2017/CVE-2017-6074.md
@@ -28,6 +28,7 @@ The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel thro
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Dk0n9/linux_exploit
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Metarget/metarget
- https://github.com/Micr067/linux-kernel-exploits
@@ -85,6 +86,7 @@ The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel thro
- https://github.com/spencerdodd/kernelpop
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/toanthang1842002/CVE-2017-6074
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/kernel-exploits
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2017/CVE-2017-6206.md b/2017/CVE-2017-6206.md
index b5e90902e..6bce06f8e 100644
--- a/2017/CVE-2017-6206.md
+++ b/2017/CVE-2017-6206.md
@@ -16,4 +16,5 @@ D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DG
#### Github
- https://github.com/likescam/CVE-2017-0213
- https://github.com/rockl/cve-2017-7184-bak
+- https://github.com/varangamin/CVE-2017-6206
diff --git a/2017/CVE-2017-6370.md b/2017/CVE-2017-6370.md
index 53ae12f9d..71a019f75 100644
--- a/2017/CVE-2017-6370.md
+++ b/2017/CVE-2017-6370.md
@@ -13,4 +13,5 @@ TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases wi
- https://github.com/faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request
#### Github
+- https://github.com/faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request
diff --git a/2017/CVE-2017-6736.md b/2017/CVE-2017-6736.md
index 33723eeee..27655d612 100644
--- a/2017/CVE-2017-6736.md
+++ b/2017/CVE-2017-6736.md
@@ -20,6 +20,7 @@ The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 throug
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/WinMin/Protocol-Vul
+- https://github.com/artkond/cisco-snmp-rce
- https://github.com/lnick2023/nicenice
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2017/CVE-2017-6744.md b/2017/CVE-2017-6744.md
index 3500a3bd9..def447d45 100644
--- a/2017/CVE-2017-6744.md
+++ b/2017/CVE-2017-6744.md
@@ -7,11 +7,7 @@
### Description
-The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.
-
- The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.
-
- There are workarounds that address these vulnerabilities.
+The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.
The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.
There are workarounds that address these vulnerabilities.
### POC
diff --git a/2017/CVE-2017-7184.md b/2017/CVE-2017-7184.md
index 052f678ed..c6f1ef854 100644
--- a/2017/CVE-2017-7184.md
+++ b/2017/CVE-2017-7184.md
@@ -35,6 +35,7 @@ The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel
- https://github.com/snorez/blog
- https://github.com/snorez/exploits
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xyongcn/exploit
diff --git a/2017/CVE-2017-7188.md b/2017/CVE-2017-7188.md
index 9fca77ea3..3b25f77fd 100644
--- a/2017/CVE-2017-7188.md
+++ b/2017/CVE-2017-7188.md
@@ -13,4 +13,5 @@ Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a base64-enco
- https://github.com/faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC
#### Github
+- https://github.com/faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC
diff --git a/2017/CVE-2017-7308.md b/2017/CVE-2017-7308.md
index 53df3c4dc..c6de4c247 100644
--- a/2017/CVE-2017-7308.md
+++ b/2017/CVE-2017-7308.md
@@ -21,6 +21,7 @@ The packet_set_ring function in net/packet/af_packet.c in the Linux kernel throu
- https://github.com/CKmaenn/kernel-exploits
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/Feng4/linux-kernel-exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Mecyu/googlecontainers
- https://github.com/Metarget/metarget
@@ -84,6 +85,7 @@ The packet_set_ring function in net/packet/af_packet.c in the Linux kernel throu
- https://github.com/spencerdodd/kernelpop
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/vusec/blindside
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/kernel-exploits
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2017/CVE-2017-7616.md b/2017/CVE-2017-7616.md
index d8c49ad70..ab0fe53cb 100644
--- a/2017/CVE-2017-7616.md
+++ b/2017/CVE-2017-7616.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/skbasava/Linux-Kernel-exploit
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2017/CVE-2017-7656.md b/2017/CVE-2017-7656.md
index 572ec32dc..e31720548 100644
--- a/2017/CVE-2017-7656.md
+++ b/2017/CVE-2017-7656.md
@@ -19,4 +19,5 @@ In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/DonnumS/inf226Inchat
+- https://github.com/LibHunter/LibHunter
diff --git a/2017/CVE-2017-7657.md b/2017/CVE-2017-7657.md
index 8fedc1c41..084f2d859 100644
--- a/2017/CVE-2017-7657.md
+++ b/2017/CVE-2017-7657.md
@@ -19,5 +19,6 @@ In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/DonnumS/inf226Inchat
+- https://github.com/LibHunter/LibHunter
- https://github.com/yahoo/cubed
diff --git a/2017/CVE-2017-7957.md b/2017/CVE-2017-7957.md
index 0ba61a6fd..4ee96d583 100644
--- a/2017/CVE-2017-7957.md
+++ b/2017/CVE-2017-7957.md
@@ -16,6 +16,7 @@ No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/Whoopsunix/PPPVULNS
- https://github.com/dotanuki-labs/android-oss-cves-research
- https://github.com/lmarso-asapp/kotlin-unsecure
diff --git a/2017/CVE-2017-8382.md b/2017/CVE-2017-8382.md
index b4e83f84a..dbc6b5a5c 100644
--- a/2017/CVE-2017-8382.md
+++ b/2017/CVE-2017-8382.md
@@ -16,4 +16,5 @@ admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with
- https://www.exploit-db.com/exploits/42005/
#### Github
+- https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc
diff --git a/2017/CVE-2017-8570.md b/2017/CVE-2017-8570.md
index e7392e108..27784943f 100644
--- a/2017/CVE-2017-8570.md
+++ b/2017/CVE-2017-8570.md
@@ -95,6 +95,7 @@ Microsoft Office allows a remote code execution vulnerability due to the way tha
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/qiantu88/office-cve
- https://github.com/r0r0x-xx/Red-Team-OPS-Modern-Adversary
+- https://github.com/rxwx/CVE-2017-8570
- https://github.com/sasqwatch/CVE-2017-8570
- https://github.com/scriptsboy/Red-Teaming-Toolkit
- https://github.com/shr3ddersec/Shr3dKit
diff --git a/2017/CVE-2017-8625.md b/2017/CVE-2017-8625.md
index 4796d20d7..9f5da92ae 100644
--- a/2017/CVE-2017-8625.md
+++ b/2017/CVE-2017-8625.md
@@ -26,6 +26,7 @@ Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016
- https://github.com/Digit4lBytes/RedTeam
- https://github.com/DigitalQuinn/InfosecCompilation
- https://github.com/Fa1c0n35/Awesome-Red-Teaming.
+- https://github.com/GoVanguard/list-infosec-encyclopedia
- https://github.com/H4CK3RT3CH/Awesome-Red-Teaming
- https://github.com/Hemanthraju02/Red-team
- https://github.com/HildeTeamTNT/Awesome-Red-Teaming
diff --git a/2017/CVE-2017-8890.md b/2017/CVE-2017-8890.md
index a21570238..d1d5a3059 100644
--- a/2017/CVE-2017-8890.md
+++ b/2017/CVE-2017-8890.md
@@ -16,6 +16,7 @@ No PoCs from references.
- https://github.com/7043mcgeep/cve-2017-8890-msf
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/LinuxEelvation
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/beraphin/CVE-2017-8890
- https://github.com/bsauce/kernel-exploit-factory
diff --git a/2017/CVE-2017-8917.md b/2017/CVE-2017-8917.md
index 9213ddf53..89b7dbf29 100644
--- a/2017/CVE-2017-8917.md
+++ b/2017/CVE-2017-8917.md
@@ -23,6 +23,7 @@ SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to ex
- https://github.com/Aukaii/notes
- https://github.com/Awrrays/FrameVul
- https://github.com/BaptisteContreras/CVE-2017-8917-Joomla
+- https://github.com/CLincat/vulcat
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/HattMobb/TryHackMe-Bugle-Machine-Writeup-Walkthrough
- https://github.com/HimmelAward/Goby_POC
diff --git a/2017/CVE-2017-9048.md b/2017/CVE-2017-9048.md
index b3fcb3da1..66d5f636e 100644
--- a/2017/CVE-2017-9048.md
+++ b/2017/CVE-2017-9048.md
@@ -14,4 +14,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ch1hyun/fuzzing-class
diff --git a/2017/CVE-2017-9096.md b/2017/CVE-2017-9096.md
index 198af61fa..a4828f6f1 100644
--- a/2017/CVE-2017-9096.md
+++ b/2017/CVE-2017-9096.md
@@ -17,6 +17,7 @@ The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable exter
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/jakabakos/CVE-2017-9096
- https://github.com/jakabakos/CVE-2017-9096-iText-XXE
diff --git a/2017/CVE-2017-9609.md b/2017/CVE-2017-9609.md
index 01de24458..cf8b64e3c 100644
--- a/2017/CVE-2017-9609.md
+++ b/2017/CVE-2017-9609.md
@@ -15,4 +15,5 @@ Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authe
- https://github.com/faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc
#### Github
+- https://github.com/faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc
diff --git a/2017/CVE-2017-9735.md b/2017/CVE-2017-9735.md
index 349226632..4a7bed4aa 100644
--- a/2017/CVE-2017-9735.md
+++ b/2017/CVE-2017-9735.md
@@ -18,5 +18,6 @@ Jetty through 9.4.x is prone to a timing channel in util/security/Password.java,
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/fredfeng/Themis-taint
diff --git a/2017/CVE-2017-9798.md b/2017/CVE-2017-9798.md
index 49236a071..bbcfa237c 100644
--- a/2017/CVE-2017-9798.md
+++ b/2017/CVE-2017-9798.md
@@ -42,6 +42,7 @@ Apache httpd allows remote attackers to read secret data from process memory if
- https://github.com/cnnrshd/bbot-utils
- https://github.com/firatesatoglu/shodanSearch
- https://github.com/hackingyseguridad/apachebleed
+- https://github.com/hannob/optionsbleed
- https://github.com/imhunterand/hackerone-publicy-disclosed
- https://github.com/kasem545/vulnsearch
- https://github.com/l0n3rs/CVE-2017-9798
diff --git a/2018/CVE-2018-0114.md b/2018/CVE-2018-0114.md
index 4e75cb6e5..e4eb0856d 100644
--- a/2018/CVE-2018-0114.md
+++ b/2018/CVE-2018-0114.md
@@ -41,4 +41,5 @@ A vulnerability in the Cisco node-jose open source library before 0.11.0 could a
- https://github.com/ticarpi/jwt_tool
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/zhangziyang301/jwt_tool
+- https://github.com/zi0Black/POC-CVE-2018-0114
diff --git a/2018/CVE-2018-0151.md b/2018/CVE-2018-0151.md
index 160bd399c..aa5efe3a7 100644
--- a/2018/CVE-2018-0151.md
+++ b/2018/CVE-2018-0151.md
@@ -17,4 +17,5 @@ No PoCs from references.
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/ferdinandmudjialim/metasploit-cve-search
+- https://github.com/tunnelcat/metasploit-cve-search
diff --git a/2018/CVE-2018-0171.md b/2018/CVE-2018-0171.md
index f01a8d31d..1417cfd5e 100644
--- a/2018/CVE-2018-0171.md
+++ b/2018/CVE-2018-0171.md
@@ -25,5 +25,6 @@ A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/rikosintie/SmartInstall
- https://github.com/tomoyamachi/gocarts
+- https://github.com/tunnelcat/metasploit-cve-search
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2018/CVE-2018-0304.md b/2018/CVE-2018-0304.md
index d65948bd3..8fdc4e472 100644
--- a/2018/CVE-2018-0304.md
+++ b/2018/CVE-2018-0304.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ferdinandmudjialim/metasploit-cve-search
+- https://github.com/tunnelcat/metasploit-cve-search
diff --git a/2018/CVE-2018-0743.md b/2018/CVE-2018-0743.md
index a48223010..1eef19415 100644
--- a/2018/CVE-2018-0743.md
+++ b/2018/CVE-2018-0743.md
@@ -33,6 +33,7 @@ Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 version 1709,
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/renzu0/Windows-exp
- https://github.com/root26/bug
+- https://github.com/saaramar/execve_exploit
- https://github.com/safesword/WindowsExp
- https://github.com/valentinoJones/Windows-Kernel-Exploits
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2018/CVE-2018-0802.md b/2018/CVE-2018-0802.md
index 2122a527a..1648b33f8 100644
--- a/2018/CVE-2018-0802.md
+++ b/2018/CVE-2018-0802.md
@@ -85,6 +85,7 @@ Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Offic
- https://github.com/reph0r/poc-exp-tools
- https://github.com/ridhopratama29/zimbohack
- https://github.com/roninAPT/CVE-2018-0802
+- https://github.com/rxwx/CVE-2018-0802
- https://github.com/t31m0/PENTESTING-BIBLE
- https://github.com/tib36/PhishingBook
- https://github.com/vincentfer/PENTESTING-BIBLE-
@@ -93,4 +94,5 @@ Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Offic
- https://github.com/xaitax/cisa-catalog-known-vulnerabilities
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/yusufazizmustofa/BIBLE
+- https://github.com/zldww2011/CVE-2018-0802_POC
diff --git a/2018/CVE-2018-0886.md b/2018/CVE-2018-0886.md
index 1015fdd07..039132aef 100644
--- a/2018/CVE-2018-0886.md
+++ b/2018/CVE-2018-0886.md
@@ -33,6 +33,7 @@ The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows
- https://github.com/jborean93/requests-credssp
- https://github.com/lnick2023/nicenice
- https://github.com/paulveillard/cybersecurity-exploit-development
+- https://github.com/preempt/credssp
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/wachira90/fix-credssp
- https://github.com/weeka10/-hktalent-TOP
diff --git a/2018/CVE-2018-1000134.md b/2018/CVE-2018-1000134.md
index e8fa16149..6dcccd2fb 100644
--- a/2018/CVE-2018-1000134.md
+++ b/2018/CVE-2018-1000134.md
@@ -16,4 +16,5 @@ No PoCs from references.
- https://github.com/0xT11/CVE-POC
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2018/CVE-2018-1000180.md b/2018/CVE-2018-1000180.md
index 280ba635d..aa8a454a2 100644
--- a/2018/CVE-2018-1000180.md
+++ b/2018/CVE-2018-1000180.md
@@ -20,4 +20,5 @@ Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/CyberSource/cybersource-sdk-java
+- https://github.com/LibHunter/LibHunter
diff --git a/2018/CVE-2018-1000529.md b/2018/CVE-2018-1000529.md
index f7b0a486f..541d91da3 100644
--- a/2018/CVE-2018-1000529.md
+++ b/2018/CVE-2018-1000529.md
@@ -14,4 +14,5 @@ Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnera
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/martinfrancois/CVE-2018-1000529
diff --git a/2018/CVE-2018-1000613.md b/2018/CVE-2018-1000613.md
index bb927a783..c7be06692 100644
--- a/2018/CVE-2018-1000613.md
+++ b/2018/CVE-2018-1000613.md
@@ -20,6 +20,7 @@ Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/dotanuki-labs/android-oss-cves-research
- https://github.com/pctF/vulnerable-app
diff --git a/2018/CVE-2018-1000632.md b/2018/CVE-2018-1000632.md
index ab704b08b..821e09736 100644
--- a/2018/CVE-2018-1000632.md
+++ b/2018/CVE-2018-1000632.md
@@ -18,5 +18,6 @@ dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerabil
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/ilmari666/cybsec
diff --git a/2018/CVE-2018-1000850.md b/2018/CVE-2018-1000850.md
index 932cfa6f8..4b202da17 100644
--- a/2018/CVE-2018-1000850.md
+++ b/2018/CVE-2018-1000850.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/hinat0y/Dataset1
- https://github.com/hinat0y/Dataset10
- https://github.com/hinat0y/Dataset11
diff --git a/2018/CVE-2018-1002105.md b/2018/CVE-2018-1002105.md
index 0e4bc6550..09d9a9f4b 100644
--- a/2018/CVE-2018-1002105.md
+++ b/2018/CVE-2018-1002105.md
@@ -46,6 +46,7 @@ In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect ha
- https://github.com/cloudpassage-community/find_k8s
- https://github.com/cloudyuga/kubecon19-eu
- https://github.com/cyberanand1337x/bug-bounty-2022
+- https://github.com/evict/poc_CVE-2018-1002105
- https://github.com/g3rzi/HackingKubernetes
- https://github.com/gravitational/cve-2018-1002105
- https://github.com/hacking-kubernetes/hacking-kubernetes.info
diff --git a/2018/CVE-2018-1002201.md b/2018/CVE-2018-1002201.md
index 53986d471..e06fde28d 100644
--- a/2018/CVE-2018-1002201.md
+++ b/2018/CVE-2018-1002201.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/jpbprakash/vuln
- https://github.com/mile9299/zip-slip-vulnerability
- https://github.com/snyk/zip-slip-vulnerability
diff --git a/2018/CVE-2018-10054.md b/2018/CVE-2018-10054.md
index 101515b67..9f7c0c486 100644
--- a/2018/CVE-2018-10054.md
+++ b/2018/CVE-2018-10054.md
@@ -10,6 +10,7 @@
### POC
#### Reference
+- https://github.com/h2database/h2database/issues/1225
- https://mthbernardes.github.io/rce/2018/03/14/abusing-h2-database-alias.html
- https://www.exploit-db.com/exploits/44422/
diff --git a/2018/CVE-2018-10088.md b/2018/CVE-2018-10088.md
index 216ba56bd..9e0136e61 100644
--- a/2018/CVE-2018-10088.md
+++ b/2018/CVE-2018-10088.md
@@ -16,4 +16,5 @@ Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vec
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/KostasEreksonas/Besder-6024PB-XMA501-ip-camera-security-investigation
+- https://github.com/bitfu/uc-httpd-1.0.0-buffer-overflow-exploit
diff --git a/2018/CVE-2018-10237.md b/2018/CVE-2018-10237.md
index 03b5c6129..3fbd219ed 100644
--- a/2018/CVE-2018-10237.md
+++ b/2018/CVE-2018-10237.md
@@ -20,6 +20,7 @@ Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allo
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/diakogiannis/moviebook
- https://github.com/dotanuki-labs/android-oss-cves-research
diff --git a/2018/CVE-2018-11248.md b/2018/CVE-2018-11248.md
index feecc74cd..b3d2cc8fd 100644
--- a/2018/CVE-2018-11248.md
+++ b/2018/CVE-2018-11248.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2018/CVE-2018-11307.md b/2018/CVE-2018-11307.md
index 899428584..0b9965e1c 100644
--- a/2018/CVE-2018-11307.md
+++ b/2018/CVE-2018-11307.md
@@ -19,6 +19,7 @@ An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use o
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/ilmari666/cybsec
- https://github.com/seal-community/patches
diff --git a/2018/CVE-2018-11409.md b/2018/CVE-2018-11409.md
index 6b2e2667f..fefe3776c 100644
--- a/2018/CVE-2018-11409.md
+++ b/2018/CVE-2018-11409.md
@@ -18,6 +18,7 @@ Splunk through 7.0.1 allows information disclosure by appending __raw/services/s
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/jam620/OSIN-Splunk
+- https://github.com/kofa2002/splunk
- https://github.com/merlinepedra/nuclei-templates
- https://github.com/merlinepedra25/nuclei-templates
- https://github.com/sobinge/nuclei-templates
diff --git a/2018/CVE-2018-11471.md b/2018/CVE-2018-11471.md
index 7afc8d1c4..0ef77f60b 100644
--- a/2018/CVE-2018-11471.md
+++ b/2018/CVE-2018-11471.md
@@ -13,4 +13,5 @@ Cockpit 0.5.5 has XSS via a collection, form, or region.
- https://github.com/nikhil1232/Cockpit-CMS-XSS-POC
#### Github
+- https://github.com/nikhil1232/Cockpit-CMS-XSS-POC
diff --git a/2018/CVE-2018-11771.md b/2018/CVE-2018-11771.md
index 7048fcdbb..d51bff58d 100644
--- a/2018/CVE-2018-11771.md
+++ b/2018/CVE-2018-11771.md
@@ -18,6 +18,7 @@ When reading a specially crafted ZIP archive, the read method of Apache Commons
- https://github.com/CGCL-codes/PHunter
- https://github.com/DennisFeldbusch/Fuzz
- https://github.com/GCFuzzer/SP2023
+- https://github.com/LibHunter/LibHunter
- https://github.com/hwen020/JQF
- https://github.com/jyi/JQF
- https://github.com/mfatima1/CS182
diff --git a/2018/CVE-2018-11776.md b/2018/CVE-2018-11776.md
index 853558fd4..2ce0873f0 100644
--- a/2018/CVE-2018-11776.md
+++ b/2018/CVE-2018-11776.md
@@ -114,6 +114,7 @@ Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remo
- https://github.com/hellochunqiu/PayloadsAllTheThings
- https://github.com/hktalent/TOP
- https://github.com/hktalent/myhktools
+- https://github.com/hook-s3c/CVE-2018-11776-Python-PoC
- https://github.com/hudunkey/Red-Team-links
- https://github.com/hwiwonl/dayone
- https://github.com/hyeonql/WHS
diff --git a/2018/CVE-2018-11797.md b/2018/CVE-2018-11797.md
index 15caebdfe..6060c6936 100644
--- a/2018/CVE-2018-11797.md
+++ b/2018/CVE-2018-11797.md
@@ -17,4 +17,5 @@ In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2018/CVE-2018-12022.md b/2018/CVE-2018-12022.md
index 63bf11a92..2dd55f10e 100644
--- a/2018/CVE-2018-12022.md
+++ b/2018/CVE-2018-12022.md
@@ -18,6 +18,7 @@ An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/ilmari666/cybsec
- https://github.com/seal-community/patches
diff --git a/2018/CVE-2018-12034.md b/2018/CVE-2018-12034.md
index 904dd6c86..5a90c5b32 100644
--- a/2018/CVE-2018-12034.md
+++ b/2018/CVE-2018-12034.md
@@ -16,6 +16,7 @@ In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can caus
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/bnbdr/swisscheese
- https://github.com/lnick2023/nicenice
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2018/CVE-2018-12035.md b/2018/CVE-2018-12035.md
index e49091ce4..cd48a73b6 100644
--- a/2018/CVE-2018-12035.md
+++ b/2018/CVE-2018-12035.md
@@ -16,6 +16,7 @@ In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can caus
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/bnbdr/swisscheese
- https://github.com/lnick2023/nicenice
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2018/CVE-2018-12418.md b/2018/CVE-2018-12418.md
index 71bc9e60c..95b5d19c9 100644
--- a/2018/CVE-2018-12418.md
+++ b/2018/CVE-2018-12418.md
@@ -19,6 +19,7 @@ No PoCs from references.
- https://github.com/CGCL-codes/PHunter
- https://github.com/DennisFeldbusch/Fuzz
- https://github.com/GCFuzzer/SP2023
+- https://github.com/LibHunter/LibHunter
- https://github.com/hwen020/JQF
- https://github.com/jyi/JQF
- https://github.com/mfatima1/CS182
diff --git a/2018/CVE-2018-12538.md b/2018/CVE-2018-12538.md
index e9696c17a..c886e2e4f 100644
--- a/2018/CVE-2018-12538.md
+++ b/2018/CVE-2018-12538.md
@@ -16,4 +16,5 @@ In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty pro
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2018/CVE-2018-1260.md b/2018/CVE-2018-1260.md
index fa2cac85e..f977e6aab 100644
--- a/2018/CVE-2018-1260.md
+++ b/2018/CVE-2018-1260.md
@@ -18,6 +18,7 @@ No PoCs from references.
- https://github.com/Drun1baby/CVE-Reproduction-And-Analysis
- https://github.com/SexyBeast233/SecBooks
- https://github.com/ax1sX/SpringSecurity
+- https://github.com/enomothem/PenTestNote
- https://github.com/gyyyy/footprint
- https://github.com/langu-xyz/JavaVulnMap
diff --git a/2018/CVE-2018-1270.md b/2018/CVE-2018-1270.md
index 25117b16f..aafb4a8c8 100644
--- a/2018/CVE-2018-1270.md
+++ b/2018/CVE-2018-1270.md
@@ -46,6 +46,7 @@ Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 a
- https://github.com/cybersecsi/docker-vuln-runner
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/do0dl3/myhktools
+- https://github.com/enomothem/PenTestNote
- https://github.com/genxor/CVE-2018-1270_EXP
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/myhktools
diff --git a/2018/CVE-2018-1324.md b/2018/CVE-2018-1324.md
index 578aafc98..f43159e06 100644
--- a/2018/CVE-2018-1324.md
+++ b/2018/CVE-2018-1324.md
@@ -16,6 +16,7 @@ A specially crafted ZIP archive can be used to cause an infinite loop inside of
- https://github.com/0xT11/CVE-POC
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/dotanuki-labs/android-oss-cves-research
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2018/CVE-2018-13257.md b/2018/CVE-2018-13257.md
index 8d24e1004..7584457fc 100644
--- a/2018/CVE-2018-13257.md
+++ b/2018/CVE-2018-13257.md
@@ -14,4 +14,5 @@ The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-0
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/gluxon/CVE-2018-13257
diff --git a/2018/CVE-2018-13379.md b/2018/CVE-2018-13379.md
index 4fe29b4e1..03743c141 100644
--- a/2018/CVE-2018-13379.md
+++ b/2018/CVE-2018-13379.md
@@ -36,6 +36,7 @@ An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal"
- https://github.com/MelanyRoob/Goby
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+- https://github.com/RedcentricCyber/Fortigate
- https://github.com/SexyBeast233/SecBooks
- https://github.com/TebbaaX/Vault6
- https://github.com/W01fh4cker/Serein
diff --git a/2018/CVE-2018-14333.md b/2018/CVE-2018-14333.md
index 506f69191..bd25c8bb6 100644
--- a/2018/CVE-2018-14333.md
+++ b/2018/CVE-2018-14333.md
@@ -13,4 +13,5 @@ TeamViewer through 13.1.1548 stores a password in Unicode format within TeamView
- https://github.com/vah13/extractTVpasswords
#### Github
+- https://github.com/vah13/extractTVpasswords
diff --git a/2018/CVE-2018-14568.md b/2018/CVE-2018-14568.md
index 5ec5ac573..0ef660302 100644
--- a/2018/CVE-2018-14568.md
+++ b/2018/CVE-2018-14568.md
@@ -14,4 +14,5 @@ Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server.
- https://redmine.openinfosecfoundation.org/issues/2501
#### Github
+- https://github.com/kirillwow/ids_bypass
diff --git a/2018/CVE-2018-14634.md b/2018/CVE-2018-14634.md
index 23d6c1763..8f95d28f6 100644
--- a/2018/CVE-2018-14634.md
+++ b/2018/CVE-2018-14634.md
@@ -33,6 +33,7 @@ An integer overflow flaw was found in the Linux kernel's create_elf_tables() fun
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2018/CVE-2018-14847.md b/2018/CVE-2018-14847.md
index 35b4b7164..fdfa6568d 100644
--- a/2018/CVE-2018-14847.md
+++ b/2018/CVE-2018-14847.md
@@ -22,6 +22,7 @@ MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read a
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Acengerz/WinboxPoC
- https://github.com/AsrafulDev/winboxbug
+- https://github.com/BasuCert/WinboxPoC
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
diff --git a/2018/CVE-2018-15499.md b/2018/CVE-2018-15499.md
index 17f56264d..340e61a7a 100644
--- a/2018/CVE-2018-15499.md
+++ b/2018/CVE-2018-15499.md
@@ -16,6 +16,7 @@ GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CrackerCat/Kernel-Security-Development
+- https://github.com/DownWithUp/CVE-2018-15499
- https://github.com/DownWithUp/CVE-Stockpile
- https://github.com/ExpLife0011/awesome-windows-kernel-security-development
- https://github.com/Ondrik8/exploit
diff --git a/2018/CVE-2018-15901.md b/2018/CVE-2018-15901.md
index 0bd1a2613..79c10d1c3 100644
--- a/2018/CVE-2018-15901.md
+++ b/2018/CVE-2018-15901.md
@@ -14,4 +14,5 @@ e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details suc
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/dhananjay-bajaj/e107_2.1.8_csrf
diff --git a/2018/CVE-2018-16133.md b/2018/CVE-2018-16133.md
index 7b4077721..2b3111c52 100644
--- a/2018/CVE-2018-16133.md
+++ b/2018/CVE-2018-16133.md
@@ -15,4 +15,5 @@ Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal via a ../ in the URI.
#### Github
- https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Directory-Traversal
diff --git a/2018/CVE-2018-16134.md b/2018/CVE-2018-16134.md
index eeb217f7f..8c60ba065 100644
--- a/2018/CVE-2018-16134.md
+++ b/2018/CVE-2018-16134.md
@@ -14,4 +14,5 @@ Cybrotech CyBroHttpServer 1.0.3 allows XSS via a URI.
- https://www.exploit-db.com/exploits/45309/
#### Github
+- https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Reflected-XSS
diff --git a/2018/CVE-2018-16381.md b/2018/CVE-2018-16381.md
index 13659c1a3..adb02bdd5 100644
--- a/2018/CVE-2018-16381.md
+++ b/2018/CVE-2018-16381.md
@@ -14,4 +14,5 @@ e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_login
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/dhananjay-bajaj/E107-v2.1.8-XSS-POC
diff --git a/2018/CVE-2018-16946.md b/2018/CVE-2018-16946.md
index b2650b5a1..61924bb87 100644
--- a/2018/CVE-2018-16946.md
+++ b/2018/CVE-2018-16946.md
@@ -15,6 +15,7 @@ LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access co
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EgeBalci/LG-Smart-IP-Device-Backup-Download
- https://github.com/lnick2023/nicenice
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2018/CVE-2018-17081.md b/2018/CVE-2018-17081.md
index 323686b0e..ac106a8f3 100644
--- a/2018/CVE-2018-17081.md
+++ b/2018/CVE-2018-17081.md
@@ -14,4 +14,5 @@ e107 2.1.9 allows CSRF via e107_admin/wmessage.php?mode=&action=inline&ajax_used
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/himanshurahi/e107_2.1.9_CSRF_POC
diff --git a/2018/CVE-2018-17182.md b/2018/CVE-2018-17182.md
index 72aba58c1..f52c97794 100644
--- a/2018/CVE-2018-17182.md
+++ b/2018/CVE-2018-17182.md
@@ -26,6 +26,7 @@ An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_a
- https://github.com/CVEDB/top
- https://github.com/Echocipher/Resource-list
- https://github.com/GhostTroops/TOP
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Ondrik8/RED-Team
@@ -59,6 +60,7 @@ An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_a
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/svbjdbk123/-
- https://github.com/twensoo/PersistentThreat
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xiaoZ-hc/redtool
diff --git a/2018/CVE-2018-17240.md b/2018/CVE-2018-17240.md
index 6cd87d5d3..2b7ff9425 100644
--- a/2018/CVE-2018-17240.md
+++ b/2018/CVE-2018-17240.md
@@ -14,5 +14,6 @@ There is a memory dump vulnerability on Netwave IP camera devices at //proc/kcor
- https://github.com/BBge/CVE-2018-17240/blob/main/exploit.py
#### Github
+- https://github.com/BBge/CVE-2018-17240
- https://github.com/Xewdy444/Netgrave
diff --git a/2018/CVE-2018-18281.md b/2018/CVE-2018-18281.md
index 7f300f834..1175eb05d 100644
--- a/2018/CVE-2018-18281.md
+++ b/2018/CVE-2018-18281.md
@@ -25,5 +25,6 @@ Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2018/CVE-2018-18955.md b/2018/CVE-2018-18955.md
index 043fb1c3b..0df86ca3b 100644
--- a/2018/CVE-2018-18955.md
+++ b/2018/CVE-2018-18955.md
@@ -18,6 +18,7 @@ In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/u
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/HaleyWei/POC-available
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Metarget/metarget
- https://github.com/Micr067/linux-kernel-exploits
diff --git a/2018/CVE-2018-19320.md b/2018/CVE-2018-19320.md
index 4359594df..19da76cf6 100644
--- a/2018/CVE-2018-19320.md
+++ b/2018/CVE-2018-19320.md
@@ -25,6 +25,7 @@ The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRA
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/cmd-theo/RobbinHood-attack
- https://github.com/cygnosic/Gigabyte_Disable_DSE
+- https://github.com/gmh5225/RobbinHood-attack
- https://github.com/gmh5225/awesome-game-security
- https://github.com/h4rmy/KDU
- https://github.com/hfiref0x/KDU
diff --git a/2018/CVE-2018-19360.md b/2018/CVE-2018-19360.md
index b64c53943..fbb9220b6 100644
--- a/2018/CVE-2018-19360.md
+++ b/2018/CVE-2018-19360.md
@@ -17,6 +17,7 @@ FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspec
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/aaronm-sysdig/risk-accept
diff --git a/2018/CVE-2018-19361.md b/2018/CVE-2018-19361.md
index ac69dc847..0933db155 100644
--- a/2018/CVE-2018-19361.md
+++ b/2018/CVE-2018-19361.md
@@ -17,6 +17,7 @@ FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspec
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/aaronm-sysdig/risk-accept
diff --git a/2018/CVE-2018-19362.md b/2018/CVE-2018-19362.md
index 253d0551d..aa1daed1c 100644
--- a/2018/CVE-2018-19362.md
+++ b/2018/CVE-2018-19362.md
@@ -18,6 +18,7 @@ FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspec
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/aaronm-sysdig/risk-accept
diff --git a/2018/CVE-2018-19466.md b/2018/CVE-2018-19466.md
index afa7d00a3..f89a2b5c5 100644
--- a/2018/CVE-2018-19466.md
+++ b/2018/CVE-2018-19466.md
@@ -15,6 +15,7 @@ A vulnerability was found in Portainer before 1.20.0. Portainer stores LDAP cred
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/MauroEldritch/lempo
- https://github.com/MauroEldritch/mauroeldritch
- https://github.com/anquanscan/sec-tools
diff --git a/2018/CVE-2018-19487.md b/2018/CVE-2018-19487.md
index 0ab1bb2d3..d47446877 100644
--- a/2018/CVE-2018-19487.md
+++ b/2018/CVE-2018-19487.md
@@ -16,5 +16,6 @@ The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX req
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Antho59/wp-jobhunt-exploit
- https://github.com/YOLOP0wn/wp-jobhunt-exploit
diff --git a/2018/CVE-2018-19488.md b/2018/CVE-2018-19488.md
index 1f992e201..7e5d21481 100644
--- a/2018/CVE-2018-19488.md
+++ b/2018/CVE-2018-19488.md
@@ -14,5 +14,6 @@ The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX req
- https://wpvulndb.com/vulnerabilities/9206
#### Github
+- https://github.com/Antho59/wp-jobhunt-exploit
- https://github.com/YOLOP0wn/wp-jobhunt-exploit
diff --git a/2018/CVE-2018-19537.md b/2018/CVE-2018-19537.md
index c8e2f9fff..3fc39e071 100644
--- a/2018/CVE-2018-19537.md
+++ b/2018/CVE-2018-19537.md
@@ -14,4 +14,5 @@ TP-Link Archer C5 devices through V2_160201_US allow remote command execution vi
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/JackDoan/TP-Link-ArcherC5-RCE
diff --git a/2018/CVE-2018-19933.md b/2018/CVE-2018-19933.md
index e5b916f5b..b47dfd5cb 100644
--- a/2018/CVE-2018-19933.md
+++ b/2018/CVE-2018-19933.md
@@ -15,4 +15,5 @@ Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated b
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/rdincel1/Bolt-CMS-3.6.2---Cross-Site-Scripting
diff --git a/2018/CVE-2018-20161.md b/2018/CVE-2018-20161.md
index 2a5007cad..50a824c8f 100644
--- a/2018/CVE-2018-20161.md
+++ b/2018/CVE-2018-20161.md
@@ -13,4 +13,5 @@ A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and ea
- https://github.com/Jacquais/BlinkVuln
#### Github
+- https://github.com/Jacquais/BlinkVuln
diff --git a/2018/CVE-2018-20343.md b/2018/CVE-2018-20343.md
index a5c61b335..74d1e3612 100644
--- a/2018/CVE-2018-20343.md
+++ b/2018/CVE-2018-20343.md
@@ -15,5 +15,6 @@ Multiple buffer overflow vulnerabilities have been found in Ken Silverman Build
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Alexandre-Bartel/CVE-2018-20343
- https://github.com/anquanscan/sec-tools
diff --git a/2018/CVE-2018-20377.md b/2018/CVE-2018-20377.md
index f708d2e9b..73304852f 100644
--- a/2018/CVE-2018-20377.md
+++ b/2018/CVE-2018-20377.md
@@ -18,4 +18,5 @@ Orange Livebox 00.96.320S devices allow remote attackers to discover Wi-Fi crede
- https://github.com/angristan/awesome-stars
- https://github.com/oski02/NSE
- https://github.com/pawamoy/stars
+- https://github.com/zadewg/LIVEBOX-0DAY
diff --git a/2018/CVE-2018-20418.md b/2018/CVE-2018-20418.md
index 104335cea..a0986209d 100644
--- a/2018/CVE-2018-20418.md
+++ b/2018/CVE-2018-20418.md
@@ -14,4 +14,5 @@ index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows XSS by s
- https://www.exploit-db.com/exploits/46054/
#### Github
+- https://github.com/rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting
diff --git a/2018/CVE-2018-20555.md b/2018/CVE-2018-20555.md
index f05acdf29..2e045c0ce 100644
--- a/2018/CVE-2018-20555.md
+++ b/2018/CVE-2018-20555.md
@@ -15,4 +15,5 @@ The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/fs0c131y/CVE-2018-20555
diff --git a/2018/CVE-2018-20575.md b/2018/CVE-2018-20575.md
index 399d8a85e..330fddb3b 100644
--- a/2018/CVE-2018-20575.md
+++ b/2018/CVE-2018-20575.md
@@ -13,4 +13,5 @@ Orange Livebox 00.96.320S devices have an undocumented /system_firmwarel.stm URI
- https://github.com/zadewg/LIVEBOX-0DAY
#### Github
+- https://github.com/zadewg/LIVEBOX-0DAY
diff --git a/2018/CVE-2018-20576.md b/2018/CVE-2018-20576.md
index 5069c6f95..8da9854a0 100644
--- a/2018/CVE-2018-20576.md
+++ b/2018/CVE-2018-20576.md
@@ -14,4 +14,5 @@ Orange Livebox 00.96.320S devices allow cgi-bin/autodialing.exe and cgi-bin/phon
- https://github.com/zadewg/LIVEBOX-0DAY
#### Github
+- https://github.com/zadewg/LIVEBOX-0DAY
diff --git a/2018/CVE-2018-20577.md b/2018/CVE-2018-20577.md
index bfdf06bbd..d34851d9d 100644
--- a/2018/CVE-2018-20577.md
+++ b/2018/CVE-2018-20577.md
@@ -13,4 +13,5 @@ Orange Livebox 00.96.320S devices allow cgi-bin/restore.exe, cgi-bin/firewall_SP
- https://github.com/zadewg/LIVEBOX-0DAY
#### Github
+- https://github.com/zadewg/LIVEBOX-0DAY
diff --git a/2018/CVE-2018-20580.md b/2018/CVE-2018-20580.md
index 57d4fdb04..cc4e34c6c 100644
--- a/2018/CVE-2018-20580.md
+++ b/2018/CVE-2018-20580.md
@@ -16,4 +16,5 @@ The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remot
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/gscamelo/CVE-2018-20580
diff --git a/2018/CVE-2018-20817.md b/2018/CVE-2018-20817.md
index e6329b1a5..9ceb41f9a 100644
--- a/2018/CVE-2018-20817.md
+++ b/2018/CVE-2018-20817.md
@@ -14,5 +14,6 @@ SV_SteamAuthClient in various Activision Infinity Ward Call of Duty games before
- https://github.com/momo5502/cod-exploits/tree/master/steam-auth
#### Github
+- https://github.com/RektInator/cod-steamauth-rce
- https://github.com/momo5502/cod-exploits
diff --git a/2018/CVE-2018-20969.md b/2018/CVE-2018-20969.md
index 5b86ad0dd..2e0b70f05 100644
--- a/2018/CVE-2018-20969.md
+++ b/2018/CVE-2018-20969.md
@@ -16,5 +16,6 @@ do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginnin
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/irsl/gnu-patch-vulnerabilities
- https://github.com/phonito/phonito-vulnerable-container
diff --git a/2018/CVE-2018-2380.md b/2018/CVE-2018-2380.md
index 161f5a657..acc7ddb57 100644
--- a/2018/CVE-2018-2380.md
+++ b/2018/CVE-2018-2380.md
@@ -21,5 +21,6 @@ SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insuff
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/erpscanteam/CVE-2018-2380
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2018/CVE-2018-2636.md b/2018/CVE-2018-2636.md
index fa58007b6..439c63875 100644
--- a/2018/CVE-2018-2636.md
+++ b/2018/CVE-2018-2636.md
@@ -30,6 +30,7 @@ Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality
- https://github.com/birdhan/Security_Product
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/eric-erki/awesome-honeypots
+- https://github.com/erpscanteam/CVE-2018-2636
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/investlab/Awesome-honeypots
- https://github.com/paralax/awesome-honeypots
diff --git a/2018/CVE-2018-3639.md b/2018/CVE-2018-3639.md
index 06c13bf2b..6d28c1f95 100644
--- a/2018/CVE-2018-3639.md
+++ b/2018/CVE-2018-3639.md
@@ -77,6 +77,7 @@ Systems with microprocessors utilizing speculative execution and speculative exe
- https://github.com/vintagesucks/awesome-stars
- https://github.com/vurtne/specter---meltdown--checker
- https://github.com/willyb321/willyb321-stars
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/yardenshafir/MitigationFlagsCliTool
diff --git a/2018/CVE-2018-5333.md b/2018/CVE-2018-5333.md
index ae81577c9..3ec3169bb 100644
--- a/2018/CVE-2018-5333.md
+++ b/2018/CVE-2018-5333.md
@@ -17,6 +17,7 @@ In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdm
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/bcoles/kernel-exploits
- https://github.com/bsauce/kernel-exploit-factory
diff --git a/2018/CVE-2018-5353.md b/2018/CVE-2018-5353.md
index afd5e0153..5eb7dff1d 100644
--- a/2018/CVE-2018-5353.md
+++ b/2018/CVE-2018-5353.md
@@ -16,4 +16,5 @@ The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 bui
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/missing0x00/CVE-2018-5353
diff --git a/2018/CVE-2018-5354.md b/2018/CVE-2018-5354.md
index 2199821b4..06efab86d 100644
--- a/2018/CVE-2018-5354.md
+++ b/2018/CVE-2018-5354.md
@@ -16,4 +16,5 @@ The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 al
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/missing0x00/CVE-2018-5354
diff --git a/2018/CVE-2018-5407.md b/2018/CVE-2018-5407.md
index d600eec3a..4eafb3d8a 100644
--- a/2018/CVE-2018-5407.md
+++ b/2018/CVE-2018-5407.md
@@ -20,6 +20,7 @@ Simultaneous Multi-threading (SMT) in processors can enable local users to explo
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/bbbrumley/portsmash
- https://github.com/codexlynx/hardware-attacks-state-of-the-art
- https://github.com/djschleen/ash
- https://github.com/mrodden/vyger
diff --git a/2018/CVE-2018-5782.md b/2018/CVE-2018-5782.md
index a551e8bb4..5b125b803 100644
--- a/2018/CVE-2018-5782.md
+++ b/2018/CVE-2018-5782.md
@@ -14,4 +14,5 @@ A vulnerability in the conferencing component of Mitel Connect ONSITE, versions
- https://www.exploit-db.com/exploits/46174/
#### Github
+- https://github.com/twosevenzero/shoretel-mitel-rce
diff --git a/2018/CVE-2018-5951.md b/2018/CVE-2018-5951.md
index 4b4feeef8..273d2984b 100644
--- a/2018/CVE-2018-5951.md
+++ b/2018/CVE-2018-5951.md
@@ -14,6 +14,7 @@ An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/Nat-Lab/CVE-2018-5951
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2018/CVE-2018-5968.md b/2018/CVE-2018-5968.md
index 8b338a7cd..eb75dfd8d 100644
--- a/2018/CVE-2018-5968.md
+++ b/2018/CVE-2018-5968.md
@@ -17,6 +17,7 @@ FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthe
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/FHGZS/jackson-rce-via-two-new-gadgets
+- https://github.com/LibHunter/LibHunter
- https://github.com/OneSourceCat/jackson-rce-via-two-new-gadgets
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/ilmari666/cybsec
diff --git a/2018/CVE-2018-6389.md b/2018/CVE-2018-6389.md
index 6f296a257..13083335f 100644
--- a/2018/CVE-2018-6389.md
+++ b/2018/CVE-2018-6389.md
@@ -58,6 +58,7 @@ In WordPress through 4.9.2, unauthenticated attackers can cause a denial of serv
- https://github.com/Tanvi20/Week-7-Alternative-Assignment-wp-cve
- https://github.com/TheBountyBox/Awesome-Writeups
- https://github.com/Tyro-Shan/gongkaishouji
+- https://github.com/WazeHell/CVE-2018-6389
- https://github.com/YIXINSHUWU/Penetration_Testing_POC
- https://github.com/YemiBeshe/Codepath-WP1
- https://github.com/ZTK-009/Penetration_PoC
diff --git a/2018/CVE-2018-6479.md b/2018/CVE-2018-6479.md
index 5c929d5fb..da098c3b9 100644
--- a/2018/CVE-2018-6479.md
+++ b/2018/CVE-2018-6479.md
@@ -16,5 +16,6 @@ An issue was discovered on Netwave IP Camera devices. An unauthenticated attacke
- https://github.com/0xT11/CVE-POC
- https://github.com/LeQuocKhanh2K/Tool_Camera_Exploit_Netwave_CVE-2018-6479
- https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/dreadlocked/netwave-dosvulnerability
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2018/CVE-2018-6554.md b/2018/CVE-2018-6554.md
index 0af440be5..b1a606d2f 100644
--- a/2018/CVE-2018-6554.md
+++ b/2018/CVE-2018-6554.md
@@ -26,5 +26,6 @@ Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2018/CVE-2018-6555.md b/2018/CVE-2018-6555.md
index 9717ce97a..851ee84f0 100644
--- a/2018/CVE-2018-6555.md
+++ b/2018/CVE-2018-6555.md
@@ -26,5 +26,6 @@ The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ostrichxyz7/kexps
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2018/CVE-2018-6871.md b/2018/CVE-2018-6871.md
index ac196bc28..634a862ab 100644
--- a/2018/CVE-2018-6871.md
+++ b/2018/CVE-2018-6871.md
@@ -16,6 +16,7 @@ LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read ar
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/duckstroms/Web-CTF-Cheatsheet
+- https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure
- https://github.com/lnick2023/nicenice
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/w181496/Web-CTF-Cheatsheet
diff --git a/2018/CVE-2018-6890.md b/2018/CVE-2018-6890.md
index e3e88d7fb..31db2ab07 100644
--- a/2018/CVE-2018-6890.md
+++ b/2018/CVE-2018-6890.md
@@ -16,4 +16,5 @@ Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editin
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/pradeepjairamani/WolfCMS-XSS-POC
diff --git a/2018/CVE-2018-6905.md b/2018/CVE-2018-6905.md
index 865ce73b9..95fbdd5eb 100644
--- a/2018/CVE-2018-6905.md
+++ b/2018/CVE-2018-6905.md
@@ -16,4 +16,5 @@ The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via $GLOBALS['TYPO3_C
- https://github.com/0xT11/CVE-POC
- https://github.com/dnr6419/CVE-2018-6905
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/pradeepjairamani/TYPO3-XSS-POC
diff --git a/2018/CVE-2018-7490.md b/2018/CVE-2018-7490.md
index e2ced417b..0401f25dc 100644
--- a/2018/CVE-2018-7490.md
+++ b/2018/CVE-2018-7490.md
@@ -16,6 +16,7 @@ uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-doc
- https://github.com/0ps/pocassistdb
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/CLincat/vulcat
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/H4cking2theGate/TraversalHunter
- https://github.com/SexyBeast233/SecBooks
diff --git a/2018/CVE-2018-7600.md b/2018/CVE-2018-7600.md
index cb1d57941..5d76ba23e 100644
--- a/2018/CVE-2018-7600.md
+++ b/2018/CVE-2018-7600.md
@@ -105,6 +105,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1
- https://github.com/YgorAlberto/ygoralberto.github.io
- https://github.com/Z0fhack/Goby_POC
- https://github.com/ZTK-009/RedTeamer
+- https://github.com/a2u/CVE-2018-7600
- https://github.com/alexfrancow/Exploits
- https://github.com/amitnandi04/Common-Vulnerability-Exposure-CVE-
- https://github.com/andrysec/PayloadsAllVulnerability
@@ -141,6 +142,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1
- https://github.com/fengjixuchui/RedTeamer
- https://github.com/firefart/CVE-2018-7600
- https://github.com/fyraiga/CVE-2018-7600-drupalgeddon2-scanner
+- https://github.com/g0rx/CVE-2018-7600-Drupal-RCE
- https://github.com/gameFace22/vulnmachine-walkthrough
- https://github.com/githubfoam/yara-sandbox
- https://github.com/gobysec/Goby
diff --git a/2018/CVE-2018-8036.md b/2018/CVE-2018-8036.md
index a8949767a..3bce5b2bf 100644
--- a/2018/CVE-2018-8036.md
+++ b/2018/CVE-2018-8036.md
@@ -18,6 +18,7 @@ In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or
- https://github.com/CGCL-codes/PHunter
- https://github.com/DennisFeldbusch/Fuzz
- https://github.com/GCFuzzer/SP2023
+- https://github.com/LibHunter/LibHunter
- https://github.com/hwen020/JQF
- https://github.com/jyi/JQF
- https://github.com/mfatima1/CS182
diff --git a/2018/CVE-2018-8037.md b/2018/CVE-2018-8037.md
index b6f585047..3c27b16a0 100644
--- a/2018/CVE-2018-8037.md
+++ b/2018/CVE-2018-8037.md
@@ -17,5 +17,6 @@ If an async request was completed by the application at the same time as the con
#### Github
- https://github.com/ilmari666/cybsec
- https://github.com/tomoyamachi/gocarts
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2018/CVE-2018-8060.md b/2018/CVE-2018-8060.md
index e7a2c7582..e945370b8 100644
--- a/2018/CVE-2018-8060.md
+++ b/2018/CVE-2018-8060.md
@@ -15,4 +15,5 @@ HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/otavioarj/SIOCtl
diff --git a/2018/CVE-2018-8108.md b/2018/CVE-2018-8108.md
index 690846521..d77daa1f4 100644
--- a/2018/CVE-2018-8108.md
+++ b/2018/CVE-2018-8108.md
@@ -15,4 +15,5 @@ The select component in bui through 2018-03-13 has XSS because it performs an es
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/zlgxzswjy/BUI-select-xss
diff --git a/2018/CVE-2018-8174.md b/2018/CVE-2018-8174.md
index a65407b86..a5d584410 100644
--- a/2018/CVE-2018-8174.md
+++ b/2018/CVE-2018-8174.md
@@ -44,6 +44,7 @@ A remote code execution vulnerability exists in the way that the VBScript engine
- https://github.com/InQuest/yara-rules
- https://github.com/JERRY123S/all-poc
- https://github.com/KasperskyLab/VBscriptInternals
+- https://github.com/MN439/bingduziyuan
- https://github.com/MrTcsy/Exploit
- https://github.com/Ondrik8/RED-Team
- https://github.com/Ostorlab/KEV
diff --git a/2018/CVE-2018-8781.md b/2018/CVE-2018-8781.md
index 671f600d1..d751cdece 100644
--- a/2018/CVE-2018-8781.md
+++ b/2018/CVE-2018-8781.md
@@ -25,5 +25,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2018/CVE-2018-8821.md b/2018/CVE-2018-8821.md
index c2302d048..5420b14cf 100644
--- a/2018/CVE-2018-8821.md
+++ b/2018/CVE-2018-8821.md
@@ -13,4 +13,5 @@ windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause
- https://github.com/bigric3/poc
#### Github
+- https://github.com/bigric3/poc
diff --git a/2018/CVE-2018-8941.md b/2018/CVE-2018-8941.md
index b17ac1c63..8c421122f 100644
--- a/2018/CVE-2018-8941.md
+++ b/2018/CVE-2018-8941.md
@@ -14,5 +14,6 @@ Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 ha
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/SECFORCE/CVE-2018-8941
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2018/CVE-2018-9136.md b/2018/CVE-2018-9136.md
index afd30a914..8428ed91f 100644
--- a/2018/CVE-2018-9136.md
+++ b/2018/CVE-2018-9136.md
@@ -13,4 +13,5 @@ windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause
- https://github.com/bigric3/poc2
#### Github
+- https://github.com/bigric3/poc2
diff --git a/2018/CVE-2018-9568.md b/2018/CVE-2018-9568.md
index 77aa89a2e..7a79221cb 100644
--- a/2018/CVE-2018-9568.md
+++ b/2018/CVE-2018-9568.md
@@ -26,5 +26,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-0228.md b/2019/CVE-2019-0228.md
index d45ebf355..48af31e1f 100644
--- a/2019/CVE-2019-0228.md
+++ b/2019/CVE-2019-0228.md
@@ -18,6 +18,7 @@ Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows c
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/bluesNbrews/SkillSearchEngine
- https://github.com/swilliams9671/SkillSearchEngine
diff --git a/2019/CVE-2019-0708.md b/2019/CVE-2019-0708.md
index c00aa02dc..30cf712ef 100644
--- a/2019/CVE-2019-0708.md
+++ b/2019/CVE-2019-0708.md
@@ -326,6 +326,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly
- https://github.com/password520/RedTeamer
- https://github.com/pengusec/awesome-netsec-articles
- https://github.com/pentest-a2p2v/pentest-a2p2v-core
+- https://github.com/pg001001/deception-tech
- https://github.com/phant0n/PENTESTING-BIBLE
- https://github.com/pikpikcu/Pentest-Tools-Framework
- https://github.com/pravinsrc/NOTES-windows-kernel-links
diff --git a/2019/CVE-2019-10086.md b/2019/CVE-2019-10086.md
index 44885b6a5..8cf28fbe5 100644
--- a/2019/CVE-2019-10086.md
+++ b/2019/CVE-2019-10086.md
@@ -27,6 +27,7 @@ In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added wh
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-10241.md b/2019/CVE-2019-10241.md
index 2b9cea516..b559ebcc6 100644
--- a/2019/CVE-2019-10241.md
+++ b/2019/CVE-2019-10241.md
@@ -17,4 +17,5 @@ In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and olde
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/DonnumS/inf226Inchat
+- https://github.com/LibHunter/LibHunter
diff --git a/2019/CVE-2019-10246.md b/2019/CVE-2019-10246.md
index 702a4cf4a..219e46da5 100644
--- a/2019/CVE-2019-10246.md
+++ b/2019/CVE-2019-10246.md
@@ -21,4 +21,5 @@ In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windo
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2019/CVE-2019-10247.md b/2019/CVE-2019-10247.md
index ab0954afd..3a0f0ee75 100644
--- a/2019/CVE-2019-10247.md
+++ b/2019/CVE-2019-10247.md
@@ -23,4 +23,5 @@ In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.1
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/DonnumS/inf226Inchat
+- https://github.com/LibHunter/LibHunter
diff --git a/2019/CVE-2019-10567.md b/2019/CVE-2019-10567.md
index bafac7e7e..566b7943f 100644
--- a/2019/CVE-2019-10567.md
+++ b/2019/CVE-2019-10567.md
@@ -25,5 +25,6 @@ There is a way to deceive the GPU kernel driver into thinking there is room in t
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-10655.md b/2019/CVE-2019-10655.md
index 15368a14d..772d16ee8 100644
--- a/2019/CVE-2019-10655.md
+++ b/2019/CVE-2019-10655.md
@@ -17,4 +17,5 @@ Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/scarvell/grandstream_exploits
diff --git a/2019/CVE-2019-10656.md b/2019/CVE-2019-10656.md
index abd02a0ac..5ba6c8a38 100644
--- a/2019/CVE-2019-10656.md
+++ b/2019/CVE-2019-10656.md
@@ -14,4 +14,5 @@ Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1
#### Github
+- https://github.com/scarvell/grandstream_exploits
diff --git a/2019/CVE-2019-10658.md b/2019/CVE-2019-10658.md
index 1444942ce..f64e0ac46 100644
--- a/2019/CVE-2019-10658.md
+++ b/2019/CVE-2019-10658.md
@@ -14,4 +14,5 @@ Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated users to
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1
#### Github
+- https://github.com/scarvell/grandstream_exploits
diff --git a/2019/CVE-2019-10659.md b/2019/CVE-2019-10659.md
index 3fc2aa34f..62cb2450d 100644
--- a/2019/CVE-2019-10659.md
+++ b/2019/CVE-2019-10659.md
@@ -14,4 +14,5 @@ Grandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices allow remot
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1
#### Github
+- https://github.com/scarvell/grandstream_exploits
diff --git a/2019/CVE-2019-10660.md b/2019/CVE-2019-10660.md
index 8f0ff55b0..2f86cd28e 100644
--- a/2019/CVE-2019-10660.md
+++ b/2019/CVE-2019-10660.md
@@ -14,4 +14,5 @@ Grandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenticated user
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1
#### Github
+- https://github.com/scarvell/grandstream_exploits
diff --git a/2019/CVE-2019-10662.md b/2019/CVE-2019-10662.md
index 6afb29768..d49113b61 100644
--- a/2019/CVE-2019-10662.md
+++ b/2019/CVE-2019-10662.md
@@ -14,4 +14,5 @@ Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1
#### Github
+- https://github.com/scarvell/grandstream_exploits
diff --git a/2019/CVE-2019-10936.md b/2019/CVE-2019-10936.md
index f2a101d92..142b95a3c 100644
--- a/2019/CVE-2019-10936.md
+++ b/2019/CVE-2019-10936.md
@@ -122,9 +122,7 @@
### Description
-A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SIMATIC CFU PA, SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET200AL, SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants), SIMATIC ET200pro, SIMATIC ET200S (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN BA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC PROFINET Driver, SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-400 CPU 412-2 PN V7, SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010, SIMATIC WinAC RTX F 2010, SINAMICS DCM, SINAMICS DCP, SINAMICS G110M V4.7 PN Control Unit, SINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants), SINAMICS G130 V4.7 Control Unit, SINAMICS G150 Control Unit, SINAMICS GH150 V4.7 Control Unit, SINAMICS GL150 V4.7 Control Unit, SINAMICS GM150 V4.7 Control Unit, SINAMICS S110 Control Unit, SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS S150 Control Unit, SINAMICS SL150 V4.7 Control Unit, SINAMICS SM120 V4.7 Control Unit, SINUMERIK 828D, SINUMERIK 840D sl, SIPLUS ET 200S IM151-8 PN/DP CPU, SIPLUS ET 200S IM151-8F PN/DP CPU, SIPLUS NET PN/PN Coupler, SIPLUS S7-300 CPU 314C-2 PN/DP, SIPLUS S7-300 CPU 315-2 PN/DP, SIPLUS S7-300 CPU 315F-2 PN/DP, SIPLUS S7-300 CPU 317-2 PN/DP, SIPLUS S7-300 CPU 317F-2 PN/DP, SIPLUS S7-400 CPU 414-3 PN/DP V7, SIPLUS S7-400 CPU 416-3 PN/DP V7. Affected devices improperly handle large amounts of specially crafted UDP packets.
-
-This could allow an unauthenticated remote attacker to trigger a denial of service condition.
+A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SIMATIC CFU PA, SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET200AL, SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants), SIMATIC ET200pro, SIMATIC ET200S (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN BA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels, SIMATIC PN/PN Coupler, SIMATIC PROFINET Driver, SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-400 CPU 412-2 PN V7, SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010, SIMATIC WinAC RTX F 2010, SINAMICS DCM, SINAMICS DCP, SINAMICS G110M V4.7 PN Control Unit, SINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants), SINAMICS G130 V4.7 Control Unit, SINAMICS G150 Control Unit, SINAMICS GH150 V4.7 Control Unit, SINAMICS GL150 V4.7 Control Unit, SINAMICS GM150 V4.7 Control Unit, SINAMICS S110 Control Unit, SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS S150 Control Unit, SINAMICS SL150 V4.7 Control Unit, SINAMICS SM120 V4.7 Control Unit, SINUMERIK 828D, SINUMERIK 840D sl, SIPLUS ET 200S IM151-8 PN/DP CPU, SIPLUS ET 200S IM151-8F PN/DP CPU, SIPLUS NET PN/PN Coupler, SIPLUS S7-300 CPU 314C-2 PN/DP, SIPLUS S7-300 CPU 315-2 PN/DP, SIPLUS S7-300 CPU 315F-2 PN/DP, SIPLUS S7-300 CPU 317-2 PN/DP, SIPLUS S7-300 CPU 317F-2 PN/DP, SIPLUS S7-400 CPU 414-3 PN/DP V7, SIPLUS S7-400 CPU 416-3 PN/DP V7. Affected devices improperly handle large amounts of specially crafted UDP packets.
This could allow an unauthenticated remote attacker to trigger a denial of service condition.
### POC
diff --git a/2019/CVE-2019-11076.md b/2019/CVE-2019-11076.md
index b76b7c17d..0bc28cce8 100644
--- a/2019/CVE-2019-11076.md
+++ b/2019/CVE-2019-11076.md
@@ -16,4 +16,5 @@ Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthen
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/livehybrid/poc-cribl-rce
diff --git a/2019/CVE-2019-11190.md b/2019/CVE-2019-11190.md
index b31859da8..adc270b85 100644
--- a/2019/CVE-2019-11190.md
+++ b/2019/CVE-2019-11190.md
@@ -26,5 +26,6 @@ The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-11358.md b/2019/CVE-2019-11358.md
index 7069cbc32..b9d93765c 100644
--- a/2019/CVE-2019-11358.md
+++ b/2019/CVE-2019-11358.md
@@ -150,6 +150,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
- https://github.com/6165-MSET-CuttleFish/PowerPlay
- https://github.com/6165-MSET-CuttleFish/SHS_Swerve_Offseason
- https://github.com/6369Designosars/Summer_Software_6.2
+- https://github.com/6427FTCRobotics/centerstage6427
- https://github.com/731WannabeeStrange/FTC-731-Powerplay
- https://github.com/731WannabeeStrange/centerstage-731
- https://github.com/7390jellyfish/software
@@ -1022,6 +1023,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
- https://github.com/FTCTeam21217/AutonomousWorkshop
- https://github.com/FTCTeam7610-Software/7610-Software-Version-7.1
- https://github.com/FTCTeam7610-Software/7610Software-7.1
+- https://github.com/FTCclueless/Centerstage
- https://github.com/FUTURE-FTC10366/FTCFreightFrenzy-2021-22
- https://github.com/FaltechFTC/FtcRobotController2122
- https://github.com/Feyorsh/PASC-FTC-robotCode
@@ -1234,6 +1236,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
- https://github.com/Indubitably8/Bot24Update
- https://github.com/Indubitably8/JakeBot
- https://github.com/Indubitably8/JakeBot24
+- https://github.com/Infernal-Industries/AprilTagTesting
- https://github.com/Infidge/LeagueMeetsBot
- https://github.com/InfinityTechRobotics/IT_2022_Summer_Learning
- https://github.com/Infinitybeond1/RobotCode
@@ -1429,6 +1432,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
- https://github.com/LenickTan/UltimateGoalCode
- https://github.com/LenickTan/ultgoal
- https://github.com/LeoMavri/RO109-Homosapiens
+- https://github.com/LeozinDaProgramacao/TechZeusCenterstage2023-2024
- https://github.com/LiBaoJake/ftcrobotcontrol
- https://github.com/LiamWalker01/CrowForce22-23
- https://github.com/LiamWalker01/CrowForce22-23-RobotController8.1.1
@@ -1721,6 +1725,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
- https://github.com/OverlakeRobotics/Nocturnal-2020-Ultimate-Goal
- https://github.com/OverlakeRobotics/OverlakeFTC-2023-7330
- https://github.com/OverripeBanana/9894_Robolions
+- https://github.com/Overture-7421/Hayabusa-2024
- https://github.com/Overture-7421/HayabusaRobotCode_23619
- https://github.com/Owen-Pryga/FtcRobotController_UltamateGoal
- https://github.com/Owen383/WM20
@@ -2062,6 +2067,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
- https://github.com/Skywalker934/PowerPlay
- https://github.com/Skywalker934/video-tutorial
- https://github.com/Slipperee-CODE/4625---FTC---POWERPLAY
+- https://github.com/Slipperee-CODE/4625-FTC-CenterStage
- https://github.com/Slipperee-CODE/4625-FTC-CenterStage2023-2024
- https://github.com/Slipperee-CODE/4625-FTC-Offseason
- https://github.com/Slipshodleaf74/Freight-Frenzy
@@ -2216,6 +2222,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
- https://github.com/The-Founders-Academy/2023-Test-Robot
- https://github.com/The-Founders-Academy/2024-Centerstage
- https://github.com/The-Founders-Academy/2024-Centerstage-Archived
+- https://github.com/The-Founders-Academy/shared-code
- https://github.com/The-Innovation-Story/FreightFrenzy_FTC
- https://github.com/The-Knights-of-Ni/Skystone2020
- https://github.com/The-Knights-of-Ni/UltimateGoal2021_6.2
@@ -2962,6 +2969,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
- https://github.com/frc4039/ftc2024
- https://github.com/frc5050/FTC7901-2021
- https://github.com/frc5050/FTC7902-2021
+- https://github.com/frc6606/ftc-2024
- https://github.com/frc7787/FTC-2023-Robot
- https://github.com/frc7787/FTC-Centerstage
- https://github.com/frc7787/FTC_AndroidStudio2023
diff --git a/2019/CVE-2019-11510.md b/2019/CVE-2019-11510.md
index f1226e223..eb0f89326 100644
--- a/2019/CVE-2019-11510.md
+++ b/2019/CVE-2019-11510.md
@@ -67,6 +67,7 @@ In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7
- https://github.com/dnif/content
- https://github.com/es0/CVE-2019-11510_poc
- https://github.com/fengjixuchui/RedTeamer
+- https://github.com/fierceoj/ShonyDanza
- https://github.com/gquere/PulseSecure_session_hijacking
- https://github.com/hasee2018/Penetration_Testing_POC
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-11523.md b/2019/CVE-2019-11523.md
index e88f0f7f9..b34baee75 100644
--- a/2019/CVE-2019-11523.md
+++ b/2019/CVE-2019-11523.md
@@ -16,4 +16,5 @@ Anviz Global M3 Outdoor RFID Access Control executes any command received from a
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/wizlab-it/anviz-m3-rfid-cve-2019-11523-poc
diff --git a/2019/CVE-2019-11606.md b/2019/CVE-2019-11606.md
index a816002f6..f37c82350 100644
--- a/2019/CVE-2019-11606.md
+++ b/2019/CVE-2019-11606.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/ph
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11607.md b/2019/CVE-2019-11607.md
index ebfb292c4..b806892a7 100644
--- a/2019/CVE-2019-11607.md
+++ b/2019/CVE-2019-11607.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/ph
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11608.md b/2019/CVE-2019-11608.md
index cae9f7bed..1570a2001 100644
--- a/2019/CVE-2019-11608.md
+++ b/2019/CVE-2019-11608.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/ph
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11609.md b/2019/CVE-2019-11609.md
index 2bb3572e9..b6c843a3e 100644
--- a/2019/CVE-2019-11609.md
+++ b/2019/CVE-2019-11609.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/ph
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11610.md b/2019/CVE-2019-11610.md
index 21b8602bf..ba7ec5bdf 100644
--- a/2019/CVE-2019-11610.md
+++ b/2019/CVE-2019-11610.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/ph
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11611.md b/2019/CVE-2019-11611.md
index 5b1bbd5fa..fc0af9715 100644
--- a/2019/CVE-2019-11611.md
+++ b/2019/CVE-2019-11611.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/ph
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11612.md b/2019/CVE-2019-11612.md
index 455999ec4..3d191990f 100644
--- a/2019/CVE-2019-11612.md
+++ b/2019/CVE-2019-11612.md
@@ -13,4 +13,5 @@ doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/php/delete
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11613.md b/2019/CVE-2019-11613.md
index bbc8ca92e..45c69678b 100644
--- a/2019/CVE-2019-11613.md
+++ b/2019/CVE-2019-11613.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/conta
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11614.md b/2019/CVE-2019-11614.md
index a3fd05967..fecd90b48 100644
--- a/2019/CVE-2019-11614.md
+++ b/2019/CVE-2019-11614.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/comme
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11615.md b/2019/CVE-2019-11615.md
index 602277fc8..db0cba927 100644
--- a/2019/CVE-2019-11615.md
+++ b/2019/CVE-2019-11615.md
@@ -13,4 +13,5 @@
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11616.md b/2019/CVE-2019-11616.md
index f222b4b06..4d9147aee 100644
--- a/2019/CVE-2019-11616.md
+++ b/2019/CVE-2019-11616.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a sensitive information disclosure vulnerability in /setup/temp
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11617.md b/2019/CVE-2019-11617.md
index 218e03572..1c3d46361 100644
--- a/2019/CVE-2019-11617.md
+++ b/2019/CVE-2019-11617.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/configurati
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11618.md b/2019/CVE-2019-11618.md
index 72f715a88..d6caaf558 100644
--- a/2019/CVE-2019-11618.md
+++ b/2019/CVE-2019-11618.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a default administrator credential vulnerability. A remote atta
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11619.md b/2019/CVE-2019-11619.md
index 9edb81214..5f8f31bee 100644
--- a/2019/CVE-2019-11619.md
+++ b/2019/CVE-2019-11619.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/co
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11620.md b/2019/CVE-2019-11620.md
index e5237ff07..ecaa52555 100644
--- a/2019/CVE-2019-11620.md
+++ b/2019/CVE-2019-11620.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/mo
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11621.md b/2019/CVE-2019-11621.md
index d54b12a3e..dc2eee79a 100644
--- a/2019/CVE-2019-11621.md
+++ b/2019/CVE-2019-11621.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/co
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11622.md b/2019/CVE-2019-11622.md
index 54f37b9b5..a7ef36af4 100644
--- a/2019/CVE-2019-11622.md
+++ b/2019/CVE-2019-11622.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/mo
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11623.md b/2019/CVE-2019-11623.md
index 65c6c1bbe..b7a0de8f5 100644
--- a/2019/CVE-2019-11623.md
+++ b/2019/CVE-2019-11623.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/co
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11624.md b/2019/CVE-2019-11624.md
index f3a2c5374..8759de66c 100644
--- a/2019/CVE-2019-11624.md
+++ b/2019/CVE-2019-11624.md
@@ -13,4 +13,5 @@ doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets/app/reque
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11625.md b/2019/CVE-2019-11625.md
index f63b217bf..40ce793f1 100644
--- a/2019/CVE-2019-11625.md
+++ b/2019/CVE-2019-11625.md
@@ -13,4 +13,5 @@ doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/em
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11626.md b/2019/CVE-2019-11626.md
index 0cd7f4bc5..7490e5431 100644
--- a/2019/CVE-2019-11626.md
+++ b/2019/CVE-2019-11626.md
@@ -13,4 +13,5 @@ routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vuln
- https://github.com/itodaro/doorGets_cve
#### Github
+- https://github.com/itodaro/doorGets_cve
diff --git a/2019/CVE-2019-11881.md b/2019/CVE-2019-11881.md
index 96226c5b8..340a09a02 100644
--- a/2019/CVE-2019-11881.md
+++ b/2019/CVE-2019-11881.md
@@ -15,6 +15,7 @@ A vulnerability exists in Rancher 2.1.4 in the login component, where the errorM
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/MauroEldritch/VanCleef
- https://github.com/MauroEldritch/mauroeldritch
- https://github.com/anquanscan/sec-tools
- https://github.com/developer3000S/PoC-in-GitHub
diff --git a/2019/CVE-2019-12042.md b/2019/CVE-2019-12042.md
index ea718d5a7..7f592c110 100644
--- a/2019/CVE-2019-12042.md
+++ b/2019/CVE-2019-12042.md
@@ -13,5 +13,6 @@ Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory
- https://github.com/SouhailHammou/Panda-Antivirus-LPE
#### Github
+- https://github.com/SouhailHammou/Panda-Antivirus-LPE
- https://github.com/alphaSeclab/sec-daily-2019
diff --git a/2019/CVE-2019-12086.md b/2019/CVE-2019-12086.md
index 865606694..b6f02be92 100644
--- a/2019/CVE-2019-12086.md
+++ b/2019/CVE-2019-12086.md
@@ -25,6 +25,7 @@ A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x befo
- https://github.com/Al1ex/CVE-2019-12086
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/SimoLin/CVE-2019-12086-jackson-databind-file-read
- https://github.com/SugarP1g/LearningSecurity
- https://github.com/codeplutos/CVE-2019-12086-jackson-databind-file-read
diff --git a/2019/CVE-2019-12169.md b/2019/CVE-2019-12169.md
index 90d6e5ba2..04b011472 100644
--- a/2019/CVE-2019-12169.md
+++ b/2019/CVE-2019-12169.md
@@ -20,6 +20,7 @@ ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in
- https://github.com/SexyBeast233/SecBooks
- https://github.com/anquanscan/sec-tools
- https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/fuzzlove/ATutor-2.2.4-Language-Exploit
- https://github.com/fuzzlove/ATutor-Instructor-Backup-Arbitrary-File
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-12170.md b/2019/CVE-2019-12170.md
index 8b6c20cc8..4d241c45b 100644
--- a/2019/CVE-2019-12170.md
+++ b/2019/CVE-2019-12170.md
@@ -19,5 +19,6 @@ ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/
- https://github.com/anquanscan/sec-tools
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/fuzzlove/ATutor-2.2.4-Language-Exploit
+- https://github.com/fuzzlove/ATutor-Instructor-Backup-Arbitrary-File
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-12402.md b/2019/CVE-2019-12402.md
index 514506e40..adcaf41eb 100644
--- a/2019/CVE-2019-12402.md
+++ b/2019/CVE-2019-12402.md
@@ -22,4 +22,5 @@ The file name encoding algorithm used internally in Apache Commons Compress 1.15
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2019/CVE-2019-12418.md b/2019/CVE-2019-12418.md
index 7cc2d8b7d..4bf8bfc08 100644
--- a/2019/CVE-2019-12418.md
+++ b/2019/CVE-2019-12418.md
@@ -15,5 +15,6 @@ When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is conf
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/raner/projo
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2019/CVE-2019-12476.md b/2019/CVE-2019-12476.md
index 77a675183..d9b6ceae2 100644
--- a/2019/CVE-2019-12476.md
+++ b/2019/CVE-2019-12476.md
@@ -13,6 +13,7 @@ An authentication bypass vulnerability in the password reset functionality in Zo
- https://github.com/0katz/CVE-2019-12476
#### Github
+- https://github.com/0katz/CVE-2019-12476
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
diff --git a/2019/CVE-2019-12586.md b/2019/CVE-2019-12586.md
index 1a7634bae..554d35a52 100644
--- a/2019/CVE-2019-12586.md
+++ b/2019/CVE-2019-12586.md
@@ -22,6 +22,7 @@ The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266
- https://github.com/CVEDB/top
- https://github.com/GhostTroops/TOP
- https://github.com/JERRY123S/all-poc
+- https://github.com/Matheus-Garbelini/esp32_esp8266_attacks
- https://github.com/armancs12/esp32_esp8266_attacks
- https://github.com/armancswork/esp32_esp8266_attacks
- https://github.com/armancwork/esp32_esp8266_attacks
diff --git a/2019/CVE-2019-12587.md b/2019/CVE-2019-12587.md
index 13ac6dc5e..a71e02050 100644
--- a/2019/CVE-2019-12587.md
+++ b/2019/CVE-2019-12587.md
@@ -21,6 +21,7 @@ The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266
- https://github.com/CVEDB/top
- https://github.com/GhostTroops/TOP
- https://github.com/JERRY123S/all-poc
+- https://github.com/Matheus-Garbelini/esp32_esp8266_attacks
- https://github.com/armancs12/esp32_esp8266_attacks
- https://github.com/armancswork/esp32_esp8266_attacks
- https://github.com/armancwork/esp32_esp8266_attacks
diff --git a/2019/CVE-2019-12588.md b/2019/CVE-2019-12588.md
index d7caeb221..f3c54de76 100644
--- a/2019/CVE-2019-12588.md
+++ b/2019/CVE-2019-12588.md
@@ -21,6 +21,7 @@ The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 throug
- https://github.com/CVEDB/top
- https://github.com/GhostTroops/TOP
- https://github.com/JERRY123S/all-poc
+- https://github.com/Matheus-Garbelini/esp32_esp8266_attacks
- https://github.com/armancs12/esp32_esp8266_attacks
- https://github.com/armancswork/esp32_esp8266_attacks
- https://github.com/armancwork/esp32_esp8266_attacks
diff --git a/2019/CVE-2019-12813.md b/2019/CVE-2019-12813.md
index c50932912..075279615 100644
--- a/2019/CVE-2019-12813.md
+++ b/2019/CVE-2019-12813.md
@@ -15,4 +15,5 @@ An issue was discovered in Digital Persona U.are.U 4500 Fingerprint Reader v24.
- https://www.youtube.com/watch?v=wEXJDyEOatM
#### Github
+- https://github.com/sungjungk/fp-scanner-hacking
diff --git a/2019/CVE-2019-12814.md b/2019/CVE-2019-12814.md
index 519e9c0d9..9482db470 100644
--- a/2019/CVE-2019-12814.md
+++ b/2019/CVE-2019-12814.md
@@ -21,6 +21,7 @@ A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x thro
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/BorderTech/java-common
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/SexyBeast233/SecBooks
- https://github.com/SugarP1g/LearningSecurity
- https://github.com/developer3000S/PoC-in-GitHub
diff --git a/2019/CVE-2019-12949.md b/2019/CVE-2019-12949.md
index bcba69113..5d8489dff 100644
--- a/2019/CVE-2019-12949.md
+++ b/2019/CVE-2019-12949.md
@@ -16,4 +16,5 @@ In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated ad
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/tarantula-team/CVE-2019-12949
diff --git a/2019/CVE-2019-13272.md b/2019/CVE-2019-13272.md
index 51986c9e3..a594161a7 100644
--- a/2019/CVE-2019-13272.md
+++ b/2019/CVE-2019-13272.md
@@ -45,6 +45,7 @@ In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the
- https://github.com/H0j3n/EzpzCheatSheet
- https://github.com/H1CH444MREB0RN/PenTest-free-tools
- https://github.com/HaleyWei/POC-available
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/Huandtx/CVE-2019-13272
- https://github.com/ImranTheThirdEye/AD-Pentesting-Tools
- https://github.com/JERRY123S/all-poc
diff --git a/2019/CVE-2019-13288.md b/2019/CVE-2019-13288.md
index 1ac21cb09..f2f11892e 100644
--- a/2019/CVE-2019-13288.md
+++ b/2019/CVE-2019-13288.md
@@ -18,6 +18,7 @@ No PoCs from references.
- https://github.com/Fineas/CVE-2019-13288-POC
- https://github.com/asur4s/blog
- https://github.com/asur4s/fuzzing
+- https://github.com/ch1hyun/fuzzing-class
- https://github.com/chiehw/fuzzing
- https://github.com/gleaming0/CVE-2019-13288
diff --git a/2019/CVE-2019-13603.md b/2019/CVE-2019-13603.md
index 7673c8ec9..30e6af6e2 100644
--- a/2019/CVE-2019-13603.md
+++ b/2019/CVE-2019-13603.md
@@ -15,4 +15,5 @@ An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U
- https://www.youtube.com/watch?v=wEXJDyEOatM
#### Github
+- https://github.com/sungjungk/fp-scanner-hacking
diff --git a/2019/CVE-2019-13604.md b/2019/CVE-2019-13604.md
index 73c50bac2..1390a48fe 100644
--- a/2019/CVE-2019-13604.md
+++ b/2019/CVE-2019-13604.md
@@ -15,4 +15,5 @@ There is a short key vulnerability in HID Global DigitalPersona (formerly Crossm
- https://www.youtube.com/watch?v=BwYK_xZlKi4
#### Github
+- https://github.com/sungjungk/fp-img-key-crack
diff --git a/2019/CVE-2019-13633.md b/2019/CVE-2019-13633.md
index 3310da3bd..6385b2da5 100644
--- a/2019/CVE-2019-13633.md
+++ b/2019/CVE-2019-13633.md
@@ -13,6 +13,7 @@ Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS. An attacker can sen
- https://github.com/Security-AVS/CVE-2019-13633
#### Github
+- https://github.com/Security-AVS/CVE-2019-13633
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-13636.md b/2019/CVE-2019-13636.md
index 129d9e8ee..5f2af689c 100644
--- a/2019/CVE-2019-13636.md
+++ b/2019/CVE-2019-13636.md
@@ -15,4 +15,5 @@ In GNU patch through 2.7.6, the following of symlinks is mishandled in certain c
- https://seclists.org/bugtraq/2019/Aug/29
#### Github
+- https://github.com/irsl/gnu-patch-vulnerabilities
diff --git a/2019/CVE-2019-13638.md b/2019/CVE-2019-13638.md
index 175049bee..43e6f2be4 100644
--- a/2019/CVE-2019-13638.md
+++ b/2019/CVE-2019-13638.md
@@ -15,4 +15,5 @@ GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be
- https://seclists.org/bugtraq/2019/Aug/29
#### Github
+- https://github.com/irsl/gnu-patch-vulnerabilities
diff --git a/2019/CVE-2019-14040.md b/2019/CVE-2019-14040.md
index 1509a1210..8fa471c80 100644
--- a/2019/CVE-2019-14040.md
+++ b/2019/CVE-2019-14040.md
@@ -28,5 +28,6 @@ Using memory after being freed in qsee due to wrong implementation can lead to u
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tamirzb/CVE-2019-14040
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-14041.md b/2019/CVE-2019-14041.md
index 3b87f01fe..709578ab9 100644
--- a/2019/CVE-2019-14041.md
+++ b/2019/CVE-2019-14041.md
@@ -28,5 +28,6 @@ During listener modified response processing, a buffer overrun occurs due to lac
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tamirzb/CVE-2019-14041
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-14326.md b/2019/CVE-2019-14326.md
index d2ec743aa..4fb66282c 100644
--- a/2019/CVE-2019-14326.md
+++ b/2019/CVE-2019-14326.md
@@ -18,4 +18,5 @@ An issue was discovered in AndyOS Andy versions up to 46.11.113. By default, it
- https://github.com/anquanscan/sec-tools
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/seqred-s-a/cve-2019-14326
diff --git a/2019/CVE-2019-14439.md b/2019/CVE-2019-14439.md
index c9524d603..d8b523e1d 100644
--- a/2019/CVE-2019-14439.md
+++ b/2019/CVE-2019-14439.md
@@ -19,6 +19,7 @@ A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x befo
- https://github.com/0xT11/CVE-POC
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/diakogiannis/moviebook
- https://github.com/galimba/Jackson-deserialization-PoC
diff --git a/2019/CVE-2019-14537.md b/2019/CVE-2019-14537.md
index 1e2eafc51..a3fd77174 100644
--- a/2019/CVE-2019-14537.md
+++ b/2019/CVE-2019-14537.md
@@ -14,6 +14,7 @@ YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api com
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/Wocanilo/CVE-2019-14537
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-14751.md b/2019/CVE-2019-14751.md
index 205374e5a..5cf6953cf 100644
--- a/2019/CVE-2019-14751.md
+++ b/2019/CVE-2019-14751.md
@@ -17,4 +17,5 @@ NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing at
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/mssalvatore/CVE-2019-14751_PoC
diff --git a/2019/CVE-2019-14776.md b/2019/CVE-2019-14776.md
new file mode 100644
index 000000000..246027a02
--- /dev/null
+++ b/2019/CVE-2019-14776.md
@@ -0,0 +1,17 @@
+### [CVE-2019-14776](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776)
+
+
+
+
+### Description
+
+A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ch1hyun/fuzzing-class
+
diff --git a/2019/CVE-2019-14892.md b/2019/CVE-2019-14892.md
index 0bae2992a..772754f8f 100644
--- a/2019/CVE-2019-14892.md
+++ b/2019/CVE-2019-14892.md
@@ -17,6 +17,7 @@ A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 an
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/Live-Hack-CVE/CVE-2019-14892
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
diff --git a/2019/CVE-2019-14893.md b/2019/CVE-2019-14893.md
index faf9e745f..e848940f3 100644
--- a/2019/CVE-2019-14893.md
+++ b/2019/CVE-2019-14893.md
@@ -18,6 +18,7 @@ A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.1
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/seal-community/patches
diff --git a/2019/CVE-2019-15053.md b/2019/CVE-2019-15053.md
index 118a9857b..e0eab3757 100644
--- a/2019/CVE-2019-15053.md
+++ b/2019/CVE-2019-15053.md
@@ -16,4 +16,5 @@ The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server a
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/l0nax/CVE-2019-15053
diff --git a/2019/CVE-2019-15120.md b/2019/CVE-2019-15120.md
index 67b9e6fca..88d0ed11d 100644
--- a/2019/CVE-2019-15120.md
+++ b/2019/CVE-2019-15120.md
@@ -15,5 +15,6 @@ The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode.
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/h3llraiser/CVE-2019-15120
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-15233.md b/2019/CVE-2019-15233.md
index 8d72f3a1f..3bbfa86af 100644
--- a/2019/CVE-2019-15233.md
+++ b/2019/CVE-2019-15233.md
@@ -16,4 +16,5 @@ The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/l0nax/CVE-2019-15233
diff --git a/2019/CVE-2019-15666.md b/2019/CVE-2019-15666.md
index 88dff043b..91dd88dba 100644
--- a/2019/CVE-2019-15666.md
+++ b/2019/CVE-2019-15666.md
@@ -16,6 +16,7 @@ An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bo
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
- https://github.com/DrewSC13/Linpeas
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/bsauce/kernel-exploit-factory
- https://github.com/bsauce/kernel-security-learning
diff --git a/2019/CVE-2019-15949.md b/2019/CVE-2019-15949.md
index b8c86c36c..6993ce439 100644
--- a/2019/CVE-2019-15949.md
+++ b/2019/CVE-2019-15949.md
@@ -22,6 +22,7 @@ Nagios XI before 5.6.6 allows remote command execution as root. The exploit requ
- https://github.com/catsecorg/CatSec-TryHackMe-WriteUps
- https://github.com/dvanmosselbeen/TryHackMe_writeups
- https://github.com/hadrian3689/nagiosxi_5.6.6
+- https://github.com/jakgibb/nagiosxi-root-rce-exploit
- https://github.com/sunylife24/TryHackMe2
- https://github.com/testermas/tryhackme
diff --git a/2019/CVE-2019-16098.md b/2019/CVE-2019-16098.md
index 4037df2b2..8f7f27ac3 100644
--- a/2019/CVE-2019-16098.md
+++ b/2019/CVE-2019-16098.md
@@ -17,7 +17,11 @@ The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCor
- https://github.com/0xT11/CVE-POC
- https://github.com/474172261/KDU
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Barakat/CVE-2019-16098
+- https://github.com/CVEDB/awesome-cve-repo
+- https://github.com/CVEDB/top
- https://github.com/ExpLife0011/awesome-windows-kernel-security-development
+- https://github.com/GhostTroops/TOP
- https://github.com/JustaT3ch/Kernel-Snooping
- https://github.com/Ondrik8/exploit
- https://github.com/developer3000S/PoC-in-GitHub
diff --git a/2019/CVE-2019-16508.md b/2019/CVE-2019-16508.md
index 781e38531..c225298a9 100644
--- a/2019/CVE-2019-16508.md
+++ b/2019/CVE-2019-16508.md
@@ -24,5 +24,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-16869.md b/2019/CVE-2019-16869.md
index 78c773651..e38425df3 100644
--- a/2019/CVE-2019-16869.md
+++ b/2019/CVE-2019-16869.md
@@ -16,5 +16,6 @@ No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/cezapata/appconfiguration-sample
diff --git a/2019/CVE-2019-16941.md b/2019/CVE-2019-16941.md
index af50cff8b..bae91d2dd 100644
--- a/2019/CVE-2019-16941.md
+++ b/2019/CVE-2019-16941.md
@@ -17,4 +17,5 @@ NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary co
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/geeksniper/reverse-engineering-toolkit
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/purpleracc00n/CVE-2019-16941
diff --git a/2019/CVE-2019-17124.md b/2019/CVE-2019-17124.md
index 9568db07f..e0c15d6be 100644
--- a/2019/CVE-2019-17124.md
+++ b/2019/CVE-2019-17124.md
@@ -17,4 +17,5 @@ Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/hessandrew/CVE-2019-17124
diff --git a/2019/CVE-2019-17267.md b/2019/CVE-2019-17267.md
index cbd6f4031..f7a65fe87 100644
--- a/2019/CVE-2019-17267.md
+++ b/2019/CVE-2019-17267.md
@@ -18,6 +18,7 @@ A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/ilmari666/cybsec
- https://github.com/seal-community/patches
diff --git a/2019/CVE-2019-17359.md b/2019/CVE-2019-17359.md
index ff20f775c..16c1cdb12 100644
--- a/2019/CVE-2019-17359.md
+++ b/2019/CVE-2019-17359.md
@@ -21,6 +21,7 @@ The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large
- https://github.com/CGCL-codes/PHunter
- https://github.com/DennisFeldbusch/Fuzz
- https://github.com/GCFuzzer/SP2023
+- https://github.com/LibHunter/LibHunter
- https://github.com/hwen020/JQF
- https://github.com/mfatima1/CS182
- https://github.com/moudemans/GFuzz
diff --git a/2019/CVE-2019-17427.md b/2019/CVE-2019-17427.md
index b50c4e6b0..5cf10a296 100644
--- a/2019/CVE-2019-17427.md
+++ b/2019/CVE-2019-17427.md
@@ -14,6 +14,7 @@ In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to te
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/RealLinkers/CVE-2019-17427
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-17563.md b/2019/CVE-2019-17563.md
index 1e0cb3bc7..a44ff3c34 100644
--- a/2019/CVE-2019-17563.md
+++ b/2019/CVE-2019-17563.md
@@ -18,5 +18,6 @@ When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8
- https://github.com/Live-Hack-CVE/CVE-2019-17563
- https://github.com/raner/projo
- https://github.com/rootameen/vulpine
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2019/CVE-2019-17632.md b/2019/CVE-2019-17632.md
index 8957fe81b..0ec79bccd 100644
--- a/2019/CVE-2019-17632.md
+++ b/2019/CVE-2019-17632.md
@@ -16,4 +16,5 @@ In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v201911
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
diff --git a/2019/CVE-2019-18675.md b/2019/CVE-2019-18675.md
index 73ae97032..1bb38aa40 100644
--- a/2019/CVE-2019-18675.md
+++ b/2019/CVE-2019-18675.md
@@ -26,5 +26,6 @@ The Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-18683.md b/2019/CVE-2019-18683.md
index e1fdc3dfa..278c680ca 100644
--- a/2019/CVE-2019-18683.md
+++ b/2019/CVE-2019-18683.md
@@ -37,6 +37,7 @@ An issue was discovered in drivers/media/platform/vivid in the Linux kernel thro
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/sanjana123-cloud/CVE-2019-18683
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2019/CVE-2019-18885.md b/2019/CVE-2019-18885.md
index 8fa79af43..2d8c051d1 100644
--- a/2019/CVE-2019-18885.md
+++ b/2019/CVE-2019-18885.md
@@ -17,6 +17,7 @@ fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_exte
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/bobfuzzer/CVE-2019-18885
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-18890.md b/2019/CVE-2019-18890.md
index 09a1449b6..38ab706aa 100644
--- a/2019/CVE-2019-18890.md
+++ b/2019/CVE-2019-18890.md
@@ -15,6 +15,7 @@ A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 a
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/RealLinkers/CVE-2019-17427
+- https://github.com/RealLinkers/CVE-2019-18890
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-18935.md b/2019/CVE-2019-18935.md
index ff98f5dc6..ff227ca45 100644
--- a/2019/CVE-2019-18935.md
+++ b/2019/CVE-2019-18935.md
@@ -73,6 +73,7 @@ Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deseria
- https://github.com/merlinepedra25/Pentest-Tools-1
- https://github.com/murataydemir/CVE-2019-18935
- https://github.com/nitishbadole/Pentest_Tools
+- https://github.com/noperator/CVE-2019-18935
- https://github.com/pathakabhi24/Pentest-Tools
- https://github.com/pjgmonteiro/Pentest-tools
- https://github.com/qazbnm456/awesome-cve-poc
diff --git a/2019/CVE-2019-19012.md b/2019/CVE-2019-19012.md
index d99e6e880..66e77c763 100644
--- a/2019/CVE-2019-19012.md
+++ b/2019/CVE-2019-19012.md
@@ -24,5 +24,6 @@ An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/kkos/oniguruma
- https://github.com/onivim/esy-oniguruma
+- https://github.com/tarantula-team/CVE-2019-19012
- https://github.com/winlibs/oniguruma
diff --git a/2019/CVE-2019-19203.md b/2019/CVE-2019-19203.md
index d9193ea0c..f6ec87a0e 100644
--- a/2019/CVE-2019-19203.md
+++ b/2019/CVE-2019-19203.md
@@ -17,6 +17,7 @@ An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb180
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ManhNDd/CVE-2019-19203
- https://github.com/balabit-deps/balabit-os-8-libonig
- https://github.com/balabit-deps/balabit-os-9-libonig
- https://github.com/deepin-community/libonig
@@ -24,5 +25,6 @@ An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb180
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/kkos/oniguruma
- https://github.com/onivim/esy-oniguruma
+- https://github.com/tarantula-team/CVE-2019-19203
- https://github.com/winlibs/oniguruma
diff --git a/2019/CVE-2019-19204.md b/2019/CVE-2019-19204.md
index 7317dce31..212b7b9a5 100644
--- a/2019/CVE-2019-19204.md
+++ b/2019/CVE-2019-19204.md
@@ -17,6 +17,7 @@ An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ManhNDd/CVE-2019-19204
- https://github.com/balabit-deps/balabit-os-8-libonig
- https://github.com/balabit-deps/balabit-os-9-libonig
- https://github.com/deepin-community/libonig
@@ -24,5 +25,6 @@ An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/kkos/oniguruma
- https://github.com/onivim/esy-oniguruma
+- https://github.com/tarantula-team/CVE-2019-19204
- https://github.com/winlibs/oniguruma
diff --git a/2019/CVE-2019-19315.md b/2019/CVE-2019-19315.md
index 28d08e337..40f3f2698 100644
--- a/2019/CVE-2019-19315.md
+++ b/2019/CVE-2019-19315.md
@@ -16,4 +16,5 @@ NLSSRV32.EXE in Nalpeiron Licensing Service 7.3.4.0, as used with Nitro PDF and
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/monoxgas/mailorder
diff --git a/2019/CVE-2019-19377.md b/2019/CVE-2019-19377.md
index f044e314d..13397c89e 100644
--- a/2019/CVE-2019-19377.md
+++ b/2019/CVE-2019-19377.md
@@ -25,5 +25,6 @@ In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performin
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-19393.md b/2019/CVE-2019-19393.md
index ac356333c..759799f4e 100644
--- a/2019/CVE-2019-19393.md
+++ b/2019/CVE-2019-19393.md
@@ -16,4 +16,5 @@ The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/miguelhamal/CVE-2019-19393
diff --git a/2019/CVE-2019-19469.md b/2019/CVE-2019-19469.md
index f255529cd..3ecef3862 100644
--- a/2019/CVE-2019-19469.md
+++ b/2019/CVE-2019-19469.md
@@ -13,4 +13,5 @@ In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Ap
- https://github.com/robertchrk/zmanda_exploit
#### Github
+- https://github.com/robertchrk/zmanda_exploit
diff --git a/2019/CVE-2019-19576.md b/2019/CVE-2019-19576.md
index 09ae08844..cafdca00b 100644
--- a/2019/CVE-2019-19576.md
+++ b/2019/CVE-2019-19576.md
@@ -19,5 +19,6 @@ class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/jra89/CVE-2019-19576
- https://github.com/jra89/CVE-2019-19634
diff --git a/2019/CVE-2019-19634.md b/2019/CVE-2019-19634.md
index 2ce7541ae..cb9b83188 100644
--- a/2019/CVE-2019-19634.md
+++ b/2019/CVE-2019-19634.md
@@ -28,6 +28,7 @@ class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4,
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/huike007/penetration_poc
- https://github.com/huike007/poc
+- https://github.com/jra89/CVE-2019-19634
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/password520/Penetration_PoC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
diff --git a/2019/CVE-2019-19699.md b/2019/CVE-2019-19699.md
index 046d265a2..a38374888 100644
--- a/2019/CVE-2019-19699.md
+++ b/2019/CVE-2019-19699.md
@@ -14,6 +14,7 @@ There is Authenticated remote code execution in Centreon Infrastructure Monitori
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/SpengeSec/CVE-2019-19699
- https://github.com/SpengeSec/Centreon-Vulnerable-Images
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-19781.md b/2019/CVE-2019-19781.md
index d10922a81..b057f1200 100644
--- a/2019/CVE-2019-19781.md
+++ b/2019/CVE-2019-19781.md
@@ -120,6 +120,7 @@ An issue was discovered in Citrix Application Delivery Controller (ADC) and Gate
- https://github.com/faisal6me/DFIR-Note
- https://github.com/fcp999/centos
- https://github.com/fengjixuchui/RedTeamer
+- https://github.com/fierceoj/ShonyDanza
- https://github.com/gobysec/Goby
- https://github.com/hack-parthsharma/Pentest-Tools
- https://github.com/hackingyseguridad/nmap
diff --git a/2019/CVE-2019-19889.md b/2019/CVE-2019-19889.md
index 807383bf1..4fd9e148a 100644
--- a/2019/CVE-2019-19889.md
+++ b/2019/CVE-2019-19889.md
@@ -13,5 +13,6 @@ An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 d
- https://github.com/V1n1v131r4/HGB10R-2
#### Github
+- https://github.com/V1n1v131r4/HGB10R-2
- https://github.com/V1n1v131r4/My-CVEs
diff --git a/2019/CVE-2019-19890.md b/2019/CVE-2019-19890.md
index 6e8087641..e0e68f361 100644
--- a/2019/CVE-2019-19890.md
+++ b/2019/CVE-2019-19890.md
@@ -13,5 +13,6 @@ An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 d
- https://github.com/V1n1v131r4/HGB10R-2
#### Github
+- https://github.com/V1n1v131r4/HGB10R-2
- https://github.com/V1n1v131r4/My-CVEs
diff --git a/2019/CVE-2019-19967.md b/2019/CVE-2019-19967.md
index e6f491eb1..49976a37d 100644
--- a/2019/CVE-2019-19967.md
+++ b/2019/CVE-2019-19967.md
@@ -13,4 +13,5 @@ The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCI
- https://github.com/filipi86/ConnectBoxDOCSIS-3.0
#### Github
+- https://github.com/filipi86/ConnectBoxDOCSIS-3.0
diff --git a/2019/CVE-2019-2000.md b/2019/CVE-2019-2000.md
index d8111e776..7adb4d723 100644
--- a/2019/CVE-2019-2000.md
+++ b/2019/CVE-2019-2000.md
@@ -24,5 +24,6 @@ In several functions of binder.c, there is possible memory corruption due to a u
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-2025.md b/2019/CVE-2019-2025.md
index 892c3d236..cdf69aa28 100644
--- a/2019/CVE-2019-2025.md
+++ b/2019/CVE-2019-2025.md
@@ -26,5 +26,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-20326.md b/2019/CVE-2019-20326.md
index 03a85b733..75582354f 100644
--- a/2019/CVE-2019-20326.md
+++ b/2019/CVE-2019-20326.md
@@ -15,6 +15,7 @@ A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in exten
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Fysac/CVE-2019-20326
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2019/CVE-2019-20444.md b/2019/CVE-2019-20444.md
index 122a08dc2..e0e645dde 100644
--- a/2019/CVE-2019-20444.md
+++ b/2019/CVE-2019-20444.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/cezapata/appconfiguration-sample
- https://github.com/yahoo/cubed
diff --git a/2019/CVE-2019-20502.md b/2019/CVE-2019-20502.md
index 729f68f1b..1837a4ded 100644
--- a/2019/CVE-2019-20502.md
+++ b/2019/CVE-2019-20502.md
@@ -13,4 +13,5 @@ An issue was discovered in EFS Easy Chat Server 3.1. There is a buffer overflow
- https://github.com/s1kr10s/EasyChatServer-DOS
#### Github
+- https://github.com/s1kr10s/EasyChatServer-DOS
diff --git a/2019/CVE-2019-2107.md b/2019/CVE-2019-2107.md
index 8e7c3ff13..eb201c513 100644
--- a/2019/CVE-2019-2107.md
+++ b/2019/CVE-2019-2107.md
@@ -20,6 +20,7 @@ In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CnHack3r/Penetration_PoC
+- https://github.com/CrackerCat/CVE-2019-2107
- https://github.com/EchoGin404/-
- https://github.com/EchoGin404/gongkaishouji
- https://github.com/GhostTroops/TOP
diff --git a/2019/CVE-2019-2181.md b/2019/CVE-2019-2181.md
index 917167351..bf826c223 100644
--- a/2019/CVE-2019-2181.md
+++ b/2019/CVE-2019-2181.md
@@ -25,5 +25,6 @@ In binder_transaction of binder.c in the Android kernel, there is a possible out
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-2214.md b/2019/CVE-2019-2214.md
index c6c8c56e5..aaec58a7e 100644
--- a/2019/CVE-2019-2214.md
+++ b/2019/CVE-2019-2214.md
@@ -24,5 +24,6 @@ In binder_transaction of binder.c, there is a possible out of bounds write due t
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-2215.md b/2019/CVE-2019-2215.md
index 99b1d61e0..81fcf0435 100644
--- a/2019/CVE-2019-2215.md
+++ b/2019/CVE-2019-2215.md
@@ -17,6 +17,7 @@ A use-after-free in binder.c allows an elevation of privilege from an applicatio
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ATorNinja/CVE-2019-2215
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/Byte-Master-101/CVE-2019-2215
- https://github.com/CrackerCat/Rootsmart-v2.0
@@ -81,6 +82,7 @@ A use-after-free in binder.c allows an elevation of privilege from an applicatio
- https://github.com/timwr/CVE-2019-2215
- https://github.com/wateroot/poc-exp
- https://github.com/willboka/CVE-2019-2215-HuaweiP20Lite
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/wrlu/Vulnerabilities
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/yud121212/Linux_Privilege_Escalation
diff --git a/2019/CVE-2019-25137.md b/2019/CVE-2019-25137.md
index 8ee747f56..657af067c 100644
--- a/2019/CVE-2019-25137.md
+++ b/2019/CVE-2019-25137.md
@@ -16,4 +16,5 @@ Umbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by
- https://www.exploit-db.com/exploits/46153
#### Github
+- https://github.com/Ickarah/CVE-2019-25137-Version-Research
diff --git a/2019/CVE-2019-25156.md b/2019/CVE-2019-25156.md
new file mode 100644
index 000000000..7166b3d87
--- /dev/null
+++ b/2019/CVE-2019-25156.md
@@ -0,0 +1,17 @@
+### [CVE-2019-25156](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25156)
+
+
+
+
+### Description
+
+A vulnerability classified as problematic was found in dstar2018 Agency up to 61. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument QSType/QuickSearch leads to cross site scripting. The attack can be launched remotely. The patch is named 975b56953efabb434519d9feefcc53685fb8d0ab. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-244495.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.244495
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2019/CVE-2019-2618.md b/2019/CVE-2019-2618.md
index 6642cb349..c6d13362b 100644
--- a/2019/CVE-2019-2618.md
+++ b/2019/CVE-2019-2618.md
@@ -46,6 +46,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/pyn3rd/CVE-2019-2618
- https://github.com/qazbnm456/awesome-cve-poc
+- https://github.com/qtgavc/list
- https://github.com/r0eXpeR/redteam_vul
- https://github.com/reph0r/poc-exp
- https://github.com/reph0r/poc-exp-tools
diff --git a/2019/CVE-2019-2684.md b/2019/CVE-2019-2684.md
index 1ae3d8ce6..221fac118 100644
--- a/2019/CVE-2019-2684.md
+++ b/2019/CVE-2019-2684.md
@@ -20,4 +20,5 @@ Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subc
- https://github.com/Live-Hack-CVE/CVE-2020-13946
- https://github.com/psifertex/ctf-vs-the-real-world
- https://github.com/qtc-de/remote-method-guesser
+- https://github.com/versio-io/product-lifecycle-security-api
diff --git a/2019/CVE-2019-2729.md b/2019/CVE-2019-2729.md
index 3f0a3362f..16505af29 100644
--- a/2019/CVE-2019-2729.md
+++ b/2019/CVE-2019-2729.md
@@ -71,6 +71,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar
- https://github.com/pwnagelabs/VEF
- https://github.com/qi4L/WeblogicScan.go
- https://github.com/qianxiao996/FrameScan
+- https://github.com/qtgavc/list
- https://github.com/rabbitmask/WeblogicScan
- https://github.com/rabbitmask/WeblogicScanLot
- https://github.com/rockmelodies/rocComExpRce
diff --git a/2019/CVE-2019-5736.md b/2019/CVE-2019-5736.md
index 4c8ef00d7..d3fd782ce 100644
--- a/2019/CVE-2019-5736.md
+++ b/2019/CVE-2019-5736.md
@@ -42,6 +42,7 @@ runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allow
- https://github.com/ChristineEdgarse/Secrets6
- https://github.com/DataDog/dirtypipe-container-breakout-poc
- https://github.com/EvilAnne/2019-Read-article
+- https://github.com/Frichetten/CVE-2019-5736-PoC
- https://github.com/GhostTroops/TOP
- https://github.com/GiverOfGifts/CVE-2019-5736-Custom-Runtime
- https://github.com/H3xL00m/CVE-2019-5736
@@ -152,7 +153,9 @@ runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allow
- https://github.com/phxvlabsio/core-nexus
- https://github.com/psifertex/ctf-vs-the-real-world
- https://github.com/pyperanger/dockerevil
+- https://github.com/q3k/cve-2019-5736-poc
- https://github.com/qazbnm456/awesome-cve-poc
+- https://github.com/rancher/runc-cve
- https://github.com/readloud/Awesome-Stars
- https://github.com/reni2study/Cloud-Native-Security2
- https://github.com/revanmalang/OSCP
diff --git a/2019/CVE-2019-5847.md b/2019/CVE-2019-5847.md
index 2bd626590..fa7f0988d 100644
--- a/2019/CVE-2019-5847.md
+++ b/2019/CVE-2019-5847.md
@@ -14,6 +14,7 @@ No PoCs from references.
#### Github
- https://github.com/RUB-SysSec/JIT-Picker
+- https://github.com/ch1hyun/fuzzing-class
- https://github.com/googleprojectzero/fuzzilli
- https://github.com/zhangjiahui-buaa/MasterThesis
diff --git a/2019/CVE-2019-5893.md b/2019/CVE-2019-5893.md
index 7eb943ed0..6d67fda29 100644
--- a/2019/CVE-2019-5893.md
+++ b/2019/CVE-2019-5893.md
@@ -15,5 +15,6 @@ Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.x
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/EmreOvunc/OpenSource-ERP-SQL-Injection
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2019/CVE-2019-5997.md b/2019/CVE-2019-5997.md
index cc1c7be35..febc29f7e 100644
--- a/2019/CVE-2019-5997.md
+++ b/2019/CVE-2019-5997.md
@@ -5,7 +5,7 @@
### Description
-Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vectors.
+Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vectors.
### POC
diff --git a/2019/CVE-2019-6340.md b/2019/CVE-2019-6340.md
index 861796e15..78c517985 100644
--- a/2019/CVE-2019-6340.md
+++ b/2019/CVE-2019-6340.md
@@ -72,6 +72,7 @@ Some field types do not properly sanitize data from non-form sources in Drupal 8
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/opflep/Drupalgeddon-Toolkit
- https://github.com/oways/CVE-2019-6340
+- https://github.com/pg001001/deception-tech
- https://github.com/pinkieli/GitHub-Chinese-Top-Charts
- https://github.com/qingyuanfeiniao/Chinese-Top-Charts
- https://github.com/resistezauxhackeurs/outils_audit_cms
diff --git a/2019/CVE-2019-6447.md b/2019/CVE-2019-6447.md
index f1ee12382..67a1c1747 100644
--- a/2019/CVE-2019-6447.md
+++ b/2019/CVE-2019-6447.md
@@ -41,6 +41,7 @@ The ES File Explorer File Manager application through 4.1.9.7.4 for Android allo
- https://github.com/e-hakson/OSCP
- https://github.com/eljosep/OSCP-Guide
- https://github.com/febinrev/CVE-2019-6447-ESfile-explorer-exploit
+- https://github.com/fs0c131y/ESFileExplorerOpenPortVuln
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/julio-cfa/POC-ES-File-Explorer-CVE-2019-6447
- https://github.com/k4u5h41/CVE-2019-6447
diff --git a/2019/CVE-2019-6453.md b/2019/CVE-2019-6453.md
index 882ffff92..394d3b03b 100644
--- a/2019/CVE-2019-6453.md
+++ b/2019/CVE-2019-6453.md
@@ -24,4 +24,5 @@ mIRC before 7.55 allows remote command execution by using argument injection thr
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/proofofcalc/cve-2019-6453-poc
diff --git a/2019/CVE-2019-6973.md b/2019/CVE-2019-6973.md
index 7963331e6..d7481ab05 100644
--- a/2019/CVE-2019-6973.md
+++ b/2019/CVE-2019-6973.md
@@ -16,4 +16,5 @@ Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomple
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/bitfu/sricam-gsoap2.8-dos-exploit
diff --git a/2019/CVE-2019-7308.md b/2019/CVE-2019-7308.md
index 6ffd13c3a..0c4f3975d 100644
--- a/2019/CVE-2019-7308.md
+++ b/2019/CVE-2019-7308.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2019/CVE-2019-9213.md b/2019/CVE-2019-9213.md
index 11bcf17f0..780c154cc 100644
--- a/2019/CVE-2019-9213.md
+++ b/2019/CVE-2019-9213.md
@@ -33,6 +33,7 @@ In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check
- https://github.com/shizhongpwn/Skr_StudyEveryday
- https://github.com/soh0ro0t/HappyHackingOnLinux
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2019/CVE-2019-9500.md b/2019/CVE-2019-9500.md
index 3364aaf34..675c66ed5 100644
--- a/2019/CVE-2019-9500.md
+++ b/2019/CVE-2019-9500.md
@@ -30,6 +30,7 @@ The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2019/CVE-2019-9503.md b/2019/CVE-2019-9503.md
index 808ef7948..99b1a8ba3 100644
--- a/2019/CVE-2019-9503.md
+++ b/2019/CVE-2019-9503.md
@@ -31,6 +31,7 @@ The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d0403
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
diff --git a/2019/CVE-2019-9511.md b/2019/CVE-2019-9511.md
index 3c204d368..35c69d1dc 100644
--- a/2019/CVE-2019-9511.md
+++ b/2019/CVE-2019-9511.md
@@ -11,6 +11,7 @@ Some HTTP/2 implementations are vulnerable to window size manipulation and strea
#### Reference
- https://kb.cert.org/vuls/id/605641/
+- https://usn.ubuntu.com/4099-1/
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
diff --git a/2019/CVE-2019-9513.md b/2019/CVE-2019-9513.md
index c58a58a78..7b44f59b2 100644
--- a/2019/CVE-2019-9513.md
+++ b/2019/CVE-2019-9513.md
@@ -11,6 +11,7 @@ Some HTTP/2 implementations are vulnerable to resource loops, potentially leadin
#### Reference
- https://kb.cert.org/vuls/id/605641/
+- https://usn.ubuntu.com/4099-1/
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
diff --git a/2019/CVE-2019-9516.md b/2019/CVE-2019-9516.md
index 18b04647a..cadff082e 100644
--- a/2019/CVE-2019-9516.md
+++ b/2019/CVE-2019-9516.md
@@ -11,6 +11,7 @@ Some HTTP/2 implementations are vulnerable to a header leak, potentially leading
#### Reference
- https://kb.cert.org/vuls/id/605641/
+- https://usn.ubuntu.com/4099-1/
#### Github
- https://github.com/ARPSyndicate/cvemon
diff --git a/2020/CVE-2020-0022.md b/2020/CVE-2020-0022.md
index 81ad62c7e..592fc6bba 100644
--- a/2020/CVE-2020-0022.md
+++ b/2020/CVE-2020-0022.md
@@ -16,6 +16,7 @@ In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bou
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/2lambda123/CVE-mitre
+- https://github.com/362902755/CVE-2020-0023
- https://github.com/5k1l/cve-2020-0022
- https://github.com/ARPSyndicate/cvemon
- https://github.com/JeffroMF/awesome-bluetooth-security321
diff --git a/2020/CVE-2020-0023.md b/2020/CVE-2020-0023.md
new file mode 100644
index 000000000..6c3f78605
--- /dev/null
+++ b/2020/CVE-2020-0023.md
@@ -0,0 +1,17 @@
+### [CVE-2020-0023](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0023)
+
+
+
+
+### Description
+
+In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. This could lead to local information disclosure if a malicious app enables contacts over a bluetooth connection, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145130871
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/362902755/CVE-2020-0023
+
diff --git a/2020/CVE-2020-0041.md b/2020/CVE-2020-0041.md
index fd46d5256..8b25ad715 100644
--- a/2020/CVE-2020-0041.md
+++ b/2020/CVE-2020-0041.md
@@ -13,6 +13,7 @@ In binder_transaction of binder.c, there is a possible out of bounds write due t
No PoCs from references.
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/0xT11/CVE-POC
- https://github.com/0xZipp0/BIBLE
- https://github.com/ARPSyndicate/cvemon
@@ -76,6 +77,7 @@ No PoCs from references.
- https://github.com/trhacknon/Pocingit
- https://github.com/vaginessa/CVE-2020-0041-Pixel-3a
- https://github.com/weeka10/-hktalent-TOP
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References
- https://github.com/yusufazizmustofa/BIBLE
diff --git a/2020/CVE-2020-0423.md b/2020/CVE-2020-0423.md
index 9eb5acf6c..131c9c357 100644
--- a/2020/CVE-2020-0423.md
+++ b/2020/CVE-2020-0423.md
@@ -29,5 +29,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/sparrow-labz/CVE-2020-0423
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-10135.md b/2020/CVE-2020-10135.md
index db9438e61..af02aa5c5 100644
--- a/2020/CVE-2020-10135.md
+++ b/2020/CVE-2020-10135.md
@@ -24,6 +24,7 @@ Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/engn33r/awesome-bluetooth-security
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/m4rm0k/CVE-2020-10135-BIAS
- https://github.com/marcinguy/CVE-2020-10135-BIAS
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/sgxgsx/BlueToolkit
diff --git a/2020/CVE-2020-10136.md b/2020/CVE-2020-10136.md
index f959518ef..e4a38ab6b 100644
--- a/2020/CVE-2020-10136.md
+++ b/2020/CVE-2020-10136.md
@@ -1,11 +1,11 @@
### [CVE-2020-10136](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10136)
-
-
+
+
### Description
-Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface and lead to spoofing, access control bypass, and other unexpected network behaviors.
+IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
### POC
diff --git a/2020/CVE-2020-10137.md b/2020/CVE-2020-10137.md
index 681837f6e..b041969cd 100644
--- a/2020/CVE-2020-10137.md
+++ b/2020/CVE-2020-10137.md
@@ -13,4 +13,5 @@ Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequat
- https://github.com/CNK2100/VFuzz-public
#### Github
+- https://github.com/CNK2100/VFuzz-public
diff --git a/2020/CVE-2020-10234.md b/2020/CVE-2020-10234.md
index b6c346bd8..1e7efc624 100644
--- a/2020/CVE-2020-10234.md
+++ b/2020/CVE-2020-10234.md
@@ -15,4 +15,5 @@ The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows
#### Github
- https://github.com/Arryboom/Kernel-exploits
+- https://github.com/FULLSHADE/Kernel-exploits
diff --git a/2020/CVE-2020-10560.md b/2020/CVE-2020-10560.md
index 257406b65..046481420 100644
--- a/2020/CVE-2020-10560.md
+++ b/2020/CVE-2020-10560.md
@@ -15,6 +15,7 @@ An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/LucidUnicorn/CVE-2020-10560-Key-Recovery
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/jandersoncampelo/InfosecBookmarks
diff --git a/2020/CVE-2020-10665.md b/2020/CVE-2020-10665.md
index f8af0283b..c47a305a7 100644
--- a/2020/CVE-2020-10665.md
+++ b/2020/CVE-2020-10665.md
@@ -21,4 +21,5 @@ Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
+- https://github.com/spaceraccoon/CVE-2020-10665
diff --git a/2020/CVE-2020-10683.md b/2020/CVE-2020-10683.md
index 86d5cc2e8..07e1189d6 100644
--- a/2020/CVE-2020-10683.md
+++ b/2020/CVE-2020-10683.md
@@ -23,5 +23,6 @@ dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Enti
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/OWASP/www-project-ide-vulscanner
diff --git a/2020/CVE-2020-11108.md b/2020/CVE-2020-11108.md
index c22873aa8..a1a5589e9 100644
--- a/2020/CVE-2020-11108.md
+++ b/2020/CVE-2020-11108.md
@@ -20,6 +20,7 @@ The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Frichetten/CVE-2020-11108-PoC
- https://github.com/Frichetten/Frichetten
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2020/CVE-2020-11179.md b/2020/CVE-2020-11179.md
index 4c174dbec..7455607f0 100644
--- a/2020/CVE-2020-11179.md
+++ b/2020/CVE-2020-11179.md
@@ -25,5 +25,6 @@ Arbitrary read and write to kernel addresses by temporarily overwriting ring buf
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-11549.md b/2020/CVE-2020-11549.md
index 35341e9c7..52c7cc55c 100644
--- a/2020/CVE-2020-11549.md
+++ b/2020/CVE-2020-11549.md
@@ -14,4 +14,5 @@ An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite
- https://www.modzero.com/advisories/MZ-20-02-Netgear-Orbi-Pro-Security.txt
#### Github
+- https://github.com/modzero/MZ-20-02-NETGEAR-Orbi-Security
diff --git a/2020/CVE-2020-11550.md b/2020/CVE-2020-11550.md
index 2fc241c48..d8d70adaa 100644
--- a/2020/CVE-2020-11550.md
+++ b/2020/CVE-2020-11550.md
@@ -14,4 +14,5 @@ An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite
- https://www.modzero.com/advisories/MZ-20-02-Netgear-Orbi-Pro-Security.txt
#### Github
+- https://github.com/modzero/MZ-20-02-NETGEAR-Orbi-Security
diff --git a/2020/CVE-2020-11551.md b/2020/CVE-2020-11551.md
index 75d1ccafd..f6e50fd67 100644
--- a/2020/CVE-2020-11551.md
+++ b/2020/CVE-2020-11551.md
@@ -14,4 +14,5 @@ An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite
- https://www.modzero.com/advisories/MZ-20-02-Netgear-Orbi-Pro-Security.txt
#### Github
+- https://github.com/modzero/MZ-20-02-NETGEAR-Orbi-Security
diff --git a/2020/CVE-2020-11996.md b/2020/CVE-2020-11996.md
index 90f5b6cc4..ad9b182a7 100644
--- a/2020/CVE-2020-11996.md
+++ b/2020/CVE-2020-11996.md
@@ -23,5 +23,6 @@ A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996
- https://github.com/soosmile/POC
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2020/CVE-2020-1208.md b/2020/CVE-2020-1208.md
index 44f930896..8d6a71ba1 100644
--- a/2020/CVE-2020-1208.md
+++ b/2020/CVE-2020-1208.md
@@ -28,4 +28,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ferdinandmudjialim/metasploit-cve-search
+- https://github.com/tunnelcat/metasploit-cve-search
diff --git a/2020/CVE-2020-12112.md b/2020/CVE-2020-12112.md
index c9007e540..004a79bef 100644
--- a/2020/CVE-2020-12112.md
+++ b/2020/CVE-2020-12112.md
@@ -20,4 +20,5 @@ BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
+- https://github.com/tchenu/CVE-2020-12112
diff --git a/2020/CVE-2020-12122.md b/2020/CVE-2020-12122.md
index 392a27534..77bcffb7b 100644
--- a/2020/CVE-2020-12122.md
+++ b/2020/CVE-2020-12122.md
@@ -15,4 +15,5 @@ In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) al
#### Github
- https://github.com/Arryboom/Kernel-exploits
+- https://github.com/FULLSHADE/Kernel-exploits
diff --git a/2020/CVE-2020-1234.md b/2020/CVE-2020-1234.md
index dac361b6c..e2de4f12c 100644
--- a/2020/CVE-2020-1234.md
+++ b/2020/CVE-2020-1234.md
@@ -34,4 +34,5 @@ No PoCs from references.
- https://github.com/ivanid22/NVD-scraper
- https://github.com/strobes-co/ql-documentation
- https://github.com/tahtaciburak/CyAnnuaire
+- https://github.com/tunnelcat/metasploit-cve-search
diff --git a/2020/CVE-2020-12340.md b/2020/CVE-2020-12340.md
index ca28d3df3..e38a5175e 100644
--- a/2020/CVE-2020-12340.md
+++ b/2020/CVE-2020-12340.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ferdinandmudjialim/metasploit-cve-search
+- https://github.com/tunnelcat/metasploit-cve-search
diff --git a/2020/CVE-2020-12351.md b/2020/CVE-2020-12351.md
index 5d8711893..2a73cb011 100644
--- a/2020/CVE-2020-12351.md
+++ b/2020/CVE-2020-12351.md
@@ -42,5 +42,6 @@ Improper input validation in BlueZ may allow an unauthenticated user to potentia
- https://github.com/shannonmullins/hopp
- https://github.com/soosmile/POC
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-12352.md b/2020/CVE-2020-12352.md
index de02cc6cc..f13dba946 100644
--- a/2020/CVE-2020-12352.md
+++ b/2020/CVE-2020-12352.md
@@ -38,5 +38,6 @@ Improper access control in BlueZ may allow an unauthenticated user to potentiall
- https://github.com/sgxgsx/BlueToolkit
- https://github.com/shannonmullins/hopp
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-12432.md b/2020/CVE-2020-12432.md
index 54cdea8a4..967b9d4f8 100644
--- a/2020/CVE-2020-12432.md
+++ b/2020/CVE-2020-12432.md
@@ -16,6 +16,7 @@ The WOPI API integration for Vereign Collabora CODE through 4.2.2 does not prope
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/d7x/CVE-2020-12432
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-12443.md b/2020/CVE-2020-12443.md
index f92f1daaf..27bebaab6 100644
--- a/2020/CVE-2020-12443.md
+++ b/2020/CVE-2020-12443.md
@@ -13,4 +13,5 @@ BigBlueButton before 2.2.6 allows remote attackers to read arbitrary files becau
- https://github.com/mclab-hbrs/BBB-POC
#### Github
+- https://github.com/mclab-hbrs/BBB-POC
diff --git a/2020/CVE-2020-12695.md b/2020/CVE-2020-12695.md
index 580dfc6e8..2ecfd568f 100644
--- a/2020/CVE-2020-12695.md
+++ b/2020/CVE-2020-12695.md
@@ -31,6 +31,7 @@ The Open Connectivity Foundation UPnP specification before 2020-04-17 does not f
- https://github.com/ZTK-009/Penetration_PoC
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/aoeII/asuswrt-for-Tenda-AC9-Router
+- https://github.com/corelight/callstranger-detector
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/gaahrdner/starred
- https://github.com/hasee2018/Penetration_Testing_POC
diff --git a/2020/CVE-2020-12872.md b/2020/CVE-2020-12872.md
index 905c6cb9b..3bd65e0a1 100644
--- a/2020/CVE-2020-12872.md
+++ b/2020/CVE-2020-12872.md
@@ -15,4 +15,5 @@ yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, a
#### Github
- https://github.com/Live-Hack-CVE/CVE-2020-12872
+- https://github.com/catsploit/catsploit
diff --git a/2020/CVE-2020-1350.md b/2020/CVE-2020-1350.md
index b4f6ee8ee..99fbe8196 100644
--- a/2020/CVE-2020-1350.md
+++ b/2020/CVE-2020-1350.md
@@ -16,6 +16,7 @@ A remote code execution vulnerability exists in Windows Domain Name System serve
- http://packetstormsecurity.com/files/158484/SIGRed-Windows-DNS-Denial-Of-Service.html
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/0xT11/CVE-POC
- https://github.com/20142995/sectool
- https://github.com/2lambda123/diaphora
@@ -75,6 +76,7 @@ A remote code execution vulnerability exists in Windows Domain Name System serve
- https://github.com/mr-r3b00t/CVE-2020-1350
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/password520/Penetration_PoC
+- https://github.com/pg001001/deception-tech
- https://github.com/psc4re/NSE-scripts
- https://github.com/rudraimmunefi/source-code-review
- https://github.com/rudrapwn/source-code-review
diff --git a/2020/CVE-2020-13757.md b/2020/CVE-2020-13757.md
index d6610659a..7355fb30e 100644
--- a/2020/CVE-2020-13757.md
+++ b/2020/CVE-2020-13757.md
@@ -16,4 +16,5 @@ Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AdiRashkes/python-tda-bug-hunt-0
+- https://github.com/seal-community/patches
diff --git a/2020/CVE-2020-13934.md b/2020/CVE-2020-13934.md
index 703b0a221..c02679ae8 100644
--- a/2020/CVE-2020-13934.md
+++ b/2020/CVE-2020-13934.md
@@ -17,5 +17,6 @@ An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.
- https://www.oracle.com/security-alerts/cpuoct2020.html
#### Github
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2020/CVE-2020-13935.md b/2020/CVE-2020-13935.md
index afc092c0b..24fb5a1e6 100644
--- a/2020/CVE-2020-13935.md
+++ b/2020/CVE-2020-13935.md
@@ -21,6 +21,7 @@ The payload length in a WebSocket frame was not correctly validated in Apache To
#### Github
- https://github.com/0day404/vulnerability-poc
+- https://github.com/0xMarcio/cve
- https://github.com/20142995/sectool
- https://github.com/2lambda123/CVE-mitre
- https://github.com/404notf0und/CVE-Flow
@@ -53,6 +54,7 @@ The payload length in a WebSocket frame was not correctly validated in Apache To
- https://github.com/trganda/dockerv
- https://github.com/trganda/starrlist
- https://github.com/tzwlhack/Vulnerability
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xuetusummer/Penetration_Testing_POC
diff --git a/2020/CVE-2020-13942.md b/2020/CVE-2020-13942.md
index 9f5150383..08b9962cd 100644
--- a/2020/CVE-2020-13942.md
+++ b/2020/CVE-2020-13942.md
@@ -16,6 +16,7 @@ No PoCs from references.
- https://github.com/1135/unomi_exploit
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/CLincat/vulcat
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/HimmelAward/Goby_POC
diff --git a/2020/CVE-2020-13943.md b/2020/CVE-2020-13943.md
index 4c3db83ac..53e33e01c 100644
--- a/2020/CVE-2020-13943.md
+++ b/2020/CVE-2020-13943.md
@@ -15,5 +15,6 @@ If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Live-Hack-CVE/CVE-2020-13943
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2020/CVE-2020-14356.md b/2020/CVE-2020-14356.md
index 37dd2706a..cd4100146 100644
--- a/2020/CVE-2020-14356.md
+++ b/2020/CVE-2020-14356.md
@@ -28,5 +28,6 @@ A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versio
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-14381.md b/2020/CVE-2020-14381.md
index 9c2371fee..73fd2cb33 100644
--- a/2020/CVE-2020-14381.md
+++ b/2020/CVE-2020-14381.md
@@ -26,5 +26,6 @@ A flaw was found in the Linux kernel’s futex implementation. This flaw allows
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-14386.md b/2020/CVE-2020-14386.md
index b2b824261..70d33f286 100644
--- a/2020/CVE-2020-14386.md
+++ b/2020/CVE-2020-14386.md
@@ -50,5 +50,6 @@ A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be ex
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/teamssix/container-escape-check
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-14421.md b/2020/CVE-2020-14421.md
index 006fe3d8d..dbc7bf011 100644
--- a/2020/CVE-2020-14421.md
+++ b/2020/CVE-2020-14421.md
@@ -18,4 +18,5 @@ aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary com
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Orange-Cyberdefense/CVE-repository
- https://github.com/Transmetal/CVE-repository-master
+- https://github.com/jenaye/aapanel
diff --git a/2020/CVE-2020-14882.md b/2020/CVE-2020-14882.md
index a38224b14..a6ab5d990 100644
--- a/2020/CVE-2020-14882.md
+++ b/2020/CVE-2020-14882.md
@@ -70,6 +70,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
- https://github.com/SouthWind0/southwind0.github.io
- https://github.com/Threekiii/Awesome-Exploit
- https://github.com/Threekiii/Awesome-POC
+- https://github.com/Threekiii/Awesome-Redteam
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/Umarovm/-Patched-McMaster-University-Blind-Command-Injection
- https://github.com/Weik1/Artillery
diff --git a/2020/CVE-2020-14950.md b/2020/CVE-2020-14950.md
index 0b46eca6c..1697581c5 100644
--- a/2020/CVE-2020-14950.md
+++ b/2020/CVE-2020-14950.md
@@ -16,4 +16,5 @@ aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary com
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Orange-Cyberdefense/CVE-repository
- https://github.com/Transmetal/CVE-repository-master
+- https://github.com/jenaye/aapanel
diff --git a/2020/CVE-2020-14990.md b/2020/CVE-2020-14990.md
index dec2de23f..a4e188052 100644
--- a/2020/CVE-2020-14990.md
+++ b/2020/CVE-2020-14990.md
@@ -14,4 +14,5 @@ IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges
- https://github.com/Daniel-itsec/AdvancedSystemCare
#### Github
+- https://github.com/Daniel-itsec/AdvancedSystemCare
diff --git a/2020/CVE-2020-15367.md b/2020/CVE-2020-15367.md
index 3ad868837..6fd95f5df 100644
--- a/2020/CVE-2020-15367.md
+++ b/2020/CVE-2020-15367.md
@@ -17,6 +17,7 @@ Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/inflixim4be/CVE-2020-15367
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
diff --git a/2020/CVE-2020-15392.md b/2020/CVE-2020-15392.md
index 86b6728f6..55e9993a5 100644
--- a/2020/CVE-2020-15392.md
+++ b/2020/CVE-2020-15392.md
@@ -18,6 +18,7 @@ A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2.
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/inflixim4be/CVE-2020-15367
+- https://github.com/inflixim4be/CVE-2020-15392
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
diff --git a/2020/CVE-2020-15956.md b/2020/CVE-2020-15956.md
index 9fa2788b4..d7ec8d173 100644
--- a/2020/CVE-2020-15956.md
+++ b/2020/CVE-2020-15956.md
@@ -18,6 +18,7 @@ ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unaut
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/megamagnus/cve-2020-15956
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
diff --git a/2020/CVE-2020-16119.md b/2020/CVE-2020-16119.md
index ac6b2c8f2..0952920d7 100644
--- a/2020/CVE-2020-16119.md
+++ b/2020/CVE-2020-16119.md
@@ -25,5 +25,6 @@ Use-after-free vulnerability in the Linux kernel exploitable by a local attacker
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-16270.md b/2020/CVE-2020-16270.md
index 3f32476bb..da45c076c 100644
--- a/2020/CVE-2020-16270.md
+++ b/2020/CVE-2020-16270.md
@@ -16,6 +16,7 @@ OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can us
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
+- https://github.com/Security-AVS/CVE-2020-16270
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2020/CVE-2020-17456.md b/2020/CVE-2020-17456.md
index e43594d8e..00ea6339b 100644
--- a/2020/CVE-2020-17456.md
+++ b/2020/CVE-2020-17456.md
@@ -19,6 +19,7 @@ SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the i
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Al1ex/CVE-2020-17456
+- https://github.com/TAPESH-TEAM/CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/maj0rmil4d/Seowon-SlC-130-And-SLR-120S-Exploit
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-17527.md b/2020/CVE-2020-17527.md
index 95212296a..de9677863 100644
--- a/2020/CVE-2020-17527.md
+++ b/2020/CVE-2020-17527.md
@@ -27,5 +27,6 @@ While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/pctF/vulnerable-app
- https://github.com/scordero1234/java_sec_demo-main
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2020/CVE-2020-18324.md b/2020/CVE-2020-18324.md
index 33dd0775d..b6159a058 100644
--- a/2020/CVE-2020-18324.md
+++ b/2020/CVE-2020-18324.md
@@ -13,5 +13,6 @@ Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q p
- https://github.com/hamm0nz/CVE-2020-18324
#### Github
+- https://github.com/hamm0nz/CVE-2020-18324
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-18325.md b/2020/CVE-2020-18325.md
index 479df05ae..e69407c86 100644
--- a/2020/CVE-2020-18325.md
+++ b/2020/CVE-2020-18325.md
@@ -13,5 +13,6 @@ Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion
- https://github.com/hamm0nz/CVE-2020-18325
#### Github
+- https://github.com/hamm0nz/CVE-2020-18325
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-18326.md b/2020/CVE-2020-18326.md
index 28299d889..8f727cdfe 100644
--- a/2020/CVE-2020-18326.md
+++ b/2020/CVE-2020-18326.md
@@ -13,5 +13,6 @@ Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CM
- https://github.com/hamm0nz/CVE-2020-18326
#### Github
+- https://github.com/hamm0nz/CVE-2020-18326
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-1935.md b/2020/CVE-2020-1935.md
index 3ac65bd4c..f124ddd59 100644
--- a/2020/CVE-2020-1935.md
+++ b/2020/CVE-2020-1935.md
@@ -18,5 +18,6 @@ In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTT
- https://github.com/mklmfane/betvictor
- https://github.com/mo-xiaoxi/HDiff
- https://github.com/raner/projo
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2020/CVE-2020-19360.md b/2020/CVE-2020-19360.md
index 0ace026c4..c6941472c 100644
--- a/2020/CVE-2020-19360.md
+++ b/2020/CVE-2020-19360.md
@@ -18,6 +18,7 @@ Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper file paramete
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/ArrestX/--POC
+- https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/Threekiii/Awesome-POC
diff --git a/2020/CVE-2020-19361.md b/2020/CVE-2020-19361.md
index 30de4aef7..5919203d9 100644
--- a/2020/CVE-2020-19361.md
+++ b/2020/CVE-2020-19361.md
@@ -13,4 +13,5 @@ Reflected XSS in Medintux v2.16.000 CCAM.php by manipulating the mot1 parameter
- https://github.com/EmreOvunc/Medintux-V2.16.000-Reflected-XSS-Vulnerability
#### Github
+- https://github.com/EmreOvunc/Medintux-V2.16.000-Reflected-XSS-Vulnerability
diff --git a/2020/CVE-2020-19364.md b/2020/CVE-2020-19364.md
index 169330a6e..b985bcb3a 100644
--- a/2020/CVE-2020-19364.md
+++ b/2020/CVE-2020-19364.md
@@ -13,4 +13,5 @@ OpenEMR 5.0.1 allows an authenticated attacker to upload and execute malicious P
- https://github.com/EmreOvunc/OpenEMR_Vulnerabilities
#### Github
+- https://github.com/EmreOvunc/OpenEMR_Vulnerabilities
diff --git a/2020/CVE-2020-1938.md b/2020/CVE-2020-1938.md
index 3f9add2d3..f628a710a 100644
--- a/2020/CVE-2020-1938.md
+++ b/2020/CVE-2020-1938.md
@@ -192,6 +192,7 @@ When using the Apache JServ Protocol (AJP), care must be taken when trusting inc
- https://github.com/tpt11fb/AttackTomcat
- https://github.com/uuuuuuuzi/BugRepairsuggestions
- https://github.com/veo/vscan
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
- https://github.com/w4fz5uck5/CVE-2020-1938-Clean-Version
- https://github.com/weeka10/-hktalent-TOP
diff --git a/2020/CVE-2020-1967.md b/2020/CVE-2020-1967.md
index ce7ca57f7..86a24315c 100644
--- a/2020/CVE-2020-1967.md
+++ b/2020/CVE-2020-1967.md
@@ -36,6 +36,7 @@ Server or client applications that call the SSL_check_chain() function during or
- https://github.com/goharbor/pluggable-scanner-spec
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hstiwana/cks
+- https://github.com/irsl/CVE-2020-1967
- https://github.com/jntass/TASSL-1.1.1k
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/omnibor/bomsh
diff --git a/2020/CVE-2020-20093.md b/2020/CVE-2020-20093.md
index 00626a42a..e52398082 100644
--- a/2020/CVE-2020-20093.md
+++ b/2020/CVE-2020-20093.md
@@ -15,4 +15,5 @@ The Facebook Messenger app for iOS 227.0 and prior and Android 228.1.0.10.116 an
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/zadewg/RIUS
diff --git a/2020/CVE-2020-23160.md b/2020/CVE-2020-23160.md
index 3572b2227..65124f2ff 100644
--- a/2020/CVE-2020-23160.md
+++ b/2020/CVE-2020-23160.md
@@ -14,6 +14,7 @@ Remote code execution in Pyrescom Termod4 time management devices before 10.04k
- https://outpost24.com/blog/multiple-vulnerabilities-discovered-in-Pyrescom-Termod4-smart-device
#### Github
+- https://github.com/Outpost24/Pyrescom-Termod-PoC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-23161.md b/2020/CVE-2020-23161.md
index 02f454e55..d462f8545 100644
--- a/2020/CVE-2020-23161.md
+++ b/2020/CVE-2020-23161.md
@@ -14,4 +14,5 @@ Local file inclusion in Pyrescom Termod4 time management devices before 10.04k a
- https://outpost24.com/blog/multiple-vulnerabilities-discovered-in-Pyrescom-Termod4-smart-device
#### Github
+- https://github.com/Outpost24/Pyrescom-Termod-PoC
diff --git a/2020/CVE-2020-23162.md b/2020/CVE-2020-23162.md
index cd51505ed..80d24c279 100644
--- a/2020/CVE-2020-23162.md
+++ b/2020/CVE-2020-23162.md
@@ -14,4 +14,5 @@ Sensitive information disclosure and weak encryption in Pyrescom Termod4 time ma
- https://outpost24.com/blog/multiple-vulnerabilities-discovered-in-Pyrescom-Termod4-smart-device
#### Github
+- https://github.com/Outpost24/Pyrescom-Termod-PoC
diff --git a/2020/CVE-2020-23839.md b/2020/CVE-2020-23839.md
index 387f3d6db..089b3e7c1 100644
--- a/2020/CVE-2020-23839.md
+++ b/2020/CVE-2020-23839.md
@@ -19,5 +19,6 @@ A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, i
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Janalytics94/anomaly-detection-software
- https://github.com/Live-Hack-CVE/CVE-2020-23839
+- https://github.com/boku7/CVE-2020-23839
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-24007.md b/2020/CVE-2020-24007.md
index 965e53bb4..312a82501 100644
--- a/2020/CVE-2020-24007.md
+++ b/2020/CVE-2020-24007.md
@@ -13,4 +13,5 @@ Umanni RH 1.0 does not limit the number of authentication attempts. An unauthent
- https://github.com/inflixim4be/Brute-Force-on-Umanni-RH
#### Github
+- https://github.com/inflixim4be/Brute-Force-on-Umanni-RH
diff --git a/2020/CVE-2020-24008.md b/2020/CVE-2020-24008.md
index fc72dbcad..52e18dba1 100644
--- a/2020/CVE-2020-24008.md
+++ b/2020/CVE-2020-24008.md
@@ -13,4 +13,5 @@ Umanni RH 1.0 has a user enumeration vulnerability. This issue occurs during pas
- https://github.com/inflixim4be/User-Enumeration-on-Umanni-RH
#### Github
+- https://github.com/inflixim4be/User-Enumeration-on-Umanni-RH
diff --git a/2020/CVE-2020-24033.md b/2020/CVE-2020-24033.md
index 8117aeeb3..5b19c333e 100644
--- a/2020/CVE-2020-24033.md
+++ b/2020/CVE-2020-24033.md
@@ -15,6 +15,7 @@ An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does n
#### Github
- https://github.com/0xT11/CVE-POC
+- https://github.com/M0NsTeRRR/CVE-2020-24033
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-24379.md b/2020/CVE-2020-24379.md
index 47d3f6664..a10949e33 100644
--- a/2020/CVE-2020-24379.md
+++ b/2020/CVE-2020-24379.md
@@ -17,4 +17,5 @@ WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to
#### Github
- https://github.com/404notf0und/CVE-Flow
- https://github.com/Live-Hack-CVE/CVE-2020-24379
+- https://github.com/vulnbe/poc-yaws-dav-xxe
diff --git a/2020/CVE-2020-24490.md b/2020/CVE-2020-24490.md
index b3740ff88..e06a1e42c 100644
--- a/2020/CVE-2020-24490.md
+++ b/2020/CVE-2020-24490.md
@@ -38,5 +38,6 @@ No PoCs from references.
- https://github.com/sgxgsx/BlueToolkit
- https://github.com/shannonmullins/hopp
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-24574.md b/2020/CVE-2020-24574.md
index 030143e17..30e9af7e6 100644
--- a/2020/CVE-2020-24574.md
+++ b/2020/CVE-2020-24574.md
@@ -17,4 +17,5 @@ The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.41 (as of 12:
#### Github
- https://github.com/anvilsecure/gog-galaxy-app-research
+- https://github.com/jtesta/gog_galaxy_client_service_poc
diff --git a/2020/CVE-2020-24765.md b/2020/CVE-2020-24765.md
index 5e4edcb0a..356341854 100644
--- a/2020/CVE-2020-24765.md
+++ b/2020/CVE-2020-24765.md
@@ -21,4 +21,5 @@ InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers t
- https://github.com/fbkcs/CVE-2020-24765
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/trump88/CVE-2020-24765
diff --git a/2020/CVE-2020-24916.md b/2020/CVE-2020-24916.md
index fa707a6cb..e156e9bd9 100644
--- a/2020/CVE-2020-24916.md
+++ b/2020/CVE-2020-24916.md
@@ -17,4 +17,5 @@ CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS
#### Github
- https://github.com/404notf0und/CVE-Flow
- https://github.com/Live-Hack-CVE/CVE-2020-24916
+- https://github.com/vulnbe/poc-yaws-cgi-shell-injection
diff --git a/2020/CVE-2020-25220.md b/2020/CVE-2020-25220.md
index 70d82d5f0..68e48fe03 100644
--- a/2020/CVE-2020-25220.md
+++ b/2020/CVE-2020-25220.md
@@ -27,5 +27,6 @@ The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-25265.md b/2020/CVE-2020-25265.md
index dff50513a..8b7030ad4 100644
--- a/2020/CVE-2020-25265.md
+++ b/2020/CVE-2020-25265.md
@@ -16,4 +16,5 @@ AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/refi64/CVE-2020-25265-25266
diff --git a/2020/CVE-2020-25266.md b/2020/CVE-2020-25266.md
index 278016cb9..ec67baa21 100644
--- a/2020/CVE-2020-25266.md
+++ b/2020/CVE-2020-25266.md
@@ -13,4 +13,5 @@ AppImage appimaged before 1.0.3 does not properly check whether a downloaded fil
- https://github.com/refi64/CVE-2020-25265-25266
#### Github
+- https://github.com/refi64/CVE-2020-25265-25266
diff --git a/2020/CVE-2020-25385.md b/2020/CVE-2020-25385.md
index 19b1abb80..dea288860 100644
--- a/2020/CVE-2020-25385.md
+++ b/2020/CVE-2020-25385.md
@@ -13,4 +13,5 @@ Nagios Log Server 2.1.7 contains a cross-site scripting (XSS) vulnerability in /
- https://github.com/EmreOvunc/Nagios-Log-Server-2.1.7-Persistent-Cross-Site-Scripting
#### Github
+- https://github.com/EmreOvunc/Nagios-Log-Server-2.1.7-Persistent-Cross-Site-Scripting
diff --git a/2020/CVE-2020-25398.md b/2020/CVE-2020-25398.md
index f37aa7fa2..7cd80be0f 100644
--- a/2020/CVE-2020-25398.md
+++ b/2020/CVE-2020-25398.md
@@ -14,6 +14,7 @@ CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv expor
#### Github
- https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/h3llraiser/CVE-2020-25398
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-25399.md b/2020/CVE-2020-25399.md
index c73bc736d..f8dbe8361 100644
--- a/2020/CVE-2020-25399.md
+++ b/2020/CVE-2020-25399.md
@@ -14,6 +14,7 @@ Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack a
#### Github
- https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/h3llraiser/CVE-2020-25399
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-25498.md b/2020/CVE-2020-25498.md
index 39270b5fa..7db5d7bfd 100644
--- a/2020/CVE-2020-25498.md
+++ b/2020/CVE-2020-25498.md
@@ -18,4 +18,5 @@ Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploite
- https://github.com/Live-Hack-CVE/CVE-2020-2549
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/the-girl-who-lived/CVE-2020-25498
diff --git a/2020/CVE-2020-2555.md b/2020/CVE-2020-2555.md
index 17e170f8f..9bcc7e735 100644
--- a/2020/CVE-2020-2555.md
+++ b/2020/CVE-2020-2555.md
@@ -23,6 +23,7 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo
#### Github
- https://github.com/0x727/JNDIExploit
+- https://github.com/0xMarcio/cve
- https://github.com/0xT11/CVE-POC
- https://github.com/0xn0ne/weblogicScanner
- https://github.com/20142995/Goby
diff --git a/2020/CVE-2020-25658.md b/2020/CVE-2020-25658.md
index b0d1ab847..3eda6ee51 100644
--- a/2020/CVE-2020-25658.md
+++ b/2020/CVE-2020-25658.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AdiRashkes/python-tda-bug-hunt-0
+- https://github.com/seal-community/patches
diff --git a/2020/CVE-2020-26061.md b/2020/CVE-2020-26061.md
index 50ddecdef..c2722be37 100644
--- a/2020/CVE-2020-26061.md
+++ b/2020/CVE-2020-26061.md
@@ -16,5 +16,6 @@ ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/missing0x00/CVE-2020-26061
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-26732.md b/2020/CVE-2020-26732.md
index 3cfac294f..a89cad527 100644
--- a/2020/CVE-2020-26732.md
+++ b/2020/CVE-2020-26732.md
@@ -16,4 +16,5 @@ SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/swzhouu/CVE-2020-26732
diff --git a/2020/CVE-2020-26733.md b/2020/CVE-2020-26733.md
index 49086bcce..a2b465b10 100644
--- a/2020/CVE-2020-26733.md
+++ b/2020/CVE-2020-26733.md
@@ -16,4 +16,5 @@ Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Ve
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/swzhouu/CVE-2020-26733
diff --git a/2020/CVE-2020-26939.md b/2020/CVE-2020-26939.md
index 48d328b0f..9db37ca5e 100644
--- a/2020/CVE-2020-26939.md
+++ b/2020/CVE-2020-26939.md
@@ -17,6 +17,7 @@ No PoCs from references.
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
+- https://github.com/LibHunter/LibHunter
- https://github.com/box/box-java-sdk
- https://github.com/pctF/vulnerable-app
diff --git a/2020/CVE-2020-27194.md b/2020/CVE-2020-27194.md
index 844370fad..83e8806ea 100644
--- a/2020/CVE-2020-27194.md
+++ b/2020/CVE-2020-27194.md
@@ -15,6 +15,7 @@ An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or i
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/LinuxEelvation
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/OrangeGzY/security-research-learning
- https://github.com/XiaozaYa/CVE-Recording
@@ -37,6 +38,7 @@ An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or i
- https://github.com/scannells/exploits
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/willinin/CVE-2020-27194-exp
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xmzyshypnc/CVE-2020-27194
diff --git a/2020/CVE-2020-27352.md b/2020/CVE-2020-27352.md
new file mode 100644
index 000000000..be4a7aedd
--- /dev/null
+++ b/2020/CVE-2020-27352.md
@@ -0,0 +1,20 @@
+### [CVE-2020-27352](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27352)
+
+
+
+
+### Description
+
+When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading system units. This may grant additional privileges to a container within the snap that were not originally intended.
+
+### POC
+
+#### Reference
+- https://bugs.launchpad.net/snapd/+bug/1910456
+
+#### Github
+- https://github.com/43622283/awesome-cloud-native-security
+- https://github.com/Metarget/awesome-cloud-native-security
+- https://github.com/atesemre/awesome-cloud-native-security
+- https://github.com/reni2study/Cloud-Native-Security2
+
diff --git a/2020/CVE-2020-27368.md b/2020/CVE-2020-27368.md
index d8f2dcdfd..3f69267e2 100644
--- a/2020/CVE-2020-27368.md
+++ b/2020/CVE-2020-27368.md
@@ -16,4 +16,5 @@ Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B201
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/swzhouu/CVE-2020-27368
diff --git a/2020/CVE-2020-27688.md b/2020/CVE-2020-27688.md
index 8a598c4e0..4fc8e89f4 100644
--- a/2020/CVE-2020-27688.md
+++ b/2020/CVE-2020-27688.md
@@ -16,5 +16,6 @@ RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/matthiasmaes/CVE-2020-27688
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-27786.md b/2020/CVE-2020-27786.md
index 1fc43388f..8a133cf11 100644
--- a/2020/CVE-2020-27786.md
+++ b/2020/CVE-2020-27786.md
@@ -32,5 +32,6 @@ A flaw was found in the Linux kernel’s implementation of MIDI, where an attack
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-28052.md b/2020/CVE-2020-28052.md
index 6e2baf947..befb23a29 100644
--- a/2020/CVE-2020-28052.md
+++ b/2020/CVE-2020-28052.md
@@ -21,6 +21,7 @@ An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. Th
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/Live-Hack-CVE/CVE-2020-2805
- https://github.com/Live-Hack-CVE/CVE-2020-28052
- https://github.com/alphaSeclab/sec-daily-2020
diff --git a/2020/CVE-2020-28328.md b/2020/CVE-2020-28328.md
index 0b323c6d7..efe5154df 100644
--- a/2020/CVE-2020-28328.md
+++ b/2020/CVE-2020-28328.md
@@ -19,5 +19,6 @@ SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system se
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/mcorybillington/SuiteCRM-RCE
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-28343.md b/2020/CVE-2020-28343.md
index 89b8be7b4..cfa347a25 100644
--- a/2020/CVE-2020-28343.md
+++ b/2020/CVE-2020-28343.md
@@ -24,5 +24,6 @@ An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exyno
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-28373.md b/2020/CVE-2020-28373.md
index bffaa5120..40e68e580 100644
--- a/2020/CVE-2020-28373.md
+++ b/2020/CVE-2020-28373.md
@@ -13,5 +13,6 @@ upnpd on certain NETGEAR devices allows remote (LAN) attackers to execute arbitr
- https://github.com/cpeggg/Netgear-upnpd-poc
#### Github
+- https://github.com/cpeggg/Netgear-upnpd-poc
- https://github.com/peanuts62/IOT_CVE
diff --git a/2020/CVE-2020-28588.md b/2020/CVE-2020-28588.md
index 50f4d9150..8e88496aa 100644
--- a/2020/CVE-2020-28588.md
+++ b/2020/CVE-2020-28588.md
@@ -24,5 +24,6 @@ An information disclosure vulnerability exists in the /proc/pid/syscall function
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-2883.md b/2020/CVE-2020-2883.md
index c81308bcf..d53dd42b8 100644
--- a/2020/CVE-2020-2883.md
+++ b/2020/CVE-2020-2883.md
@@ -15,6 +15,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
#### Github
- https://github.com/0x727/JNDIExploit
+- https://github.com/0xMarcio/cve
- https://github.com/0xT11/CVE-POC
- https://github.com/0xdu/WLExploit
- https://github.com/0xn0ne/weblogicScanner
diff --git a/2020/CVE-2020-29007.md b/2020/CVE-2020-29007.md
index d613d4a46..8fa7035b0 100644
--- a/2020/CVE-2020-29007.md
+++ b/2020/CVE-2020-29007.md
@@ -21,4 +21,5 @@ The Score extension through 0.3.0 for MediaWiki has a remote code execution vuln
- https://github.com/mariodon/GeekGame-2nd-Writeup
- https://github.com/mbiel92/Hugo-MB
- https://github.com/mmiszczyk/lilypond-scheme-hacking
+- https://github.com/seqred-s-a/cve-2020-29007
diff --git a/2020/CVE-2020-3452.md b/2020/CVE-2020-3452.md
index 952b4ebd6..819504b0f 100644
--- a/2020/CVE-2020-3452.md
+++ b/2020/CVE-2020-3452.md
@@ -85,6 +85,7 @@ A vulnerability in the web services interface of Cisco Adaptive Security Applian
- https://github.com/dwisiswant0/awesome-oneliner-bugbounty
- https://github.com/faisalfs10x/Cisco-CVE-2020-3452-shodan-scanner
- https://github.com/faisalfs10x/dirty-scripts
+- https://github.com/fierceoj/ShonyDanza
- https://github.com/foulenzer/CVE-2020-3452
- https://github.com/fuzzlove/Cisco-ASA-FTD-Web-Services-Traversal
- https://github.com/grim3/CVE-2020-3452
diff --git a/2020/CVE-2020-35262.md b/2020/CVE-2020-35262.md
index a893ce2ac..68a2f6252 100644
--- a/2020/CVE-2020-35262.md
+++ b/2020/CVE-2020-35262.md
@@ -17,4 +17,5 @@ Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited v
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/the-girl-who-lived/CVE-2020-35262
diff --git a/2020/CVE-2020-35488.md b/2020/CVE-2020-35488.md
index 8f4b5bcd8..b6f34925a 100644
--- a/2020/CVE-2020-35488.md
+++ b/2020/CVE-2020-35488.md
@@ -14,6 +14,7 @@ The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allo
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/GuillaumePetit84/CVE-2020-35488
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/githubfoam/nxlog-ubuntu-githubactions
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2020/CVE-2020-36180.md b/2020/CVE-2020-36180.md
index 83ccfa10b..ca1ff9df6 100644
--- a/2020/CVE-2020-36180.md
+++ b/2020/CVE-2020-36180.md
@@ -23,5 +23,6 @@ FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction betwee
- https://github.com/Al1ex/Al1ex
- https://github.com/Al1ex/CVE-2020-36179
- https://github.com/Live-Hack-CVE/CVE-2020-36180
+- https://github.com/enomothem/PenTestNote
- https://github.com/seal-community/patches
diff --git a/2020/CVE-2020-36182.md b/2020/CVE-2020-36182.md
index 1ad441043..bea0748eb 100644
--- a/2020/CVE-2020-36182.md
+++ b/2020/CVE-2020-36182.md
@@ -24,6 +24,7 @@ FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction betwee
- https://github.com/Al1ex/CVE-2020-36179
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/Live-Hack-CVE/CVE-2020-36182
- https://github.com/seal-community/patches
diff --git a/2020/CVE-2020-3680.md b/2020/CVE-2020-3680.md
index 51b3c2043..c59b9d772 100644
--- a/2020/CVE-2020-3680.md
+++ b/2020/CVE-2020-3680.md
@@ -25,5 +25,6 @@ A race condition can occur when using the fastrpc memory mapping API. in Snapdra
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2020/CVE-2020-3952.md b/2020/CVE-2020-3952.md
index 40c23e951..f34cbabbe 100644
--- a/2020/CVE-2020-3952.md
+++ b/2020/CVE-2020-3952.md
@@ -13,6 +13,7 @@ Under certain conditions, vmdir that ships with VMware vCenter Server, as part o
- http://packetstormsecurity.com/files/157896/VMware-vCenter-Server-6.7-Authentication-Bypass.html
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/0xMrNiko/Awesome-Red-Teaming
- https://github.com/0xT11/CVE-POC
- https://github.com/20142995/sectool
diff --git a/2020/CVE-2020-3956.md b/2020/CVE-2020-3956.md
index 5bdbdf771..ec3c9f79a 100644
--- a/2020/CVE-2020-3956.md
+++ b/2020/CVE-2020-3956.md
@@ -17,6 +17,7 @@ VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x be
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/aaronsvk/CVE-2020-3956
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2020/CVE-2020-5844.md b/2020/CVE-2020-5844.md
index 22065cf8a..95522a715 100644
--- a/2020/CVE-2020-5844.md
+++ b/2020/CVE-2020-5844.md
@@ -18,6 +18,7 @@ index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0
- https://github.com/1Gould/CVE-2020-5844-exploit
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Live-Hack-CVE/CVE-2020-5844
+- https://github.com/TheCyberGeek/CVE-2020-5844
- https://github.com/UNICORDev/exploit-CVE-2020-5844
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2020/CVE-2020-5902.md b/2020/CVE-2020-5902.md
index cbc7afec7..73c23ca4e 100644
--- a/2020/CVE-2020-5902.md
+++ b/2020/CVE-2020-5902.md
@@ -149,6 +149,7 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.
- https://github.com/emtee40/win-pentest-tools
- https://github.com/f5devcentral/cve-2020-5902-ioc-bigip-checker
- https://github.com/faisalfs10x/F5-BIG-IP-CVE-2020-5902-shodan-scanner
+- https://github.com/fierceoj/ShonyDanza
- https://github.com/freeFV/CVE-2020-5902-fofa-scan
- https://github.com/freeFV/CVE-2020-6308-mass-exploiter
- https://github.com/gaahrdner/starred
diff --git a/2020/CVE-2020-6427.md b/2020/CVE-2020-6427.md
index c86d4f919..7d072d2fb 100644
--- a/2020/CVE-2020-6427.md
+++ b/2020/CVE-2020-6427.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ferdinandmudjialim/metasploit-cve-search
+- https://github.com/tunnelcat/metasploit-cve-search
diff --git a/2020/CVE-2020-7693.md b/2020/CVE-2020-7693.md
index 4b17cee7a..fe97916c8 100644
--- a/2020/CVE-2020-7693.md
+++ b/2020/CVE-2020-7693.md
@@ -17,6 +17,7 @@ Incorrect handling of Upgrade header with the value websocket leads in crashing
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/andsnw/sockjs-dos-py
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-7934.md b/2020/CVE-2020-7934.md
index 5943ace1f..94636c277 100644
--- a/2020/CVE-2020-7934.md
+++ b/2020/CVE-2020-7934.md
@@ -15,6 +15,7 @@ In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and L
- https://semanticbits.com/liferay-portal-authenticated-xss-disclosure/
#### Github
+- https://github.com/3ndG4me/liferay-xss-7.2.1GA2-poc-report-CVE-2020-7934
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Sergio235705/audit-xss-cve-2020-7934
- https://github.com/developer3000S/PoC-in-GitHub
diff --git a/2020/CVE-2020-7980.md b/2020/CVE-2020-7980.md
index d90a460c6..db8f8cd34 100644
--- a/2020/CVE-2020-7980.md
+++ b/2020/CVE-2020-7980.md
@@ -19,6 +19,7 @@ Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS command
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/HimmelAward/Goby_POC
+- https://github.com/Xh4H/Satellian-CVE-2020-7980
- https://github.com/Z0fhack/Goby_POC
- https://github.com/apachecn-archive/Middleware-Vulnerability-detection
- https://github.com/hectorgie/PoC-in-GitHub
diff --git a/2020/CVE-2020-8022.md b/2020/CVE-2020-8022.md
index 17a8b7825..3a7e5f9bc 100644
--- a/2020/CVE-2020-8022.md
+++ b/2020/CVE-2020-8022.md
@@ -28,5 +28,6 @@ A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE
No PoCs from references.
#### Github
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vincent-deng/veracode-container-security-finding-parser
diff --git a/2020/CVE-2020-8130.md b/2020/CVE-2020-8130.md
index bab340283..c90fce659 100644
--- a/2020/CVE-2020-8130.md
+++ b/2020/CVE-2020-8130.md
@@ -14,6 +14,7 @@ There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::Fi
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/m-mizutani/octovy
- https://github.com/m-mizutani/triview
- https://github.com/wxianfeng/hanzi_to_pinyin
diff --git a/2020/CVE-2020-8504.md b/2020/CVE-2020-8504.md
index d32a4fde5..cd42a24f9 100644
--- a/2020/CVE-2020-8504.md
+++ b/2020/CVE-2020-8504.md
@@ -13,4 +13,5 @@ School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?act
- https://github.com/J3rryBl4nks/SchoolERPCSRF
#### Github
+- https://github.com/J3rryBl4nks/SchoolERPCSRF
diff --git a/2020/CVE-2020-8505.md b/2020/CVE-2020-8505.md
index 2752eb716..225afec3e 100644
--- a/2020/CVE-2020-8505.md
+++ b/2020/CVE-2020-8505.md
@@ -13,4 +13,5 @@ School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?act
- https://github.com/J3rryBl4nks/SchoolERPCSRF
#### Github
+- https://github.com/J3rryBl4nks/SchoolERPCSRF
diff --git a/2020/CVE-2020-8597.md b/2020/CVE-2020-8597.md
index 18c35f670..8c4f47858 100644
--- a/2020/CVE-2020-8597.md
+++ b/2020/CVE-2020-8597.md
@@ -30,6 +30,7 @@ eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the
- https://github.com/YIXINSHUWU/Penetration_Testing_POC
- https://github.com/ZTK-009/Penetration_PoC
- https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/dointisme/CVE-2020-8597
- https://github.com/hasee2018/Penetration_Testing_POC
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/bug-bounty
diff --git a/2020/CVE-2020-8825.md b/2020/CVE-2020-8825.md
index 824f43094..64c001c19 100644
--- a/2020/CVE-2020-8825.md
+++ b/2020/CVE-2020-8825.md
@@ -17,6 +17,7 @@ index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/hacky1997/CVE-2020-8825
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
diff --git a/2020/CVE-2020-8835.md b/2020/CVE-2020-8835.md
index 24dd4bf81..6ec3d19cf 100644
--- a/2020/CVE-2020-8835.md
+++ b/2020/CVE-2020-8835.md
@@ -18,6 +18,7 @@ In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) di
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/De4dCr0w/Linux-kernel-EoP-exp
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/KatsuragiCSL/Presentations-Blogs-Papers-Tutorials-Books
- https://github.com/OrangeGzY/security-research-learning
@@ -47,6 +48,7 @@ In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) di
- https://github.com/snorez/ebpf-fuzzer
- https://github.com/soosmile/POC
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xmzyshypnc/CVE-2020-27194
- https://github.com/yoniko/gctf21_ebpf
diff --git a/2020/CVE-2020-8840.md b/2020/CVE-2020-8840.md
index de3603f5e..f1a0f5664 100644
--- a/2020/CVE-2020-8840.md
+++ b/2020/CVE-2020-8840.md
@@ -28,6 +28,7 @@ FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JN
- https://github.com/EchoGin404/-
- https://github.com/EchoGin404/gongkaishouji
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
+- https://github.com/LibHunter/LibHunter
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NetW0rK1le3r/awesome-hacking-lists
- https://github.com/OWASP/www-project-ide-vulscanner
diff --git a/2020/CVE-2020-9014.md b/2020/CVE-2020-9014.md
index 5501c574d..0b13e633f 100644
--- a/2020/CVE-2020-9014.md
+++ b/2020/CVE-2020-9014.md
@@ -16,5 +16,6 @@ In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Arryboom/Kernel-exploits
+- https://github.com/FULLSHADE/Kernel-exploits
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2020/CVE-2020-9057.md b/2020/CVE-2020-9057.md
index cf3afd24d..88cecd7d1 100644
--- a/2020/CVE-2020-9057.md
+++ b/2020/CVE-2020-9057.md
@@ -18,4 +18,5 @@ Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not su
- https://github.com/CNK2100/VFuzz-public
#### Github
+- https://github.com/CNK2100/VFuzz-public
diff --git a/2020/CVE-2020-9058.md b/2020/CVE-2020-9058.md
index e029fe2e0..bc1102e46 100644
--- a/2020/CVE-2020-9058.md
+++ b/2020/CVE-2020-9058.md
@@ -19,4 +19,5 @@ Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulat
- https://github.com/CNK2100/VFuzz-public
#### Github
+- https://github.com/CNK2100/VFuzz-public
diff --git a/2020/CVE-2020-9059.md b/2020/CVE-2020-9059.md
index f384eacde..684dc8238 100644
--- a/2020/CVE-2020-9059.md
+++ b/2020/CVE-2020-9059.md
@@ -15,5 +15,6 @@ Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication
- https://github.com/CNK2100/VFuzz-public
#### Github
+- https://github.com/CNK2100/VFuzz-public
- https://github.com/Live-Hack-CVE/CVE-2020-9059
diff --git a/2020/CVE-2020-9060.md b/2020/CVE-2020-9060.md
index c329e138d..27048dbba 100644
--- a/2020/CVE-2020-9060.md
+++ b/2020/CVE-2020-9060.md
@@ -23,5 +23,6 @@ Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but
- https://github.com/CNK2100/VFuzz-public
#### Github
+- https://github.com/CNK2100/VFuzz-public
- https://github.com/Live-Hack-CVE/CVE-2020-9060
diff --git a/2020/CVE-2020-9061.md b/2020/CVE-2020-9061.md
index 88c34e293..2225d8a65 100644
--- a/2020/CVE-2020-9061.md
+++ b/2020/CVE-2020-9061.md
@@ -21,4 +21,5 @@ Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not
- https://github.com/CNK2100/VFuzz-public
#### Github
+- https://github.com/CNK2100/VFuzz-public
diff --git a/2020/CVE-2020-9380.md b/2020/CVE-2020-9380.md
index d33c8d9a4..1f9a2873a 100644
--- a/2020/CVE-2020-9380.md
+++ b/2020/CVE-2020-9380.md
@@ -19,6 +19,7 @@ IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to execute OS co
- https://github.com/Z0fhack/Goby_POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/migueltarga/CVE-2020-9380
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/xu-xiang/awesome-security-vul-llm
diff --git a/2020/CVE-2020-9453.md b/2020/CVE-2020-9453.md
index bc5884b4e..8cfa9e9f6 100644
--- a/2020/CVE-2020-9453.md
+++ b/2020/CVE-2020-9453.md
@@ -15,4 +15,5 @@ In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to c
#### Github
- https://github.com/Arryboom/Kernel-exploits
+- https://github.com/FULLSHADE/Kernel-exploits
diff --git a/2020/CVE-2020-9484.md b/2020/CVE-2020-9484.md
index e79472efb..ff393b1cb 100644
--- a/2020/CVE-2020-9484.md
+++ b/2020/CVE-2020-9484.md
@@ -100,6 +100,7 @@ When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/tdtc7/qps
- https://github.com/threedr3am/tomcat-cluster-session-sync-exp
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/woods-sega/woodswiki
diff --git a/2020/CVE-2020-9546.md b/2020/CVE-2020-9546.md
index 93e146bc2..ede2d2d42 100644
--- a/2020/CVE-2020-9546.md
+++ b/2020/CVE-2020-9546.md
@@ -22,6 +22,7 @@ FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
+- https://github.com/LibHunter/LibHunter
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/lnick2023/nicenice
diff --git a/2021/CVE-2021-0341.md b/2021/CVE-2021-0341.md
index 0688f2eff..efa77fd35 100644
--- a/2021/CVE-2021-0341.md
+++ b/2021/CVE-2021-0341.md
@@ -16,6 +16,7 @@ No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/NicheToolkit/rest-toolkit
- https://github.com/TinyNiko/android_bulletin_notes
- https://github.com/au-abd/python-stuff
diff --git a/2021/CVE-2021-0399.md b/2021/CVE-2021-0399.md
index 9e4966a25..4e8ee8f14 100644
--- a/2021/CVE-2021-0399.md
+++ b/2021/CVE-2021-0399.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/nipund513/Exploiting-UAF-by-Ret2bpf-in-Android-Kernel-CVE-2021-0399-
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-0920.md b/2021/CVE-2021-0920.md
index bcc7e81c0..841142bd2 100644
--- a/2021/CVE-2021-0920.md
+++ b/2021/CVE-2021-0920.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-1048.md b/2021/CVE-2021-1048.md
index 4bb1ff992..535743f55 100644
--- a/2021/CVE-2021-1048.md
+++ b/2021/CVE-2021-1048.md
@@ -26,5 +26,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-1585.md b/2021/CVE-2021-1585.md
index 56665b5dd..acb0ee7c6 100644
--- a/2021/CVE-2021-1585.md
+++ b/2021/CVE-2021-1585.md
@@ -19,6 +19,7 @@ A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher co
- https://github.com/WhooAmii/POC_to_review
- https://github.com/anquanscan/sec-tools
- https://github.com/jbaines-r7/cisco_asa_research
+- https://github.com/jbaines-r7/staystaystay
- https://github.com/jbaines-r7/theway
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
diff --git a/2021/CVE-2021-1905.md b/2021/CVE-2021-1905.md
index 0f956c411..3b096e2a3 100644
--- a/2021/CVE-2021-1905.md
+++ b/2021/CVE-2021-1905.md
@@ -35,6 +35,7 @@ Possible use after free due to improper handling of memory mapping of multiple p
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-1940.md b/2021/CVE-2021-1940.md
index f0588c1e6..69f1cc3d2 100644
--- a/2021/CVE-2021-1940.md
+++ b/2021/CVE-2021-1940.md
@@ -25,5 +25,6 @@ Use after free can occur due to improper handling of response from firmware in S
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-1961.md b/2021/CVE-2021-1961.md
index fea6ec97b..d4a19fc8f 100644
--- a/2021/CVE-2021-1961.md
+++ b/2021/CVE-2021-1961.md
@@ -35,6 +35,7 @@ Possible buffer overflow due to lack of offset length check while updating the b
- https://github.com/tamirzb/CVE-2021-1961
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-1968.md b/2021/CVE-2021-1968.md
index 7e79f0db2..218cd5626 100644
--- a/2021/CVE-2021-1968.md
+++ b/2021/CVE-2021-1968.md
@@ -25,5 +25,6 @@ Improper validation of kernel buffer address while copying information back to u
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-1969.md b/2021/CVE-2021-1969.md
index 6c38e1d7b..feeadc6b9 100644
--- a/2021/CVE-2021-1969.md
+++ b/2021/CVE-2021-1969.md
@@ -25,5 +25,6 @@ Improper validation of kernel buffer address while copying information back to u
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-20021.md b/2021/CVE-2021-20021.md
index 9eaccc5ab..14a4077f6 100644
--- a/2021/CVE-2021-20021.md
+++ b/2021/CVE-2021-20021.md
@@ -13,6 +13,7 @@ A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attac
No PoCs from references.
#### Github
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/SUPRAAA-1337/CVE-2021-20021
diff --git a/2021/CVE-2021-20190.md b/2021/CVE-2021-20190.md
index cea2ea3af..de12919a1 100644
--- a/2021/CVE-2021-20190.md
+++ b/2021/CVE-2021-20190.md
@@ -15,5 +15,6 @@ A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the i
#### Github
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/seal-community/patches
diff --git a/2021/CVE-2021-20226.md b/2021/CVE-2021-20226.md
index d1c891701..de3c19799 100644
--- a/2021/CVE-2021-20226.md
+++ b/2021/CVE-2021-20226.md
@@ -25,5 +25,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-2109.md b/2021/CVE-2021-2109.md
index e546f7ef3..0261d4d75 100644
--- a/2021/CVE-2021-2109.md
+++ b/2021/CVE-2021-2109.md
@@ -29,6 +29,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
- https://github.com/Astrogeorgeonethree/Starred2
- https://github.com/Atem1988/Starred
- https://github.com/BrittanyKuhn/javascript-tutorial
+- https://github.com/CLincat/vulcat
- https://github.com/CVEDB/PoC-List
- https://github.com/Drun1baby/JavaSecurityLearning
- https://github.com/EdgeSecurityTeam/Vulnerability
diff --git a/2021/CVE-2021-21315.md b/2021/CVE-2021-21315.md
index 62a5fabe5..c76f4884c 100644
--- a/2021/CVE-2021-21315.md
+++ b/2021/CVE-2021-21315.md
@@ -19,6 +19,7 @@ No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/CITIZENDOT/CS547-CVEs
+- https://github.com/CLincat/vulcat
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/FB-Sec/exploits
- https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC
diff --git a/2021/CVE-2021-21551.md b/2021/CVE-2021-21551.md
index 77804213a..f9196fdbc 100644
--- a/2021/CVE-2021-21551.md
+++ b/2021/CVE-2021-21551.md
@@ -33,6 +33,7 @@ Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability
- https://github.com/SYRTI/POC_to_review
- https://github.com/SpikySabra/Kernel-Cactus
- https://github.com/SyncroScripting/Artichoke_Consulting
+- https://github.com/TheMalwareGuardian/Awesome-Bootkits-Rootkits-Development
- https://github.com/WhooAmii/POC_to_review
- https://github.com/alfarom256/MCP-PoC
- https://github.com/anquanscan/sec-tools
diff --git a/2021/CVE-2021-2173.md b/2021/CVE-2021-2173.md
index 5a176b722..551aeafdf 100644
--- a/2021/CVE-2021-2173.md
+++ b/2021/CVE-2021-2173.md
@@ -19,6 +19,7 @@ Vulnerability in the Recovery component of Oracle Database Server. Supported ver
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/emad-almousa/CVE-2021-2173
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2021/CVE-2021-21972.md b/2021/CVE-2021-21972.md
index 0eb9413f8..86709af1a 100644
--- a/2021/CVE-2021-21972.md
+++ b/2021/CVE-2021-21972.md
@@ -32,6 +32,7 @@ The vSphere Client (HTML5) contains a remote code execution vulnerability in a v
- https://github.com/B1anda0/CVE-2021-21972
- https://github.com/BugBlocker/lotus-scripts
- https://github.com/ByZain/CVE-2021-21972
+- https://github.com/CLincat/vulcat
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
diff --git a/2021/CVE-2021-22205.md b/2021/CVE-2021-22205.md
index 11e895390..12dbfaac6 100644
--- a/2021/CVE-2021-22205.md
+++ b/2021/CVE-2021-22205.md
@@ -15,6 +15,7 @@ An issue has been discovered in GitLab CE/EE affecting all versions starting fro
#### Github
- https://github.com/0x0021h/expbox
+- https://github.com/0xMarcio/cve
- https://github.com/0xget/cve-2001-1473
- https://github.com/0xn0ne/simple-scanner
- https://github.com/20142995/Goby
@@ -54,6 +55,7 @@ An issue has been discovered in GitLab CE/EE affecting all versions starting fro
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Threekiii/Awesome-Exploit
- https://github.com/Threekiii/Awesome-POC
+- https://github.com/Threekiii/Awesome-Redteam
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/WhooAmii/POC_to_review
- https://github.com/X1pe0/Automated-Gitlab-RCE
diff --git a/2021/CVE-2021-22555.md b/2021/CVE-2021-22555.md
index 615c5d843..de85fe656 100644
--- a/2021/CVE-2021-22555.md
+++ b/2021/CVE-2021-22555.md
@@ -36,6 +36,7 @@ A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in n
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/Ha0-Y/LinuxKernelExploits
- https://github.com/Ha0-Y/kernel-exploit-cve
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/JoneyJunior/cve-2021-22555
- https://github.com/Metarget/awesome-cloud-native-security
@@ -100,6 +101,7 @@ A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in n
- https://github.com/veritas501/pipe-primitive
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/x90hack/vulnerabilty_lab
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
diff --git a/2021/CVE-2021-23134.md b/2021/CVE-2021-23134.md
index 22c04317a..8b4464928 100644
--- a/2021/CVE-2021-23134.md
+++ b/2021/CVE-2021-23134.md
@@ -24,5 +24,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-24122.md b/2021/CVE-2021-24122.md
index 986fd4bc2..830e8acf5 100644
--- a/2021/CVE-2021-24122.md
+++ b/2021/CVE-2021-24122.md
@@ -22,5 +22,6 @@ When serving resources from a network location using the NTFS file system, Apach
- https://github.com/Threekiii/Awesome-POC
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/mklmfane/betvictor
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2021/CVE-2021-25122.md b/2021/CVE-2021-25122.md
index 8021ab77e..ed3c7793a 100644
--- a/2021/CVE-2021-25122.md
+++ b/2021/CVE-2021-25122.md
@@ -17,5 +17,6 @@ When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/DNTYO/F5_Vulnerability
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2021/CVE-2021-25329.md b/2021/CVE-2021-25329.md
index 620d6991e..a0e422afd 100644
--- a/2021/CVE-2021-25329.md
+++ b/2021/CVE-2021-25329.md
@@ -20,5 +20,6 @@ The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to
- https://github.com/Live-Hack-CVE/CVE-2021-25329
- https://github.com/mklmfane/betvictor
- https://github.com/raner/projo
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
diff --git a/2021/CVE-2021-25369.md b/2021/CVE-2021-25369.md
index 3630441ec..d316de2c4 100644
--- a/2021/CVE-2021-25369.md
+++ b/2021/CVE-2021-25369.md
@@ -26,5 +26,6 @@ An improper access control vulnerability in sec_log file prior to SMR MAR-2021 R
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-25370.md b/2021/CVE-2021-25370.md
index 41d1f9185..f95e5973c 100644
--- a/2021/CVE-2021-25370.md
+++ b/2021/CVE-2021-25370.md
@@ -26,5 +26,6 @@ An incorrect implementation handling file descriptor in dpu driver prior to SMR
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-25646.md b/2021/CVE-2021-25646.md
index ad66ca6c4..f33f13e8b 100644
--- a/2021/CVE-2021-25646.md
+++ b/2021/CVE-2021-25646.md
@@ -26,6 +26,7 @@ Apache Druid includes the ability to execute user-provided JavaScript code embed
- https://github.com/Astrogeorgeonethree/Starred2
- https://github.com/Atem1988/Starred
- https://github.com/Awrrays/FrameVul
+- https://github.com/CLincat/vulcat
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/FDlucifer/firece-fish
diff --git a/2021/CVE-2021-26084.md b/2021/CVE-2021-26084.md
index bfd19f883..01a5ac170 100644
--- a/2021/CVE-2021-26084.md
+++ b/2021/CVE-2021-26084.md
@@ -18,6 +18,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul
#### Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/0x727/ShuiZe_0x727
+- https://github.com/0xMarcio/cve
- https://github.com/0xMrNiko/Awesome-Red-Teaming
- https://github.com/0xf4n9x/CVE-2021-26084
- https://github.com/0xsyr0/OSCP
@@ -110,6 +111,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul
- https://github.com/dorkerdevil/CVE-2021-26084
- https://github.com/elinakrmova/RedTeam-Tools
- https://github.com/emtee40/win-pentest-tools
+- https://github.com/enomothem/PenTestNote
- https://github.com/fardeen-ahmed/Bug-bounty-Writeups
- https://github.com/h3v0x/CVE-2021-26084_Confluence
- https://github.com/hack-parthsharma/Pentest-Tools
diff --git a/2021/CVE-2021-26085.md b/2021/CVE-2021-26085.md
index be3c3f498..dd31d54f8 100644
--- a/2021/CVE-2021-26085.md
+++ b/2021/CVE-2021-26085.md
@@ -31,6 +31,7 @@ Affected versions of Atlassian Confluence Server allow remote attackers to view
- https://github.com/e-hakson/OSCP
- https://github.com/eljosep/OSCP-Guide
- https://github.com/emadshanab/Some-BugBounty-Tips-from-my-Twitter-feed
+- https://github.com/enomothem/PenTestNote
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/manas3c/CVE-POC
diff --git a/2021/CVE-2021-26341.md b/2021/CVE-2021-26341.md
index cc4098f15..11d57af5e 100644
--- a/2021/CVE-2021-26341.md
+++ b/2021/CVE-2021-26341.md
@@ -26,5 +26,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-26708.md b/2021/CVE-2021-26708.md
index a5a47f861..5eda063b4 100644
--- a/2021/CVE-2021-26708.md
+++ b/2021/CVE-2021-26708.md
@@ -46,6 +46,7 @@ A local privilege escalation was discovered in the Linux kernel before 5.10.13.
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/x90hack/vulnerabilty_lab
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
diff --git a/2021/CVE-2021-27190.md b/2021/CVE-2021-27190.md
index ca3efe672..6da253f9e 100644
--- a/2021/CVE-2021-27190.md
+++ b/2021/CVE-2021-27190.md
@@ -21,6 +21,7 @@ A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/anmolksachan/CVE
+- https://github.com/anmolksachan/CVE-2021-27190-PEEL-Shopping-cart-9.3.0-Stored-XSS
- https://github.com/anmolksachan/anmolksachan
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/k0mi-tg/CVE-POC
diff --git a/2021/CVE-2021-27201.md b/2021/CVE-2021-27201.md
index 62b9c3e10..40bc7b66e 100644
--- a/2021/CVE-2021-27201.md
+++ b/2021/CVE-2021-27201.md
@@ -14,4 +14,5 @@ Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated users to e
- https://www.endian.com/company/news/endian-community-releases-new-version-332-148/
#### Github
+- https://github.com/MucahitSaratar/endian_firewall_authenticated_rce
diff --git a/2021/CVE-2021-27328.md b/2021/CVE-2021-27328.md
index a06782219..7b09135f8 100644
--- a/2021/CVE-2021-27328.md
+++ b/2021/CVE-2021-27328.md
@@ -22,6 +22,7 @@ Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An a
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/NaInSec/CVE-PoC-in-GitHub
+- https://github.com/SQSamir/CVE-2021-27328
- https://github.com/SYRTI/POC_to_review
- https://github.com/SexyBeast233/SecBooks
- https://github.com/SouthWind0/southwind0.github.io
diff --git a/2021/CVE-2021-27363.md b/2021/CVE-2021-27363.md
index 2f0c8752e..68e4f050b 100644
--- a/2021/CVE-2021-27363.md
+++ b/2021/CVE-2021-27363.md
@@ -31,5 +31,6 @@ An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer lea
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/teresaweber685/book_list
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-27364.md b/2021/CVE-2021-27364.md
index ffd1266f7..a24d27792 100644
--- a/2021/CVE-2021-27364.md
+++ b/2021/CVE-2021-27364.md
@@ -32,5 +32,6 @@ An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_tr
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/teresaweber685/book_list
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-27365.md b/2021/CVE-2021-27365.md
index cd5e3a9e6..2e50d93cb 100644
--- a/2021/CVE-2021-27365.md
+++ b/2021/CVE-2021-27365.md
@@ -19,6 +19,7 @@ An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data s
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/EGI-Federation/SVG-advisories
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/aaronxie55/Presentation2_Markdown
- https://github.com/bollwarm/SecToolSet
@@ -37,5 +38,6 @@ An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data s
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/teresaweber685/book_list
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-27963.md b/2021/CVE-2021-27963.md
index f8549caa8..25c086203 100644
--- a/2021/CVE-2021-27963.md
+++ b/2021/CVE-2021-27963.md
@@ -18,6 +18,7 @@ SonLogger before 6.4.1 is affected by user creation with any user permissions pr
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/erberkan/SonLogger-vulns
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2021/CVE-2021-27964.md b/2021/CVE-2021-27964.md
index cb9b95c94..421e3cd8c 100644
--- a/2021/CVE-2021-27964.md
+++ b/2021/CVE-2021-27964.md
@@ -15,4 +15,5 @@ SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/erberkan/SonLogger-vulns
diff --git a/2021/CVE-2021-28663.md b/2021/CVE-2021-28663.md
index 28b9ffb84..7e28dfb64 100644
--- a/2021/CVE-2021-28663.md
+++ b/2021/CVE-2021-28663.md
@@ -28,6 +28,7 @@ The Arm Mali GPU kernel driver allows privilege escalation or information disclo
- https://github.com/khanhhdz06/linux-kernel-exploitation
- https://github.com/khanhnd123/linux-kernel-exploitation
- https://github.com/knd06/linux-kernel-exploitation
+- https://github.com/lntrx/CVE-2021-28663
- https://github.com/manas3c/CVE-POC
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/nomi-sec/PoC-in-GitHub
@@ -35,6 +36,7 @@ The Arm Mali GPU kernel driver allows privilege escalation or information disclo
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-29267.md b/2021/CVE-2021-29267.md
index 7611dbd71..aca2ffdef 100644
--- a/2021/CVE-2021-29267.md
+++ b/2021/CVE-2021-29267.md
@@ -16,6 +16,7 @@ Sherlock SherlockIM through 2021-03-29 allows Cross Site Scripting (XSS) by leve
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/Security-AVS/CVE-2021-29267
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
diff --git a/2021/CVE-2021-29337.md b/2021/CVE-2021-29337.md
index 0a52a0a0a..a83073791 100644
--- a/2021/CVE-2021-29337.md
+++ b/2021/CVE-2021-29337.md
@@ -18,6 +18,7 @@ MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/rjt-gupta/CVE-2021-29337
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-29657.md b/2021/CVE-2021-29657.md
index 8806f36b5..a36a28f60 100644
--- a/2021/CVE-2021-29657.md
+++ b/2021/CVE-2021-29657.md
@@ -26,5 +26,6 @@ arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-fre
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-30146.md b/2021/CVE-2021-30146.md
index a6efd1064..811d899f2 100644
--- a/2021/CVE-2021-30146.md
+++ b/2021/CVE-2021-30146.md
@@ -16,6 +16,7 @@ Seafile 7.0.5 (2019) allows Persistent XSS via the "share of library functionali
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/Security-AVS/CVE-2021-30146
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
diff --git a/2021/CVE-2021-30640.md b/2021/CVE-2021-30640.md
index 3f8570b45..724d55e7f 100644
--- a/2021/CVE-2021-30640.md
+++ b/2021/CVE-2021-30640.md
@@ -15,5 +15,5 @@ A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authent
- https://www.oracle.com/security-alerts/cpuoct2021.html
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/versio-io/product-lifecycle-security-api
diff --git a/2021/CVE-2021-3120.md b/2021/CVE-2021-3120.md
index 570832dee..67b3fb5a3 100644
--- a/2021/CVE-2021-3120.md
+++ b/2021/CVE-2021-3120.md
@@ -13,4 +13,5 @@ An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premiu
- https://github.com/guy-liu/yith-giftdrop
#### Github
+- https://github.com/guy-liu/yith-giftdrop
diff --git a/2021/CVE-2021-3129.md b/2021/CVE-2021-3129.md
index e11136e30..b401c0a75 100644
--- a/2021/CVE-2021-3129.md
+++ b/2021/CVE-2021-3129.md
@@ -17,6 +17,7 @@ Ignition before 2.5.2, as used in Laravel and other products, allows unauthentic
- https://github.com/0day404/vulnerability-poc
- https://github.com/0day666/Vulnerability-verification
- https://github.com/0nion1/CVE-2021-3129
+- https://github.com/0xMarcio/cve
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xZipp0/OSCP
- https://github.com/0xaniketB/HackTheBox-Horizontall
diff --git a/2021/CVE-2021-31440.md b/2021/CVE-2021-31440.md
index faca39d71..b7b25f50d 100644
--- a/2021/CVE-2021-31440.md
+++ b/2021/CVE-2021-31440.md
@@ -16,6 +16,7 @@ This vulnerability allows local attackers to escalate privileges on affected ins
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/ChoKyuWon/exploit_articles
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/XiaozaYa/CVE-Recording
- https://github.com/adavarski/HomeLab-Proxmox-k8s-DevSecOps-playground
diff --git a/2021/CVE-2021-3164.md b/2021/CVE-2021-3164.md
index e545ebd27..c7973ff16 100644
--- a/2021/CVE-2021-3164.md
+++ b/2021/CVE-2021-3164.md
@@ -21,6 +21,7 @@ ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/rmccarth/cve-2021-3164
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
diff --git a/2021/CVE-2021-31760.md b/2021/CVE-2021-31760.md
index 228dac5bc..69f9b5fb3 100644
--- a/2021/CVE-2021-31760.md
+++ b/2021/CVE-2021-31760.md
@@ -19,11 +19,13 @@ Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote
- https://github.com/ARPSyndicate/cvemon
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/KayCHENvip/vulnerability-poc
+- https://github.com/Mesh3l911/CVE-2021-31760
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/Threekiii/Awesome-POC
- https://github.com/WhooAmii/POC_to_review
- https://github.com/d4n-sec/d4n-sec.github.io
+- https://github.com/electronicbots/CVE-2021-31760
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
diff --git a/2021/CVE-2021-31761.md b/2021/CVE-2021-31761.md
index 2cd1147c2..54203763b 100644
--- a/2021/CVE-2021-31761.md
+++ b/2021/CVE-2021-31761.md
@@ -16,9 +16,11 @@ Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remo
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Mesh3l911/CVE-2021-31761
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/electronicbots/CVE-2021-31761
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
diff --git a/2021/CVE-2021-31762.md b/2021/CVE-2021-31762.md
index 2049a50dc..5154816d5 100644
--- a/2021/CVE-2021-31762.md
+++ b/2021/CVE-2021-31762.md
@@ -17,9 +17,11 @@ Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privil
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Mesh3l911/CVE-2021-31762
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/electronicbots/CVE-2021-31762
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
diff --git a/2021/CVE-2021-32156.md b/2021/CVE-2021-32156.md
index 0a23358a5..fbec6b889 100644
--- a/2021/CVE-2021-32156.md
+++ b/2021/CVE-2021-32156.md
@@ -14,6 +14,7 @@ A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Mesh3l911/CVE-2021-32156
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-32157.md b/2021/CVE-2021-32157.md
index 22c00ee80..d154f5be8 100644
--- a/2021/CVE-2021-32157.md
+++ b/2021/CVE-2021-32157.md
@@ -14,6 +14,7 @@ A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Schedu
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Mesh3l911/CVE-2021-32157
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-32158.md b/2021/CVE-2021-32158.md
index b66f7f529..a38e56520 100644
--- a/2021/CVE-2021-32158.md
+++ b/2021/CVE-2021-32158.md
@@ -14,6 +14,7 @@ A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Mesh3l911/CVE-2021-32158
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-32159.md b/2021/CVE-2021-32159.md
index 86bb1df6c..664bdc476 100644
--- a/2021/CVE-2021-32159.md
+++ b/2021/CVE-2021-32159.md
@@ -14,6 +14,7 @@ A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Mesh3l911/CVE-2021-32159
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-32160.md b/2021/CVE-2021-32160.md
index 92746c8e7..18344f021 100644
--- a/2021/CVE-2021-32160.md
+++ b/2021/CVE-2021-32160.md
@@ -14,6 +14,7 @@ A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Ad
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Mesh3l911/CVE-2021-32160
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-32161.md b/2021/CVE-2021-32161.md
index 9464fd2ad..5a85c9a3d 100644
--- a/2021/CVE-2021-32161.md
+++ b/2021/CVE-2021-32161.md
@@ -14,6 +14,7 @@ A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Fi
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Mesh3l911/CVE-2021-32161
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-32162.md b/2021/CVE-2021-32162.md
index 7d8e568b0..2a63df596 100644
--- a/2021/CVE-2021-32162.md
+++ b/2021/CVE-2021-32162.md
@@ -14,6 +14,7 @@ A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Mesh3l911/CVE-2021-32162
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-32606.md b/2021/CVE-2021-32606.md
index 0fb608279..e662f5268 100644
--- a/2021/CVE-2021-32606.md
+++ b/2021/CVE-2021-32606.md
@@ -25,5 +25,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-3291.md b/2021/CVE-2021-3291.md
index 73e96b97f..7ebbcaa12 100644
--- a/2021/CVE-2021-3291.md
+++ b/2021/CVE-2021-3291.md
@@ -17,6 +17,7 @@ Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an
- https://github.com/ARPSyndicate/cvemon
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/ImHades101/CVE-2021-3291
+- https://github.com/MucahitSaratar/zencart_auth_rce_poc
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-33037.md b/2021/CVE-2021-33037.md
index 3632ee385..57ec6d2e8 100644
--- a/2021/CVE-2021-33037.md
+++ b/2021/CVE-2021-33037.md
@@ -18,4 +18,5 @@ Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did no
#### Github
- https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
+- https://github.com/versio-io/product-lifecycle-security-api
diff --git a/2021/CVE-2021-33558.md b/2021/CVE-2021-33558.md
index 24feca578..44b39976d 100644
--- a/2021/CVE-2021-33558.md
+++ b/2021/CVE-2021-33558.md
@@ -19,6 +19,7 @@
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/anldori/CVE-2021-33558
+- https://github.com/mdanzaruddin/CVE-2021-33558.
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
diff --git a/2021/CVE-2021-33564.md b/2021/CVE-2021-33564.md
index d7e156660..1ff5ec2a8 100644
--- a/2021/CVE-2021-33564.md
+++ b/2021/CVE-2021-33564.md
@@ -25,6 +25,7 @@ An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby a
- https://github.com/dorkerdevil/CVE-2021-33564
- https://github.com/harsh-bothra/learn365
- https://github.com/markevans/dragonfly
+- https://github.com/mlr0p/CVE-2021-33564
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/rodolfomarianocy/OSCP-Tricks-2023
- https://github.com/soosmile/POC
diff --git a/2021/CVE-2021-3378.md b/2021/CVE-2021-3378.md
index 596528c29..e36e3764e 100644
--- a/2021/CVE-2021-3378.md
+++ b/2021/CVE-2021-3378.md
@@ -26,6 +26,7 @@ FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-T
- https://github.com/Z0fhack/Goby_POC
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/erberkan/fortilogger_arbitrary_fileupload
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2021/CVE-2021-33909.md b/2021/CVE-2021-33909.md
index 2dbedf5a0..934e47158 100644
--- a/2021/CVE-2021-33909.md
+++ b/2021/CVE-2021-33909.md
@@ -51,6 +51,7 @@ fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not pro
- https://github.com/sfowl/deep-directory
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
diff --git a/2021/CVE-2021-34527.md b/2021/CVE-2021-34527.md
index 703c46b55..40aea3cac 100644
--- a/2021/CVE-2021-34527.md
+++ b/2021/CVE-2021-34527.md
@@ -51,6 +51,7 @@
#### Github
- https://github.com/0x6d69636b/windows_hardening
- https://github.com/0x727/usefull-elevation-of-privilege
+- https://github.com/0xMarcio/cve
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xZipp0/OSCP
- https://github.com/0xaniketB/HackTheBox-Driver
diff --git a/2021/CVE-2021-34866.md b/2021/CVE-2021-34866.md
index b27b9dd9e..15b05b28c 100644
--- a/2021/CVE-2021-34866.md
+++ b/2021/CVE-2021-34866.md
@@ -25,5 +25,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-3490.md b/2021/CVE-2021-3490.md
index e67d60d97..dfce8c840 100644
--- a/2021/CVE-2021-3490.md
+++ b/2021/CVE-2021-3490.md
@@ -18,6 +18,7 @@ The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux ke
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/LinuxEelvation
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Mr-xn/Penetration_Testing_POC
@@ -54,6 +55,7 @@ The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux ke
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
diff --git a/2021/CVE-2021-3492.md b/2021/CVE-2021-3492.md
index ec106678c..539e27115 100644
--- a/2021/CVE-2021-3492.md
+++ b/2021/CVE-2021-3492.md
@@ -37,6 +37,7 @@ Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, d
- https://github.com/synacktiv/CVE-2021-3492
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-3493.md b/2021/CVE-2021-3493.md
index d89b7403c..2a3e779fc 100644
--- a/2021/CVE-2021-3493.md
+++ b/2021/CVE-2021-3493.md
@@ -17,6 +17,7 @@ The overlayfs implementation in the linux kernel did not properly validate with
#### Github
- https://github.com/0day404/vulnerability-poc
+- https://github.com/0xMarcio/cve
- https://github.com/0xMat10/eJPT_Prep
- https://github.com/0xWhoami35/root-kernel
- https://github.com/0xsyr0/OSCP
@@ -35,6 +36,7 @@ The overlayfs implementation in the linux kernel did not properly validate with
- https://github.com/GhostTroops/TOP
- https://github.com/GibzB/THM-Captured-Rooms
- https://github.com/H0j3n/EzpzCheatSheet
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/Ishan3011/CVE-2021-3493
- https://github.com/JERRY123S/all-poc
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -109,6 +111,7 @@ The overlayfs implementation in the linux kernel did not properly validate with
- https://github.com/tzwlhack/Vulnerability
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xhref/OSCP
- https://github.com/xuetusummer/Penetration_Testing_POC
diff --git a/2021/CVE-2021-35296.md b/2021/CVE-2021-35296.md
index f0a938a08..3e526b3fc 100644
--- a/2021/CVE-2021-35296.md
+++ b/2021/CVE-2021-35296.md
@@ -17,6 +17,7 @@ An issue in the administrator authentication panel of PTCL HG150-Ub v3.0 allows
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/afaq1337/CVE-2021-35296
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
diff --git a/2021/CVE-2021-3573.md b/2021/CVE-2021-3573.md
index de0ea246e..56109f2e7 100644
--- a/2021/CVE-2021-3573.md
+++ b/2021/CVE-2021-3573.md
@@ -26,5 +26,6 @@ A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subs
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-35975.md b/2021/CVE-2021-35975.md
index a54a9a70d..6f9e12c1a 100644
--- a/2021/CVE-2021-35975.md
+++ b/2021/CVE-2021-35975.md
@@ -16,6 +16,7 @@ Absolute path traversal vulnerability in the Systematica SMTP Adapter component
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/fbkcs/CVE-2021-35975
- https://github.com/soosmile/POC
- https://github.com/trump88/CVE-2021-35975
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-3609.md b/2021/CVE-2021-3609.md
index dab276b32..53b8a27f1 100644
--- a/2021/CVE-2021-3609.md
+++ b/2021/CVE-2021-3609.md
@@ -24,5 +24,6 @@
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-36260.md b/2021/CVE-2021-36260.md
index a04999423..616054327 100644
--- a/2021/CVE-2021-36260.md
+++ b/2021/CVE-2021-36260.md
@@ -15,6 +15,7 @@ A command injection vulnerability in the web server of some Hikvision product. D
#### Github
- https://github.com/0day404/vulnerability-poc
+- https://github.com/0xMarcio/cve
- https://github.com/1f3lse/taiE
- https://github.com/20142995/Goby
- https://github.com/20142995/sectool
diff --git a/2021/CVE-2021-36460.md b/2021/CVE-2021-36460.md
index ee57ef619..2b822fb5a 100644
--- a/2021/CVE-2021-36460.md
+++ b/2021/CVE-2021-36460.md
@@ -18,6 +18,7 @@ VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally o
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/karimhabush/cyberowl
+- https://github.com/martinfrancois/CVE-2021-36460
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-36563.md b/2021/CVE-2021-36563.md
index 6ac6bb103..b2afae04b 100644
--- a/2021/CVE-2021-36563.md
+++ b/2021/CVE-2021-36563.md
@@ -14,6 +14,7 @@ The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise u
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Edgarloyola/CVE-2021-36563
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-36749.md b/2021/CVE-2021-36749.md
index 67e87890d..62eb145f9 100644
--- a/2021/CVE-2021-36749.md
+++ b/2021/CVE-2021-36749.md
@@ -21,6 +21,7 @@ No PoCs from references.
- https://github.com/ArrestX/--POC
- https://github.com/Awrrays/FrameVul
- https://github.com/BrucessKING/CVE-2021-36749
+- https://github.com/CLincat/vulcat
- https://github.com/HimmelAward/Goby_POC
- https://github.com/Ilovewomen/db_script_v2
- https://github.com/Ilovewomen/db_script_v2_2
diff --git a/2021/CVE-2021-36799.md b/2021/CVE-2021-36799.md
index 9dd15b6dc..df1d65454 100644
--- a/2021/CVE-2021-36799.md
+++ b/2021/CVE-2021-36799.md
@@ -19,6 +19,7 @@
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/robertguetzkow/ets5-password-recovery
- https://github.com/robertguetzkow/robertguetzkow
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
diff --git a/2021/CVE-2021-36981.md b/2021/CVE-2021-36981.md
index 177d5b823..7f7914301 100644
--- a/2021/CVE-2021-36981.md
+++ b/2021/CVE-2021-36981.md
@@ -13,6 +13,7 @@ In the server in SerNet verinice before 1.22.2, insecure Java deserialization al
- https://github.com/0xBrAinsTorM/CVE-2021-36981
#### Github
+- https://github.com/0xBrAinsTorM/CVE-2021-36981
- https://github.com/ARPSyndicate/cvemon
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2021/CVE-2021-3715.md b/2021/CVE-2021-3715.md
index ba9aa7488..d469c31d1 100644
--- a/2021/CVE-2021-3715.md
+++ b/2021/CVE-2021-3715.md
@@ -30,5 +30,6 @@ A flaw was found in the "Routing decision" classifier in the Linux kernel's Traf
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-37740.md b/2021/CVE-2021-37740.md
index 5b1b6a28e..3abd833b8 100644
--- a/2021/CVE-2021-37740.md
+++ b/2021/CVE-2021-37740.md
@@ -19,6 +19,7 @@ A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Sec
- https://github.com/WhooAmii/POC_to_review
- https://github.com/anquanscan/sec-tools
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/robertguetzkow/CVE-2021-37740
- https://github.com/robertguetzkow/robertguetzkow
- https://github.com/trhacknon/Pocingit
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-38149.md b/2021/CVE-2021-38149.md
index e994ab6c6..09de35602 100644
--- a/2021/CVE-2021-38149.md
+++ b/2021/CVE-2021-38149.md
@@ -14,4 +14,5 @@ index.php/admin/add_user in Chikitsa Patient Management System 2.0.0 allows XSS.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/jboogie15/CVE-2021-38149
diff --git a/2021/CVE-2021-38185.md b/2021/CVE-2021-38185.md
index f0f4ecaba..4e397ef16 100644
--- a/2021/CVE-2021-38185.md
+++ b/2021/CVE-2021-38185.md
@@ -15,5 +15,6 @@ GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted p
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Jauler/cve2021-3156-sudo-heap-overflow
+- https://github.com/fangqyi/cpiopwn
- https://github.com/fokypoky/places-list
diff --git a/2021/CVE-2021-38647.md b/2021/CVE-2021-38647.md
index 1528cef0a..2746a99b8 100644
--- a/2021/CVE-2021-38647.md
+++ b/2021/CVE-2021-38647.md
@@ -28,6 +28,7 @@ Open Management Infrastructure Remote Code Execution Vulnerability
- http://packetstormsecurity.com/files/164694/Microsoft-OMI-Management-Interface-Authentication-Bypass.html
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/AlteredSecurity/CVE-2021-38647
diff --git a/2021/CVE-2021-38699.md b/2021/CVE-2021-38699.md
index 3b7f03cc3..cdc4d3b6f 100644
--- a/2021/CVE-2021-38699.md
+++ b/2021/CVE-2021-38699.md
@@ -18,6 +18,8 @@ TastyIgniter 3.0.7 allows XSS via /account, /reservation, /admin/dashboard, and
- https://github.com/2lambda123/CVE-mitre
- https://github.com/2lambda123/Windows10Exploits
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/HuskyHacks/CVE-2021-38699-Reflected-XSS
+- https://github.com/HuskyHacks/CVE-2021-38699-Stored-XSS
- https://github.com/Justin-1993/CVE-2021-38699
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/nu11secur1ty/CVE-mitre
diff --git a/2021/CVE-2021-39322.md b/2021/CVE-2021-39322.md
index 2aa987073..cbb78febe 100644
--- a/2021/CVE-2021-39322.md
+++ b/2021/CVE-2021-39322.md
@@ -10,7 +10,7 @@ The Easy Social Icons plugin <= 3.0.8 for WordPress echoes out the raw value of
### POC
#### Reference
-No PoCs from references.
+- https://wpvulndb.com/vulnerabilities/5e0bf0b6-9809-426b-b1d4-1fb653083b58
#### Github
- https://github.com/ARPSyndicate/cvemon
diff --git a/2021/CVE-2021-39815.md b/2021/CVE-2021-39815.md
index 61e3b9b60..460b9dcfa 100644
--- a/2021/CVE-2021-39815.md
+++ b/2021/CVE-2021-39815.md
@@ -24,5 +24,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-40154.md b/2021/CVE-2021-40154.md
index e95b8c397..b6b68e092 100644
--- a/2021/CVE-2021-40154.md
+++ b/2021/CVE-2021-40154.md
@@ -15,6 +15,7 @@ NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength val
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Jeromeyoung/CVE-2021-40154
+- https://github.com/Xen1thLabs-AE/CVE-2021-40154
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
diff --git a/2021/CVE-2021-4034.md b/2021/CVE-2021-4034.md
index d2e69a0f8..d19eb949b 100644
--- a/2021/CVE-2021-4034.md
+++ b/2021/CVE-2021-4034.md
@@ -82,6 +82,7 @@ A local privilege escalation vulnerability was found on polkit's pkexec utility.
- https://github.com/H3arn/hackergame-2022-writeup
- https://github.com/HadessCS/Awesome-Privilege-Escalation
- https://github.com/HattMobb/TryHackMe-Bugle-Machine-Writeup-Walkthrough
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/HellGateCorp/pwnkit
- https://github.com/HrishitJoshi/CVE-2021-4034
- https://github.com/IBM-Cloud/vpc-ha-iac
diff --git a/2021/CVE-2021-40845.md b/2021/CVE-2021-40845.md
index 911c81a01..ec2449ec4 100644
--- a/2021/CVE-2021-40845.md
+++ b/2021/CVE-2021-40845.md
@@ -19,4 +19,5 @@ The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called Alpha
- https://github.com/ARPSyndicate/cvemon
- https://github.com/FDlucifer/firece-fish
- https://github.com/anquanscan/sec-tools
+- https://github.com/ricardojoserf/CVE-2021-40845
diff --git a/2021/CVE-2021-40875.md b/2021/CVE-2021-40875.md
index d52d7c0dc..920a103f4 100644
--- a/2021/CVE-2021-40875.md
+++ b/2021/CVE-2021-40875.md
@@ -20,6 +20,7 @@ Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sen
- https://github.com/Lul/TestRail-files.md5-IAC-scanner
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/SakuraSamuraii/derailed
- https://github.com/StarCrossPortal/scalpel
- https://github.com/WhooAmii/POC_to_review
- https://github.com/Z0fhack/Goby_POC
diff --git a/2021/CVE-2021-40904.md b/2021/CVE-2021-40904.md
index c07085b22..640b399a9 100644
--- a/2021/CVE-2021-40904.md
+++ b/2021/CVE-2021-40904.md
@@ -14,6 +14,7 @@ The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allo
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Edgarloyola/CVE-2021-40904
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-40906.md b/2021/CVE-2021-40906.md
index 452ad5838..a803072bc 100644
--- a/2021/CVE-2021-40906.md
+++ b/2021/CVE-2021-40906.md
@@ -14,6 +14,7 @@ CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the inp
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Edgarloyola/CVE-2021-40906
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2021/CVE-2021-40978.md b/2021/CVE-2021-40978.md
index 65f2dbd5c..84b41a159 100644
--- a/2021/CVE-2021-40978.md
+++ b/2021/CVE-2021-40978.md
@@ -28,6 +28,7 @@
- https://github.com/WhooAmii/POC_to_review
- https://github.com/Z0fhack/Goby_POC
- https://github.com/d4n-sec/d4n-sec.github.io
+- https://github.com/nisdn/CVE-2021-40978
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
- https://github.com/xinyisleep/pocscan
diff --git a/2021/CVE-2021-41073.md b/2021/CVE-2021-41073.md
index 62bfa655f..94cdd917b 100644
--- a/2021/CVE-2021-41073.md
+++ b/2021/CVE-2021-41073.md
@@ -17,6 +17,7 @@ loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows loc
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Ch4nc3n/PublicExploitation
- https://github.com/DarkFunct/CVE_Exploits
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
@@ -41,6 +42,7 @@ loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows loc
- https://github.com/star-sg/CVE
- https://github.com/trhacknon/CVE2
- https://github.com/trhacknon/Pocingit
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/zecool/cve
- https://github.com/zzcentury/PublicExploitation
diff --git a/2021/CVE-2021-41079.md b/2021/CVE-2021-41079.md
index 022fb46e9..43d8ebe91 100644
--- a/2021/CVE-2021-41079.md
+++ b/2021/CVE-2021-41079.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/chnzzh/OpenSSL-CVE-lib
+- https://github.com/versio-io/product-lifecycle-security-api
diff --git a/2021/CVE-2021-41511.md b/2021/CVE-2021-41511.md
index 62b5d7f9f..79afed1ac 100644
--- a/2021/CVE-2021-41511.md
+++ b/2021/CVE-2021-41511.md
@@ -19,6 +19,7 @@ The username and password field of login in Lodging Reservation Management Syste
- https://github.com/2lambda123/CVE-mitre
- https://github.com/2lambda123/Windows10Exploits
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Ni7inSharma/CVE-2021-41511
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/nu11secur1ty/CVE-mitre
- https://github.com/nu11secur1ty/CVE-nu11secur1ty
diff --git a/2021/CVE-2021-4154.md b/2021/CVE-2021-4154.md
index 009407127..ee1539d1c 100644
--- a/2021/CVE-2021-4154.md
+++ b/2021/CVE-2021-4154.md
@@ -14,6 +14,7 @@ A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Markakd/CVE-2021-4154
- https://github.com/Markakd/DirtyCred
diff --git a/2021/CVE-2021-41647.md b/2021/CVE-2021-41647.md
index b3c57c20e..1a2e8cd5e 100644
--- a/2021/CVE-2021-41647.md
+++ b/2021/CVE-2021-41647.md
@@ -18,6 +18,7 @@ An un-authenticated error-based and time-based blind SQL injection vulnerability
- https://github.com/2lambda123/CVE-mitre
- https://github.com/2lambda123/Windows10Exploits
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/MobiusBinary/CVE-2021-41647
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/nu11secur1ty/CVE-mitre
- https://github.com/nu11secur1ty/CVE-nu11secur1ty
diff --git a/2021/CVE-2021-41648.md b/2021/CVE-2021-41648.md
index b0cb62e14..dbe543c1a 100644
--- a/2021/CVE-2021-41648.md
+++ b/2021/CVE-2021-41648.md
@@ -19,6 +19,7 @@ An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-syste
- https://github.com/2lambda123/Windows10Exploits
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/MobiusBinary/CVE-2021-41648
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/nu11secur1ty/CVE-mitre
- https://github.com/nu11secur1ty/CVE-nu11secur1ty
diff --git a/2021/CVE-2021-41946.md b/2021/CVE-2021-41946.md
index 7b9d639cb..461d8a7b1 100644
--- a/2021/CVE-2021-41946.md
+++ b/2021/CVE-2021-41946.md
@@ -17,6 +17,7 @@ In FiberHome VDSL2 Modem HG150-Ub_V3.0, a stored cross-site scripting (XSS) vuln
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/afaq1337/CVE-2021-41946
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-42008.md b/2021/CVE-2021-42008.md
index 7ff881ae0..fc67273ee 100644
--- a/2021/CVE-2021-42008.md
+++ b/2021/CVE-2021-42008.md
@@ -18,6 +18,7 @@ The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel bef
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/BachoSeven/stellestelline
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
@@ -40,6 +41,7 @@ The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel bef
- https://github.com/soosmile/POC
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/trhacknon/Pocingit
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-4204.md b/2021/CVE-2021-4204.md
index a02de60b1..2355782ff 100644
--- a/2021/CVE-2021-4204.md
+++ b/2021/CVE-2021-4204.md
@@ -36,6 +36,7 @@ No PoCs from references.
- https://github.com/tr3ee/CVE-2021-4204
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
diff --git a/2021/CVE-2021-42056.md b/2021/CVE-2021-42056.md
index 9c8205077..864ec9ec6 100644
--- a/2021/CVE-2021-42056.md
+++ b/2021/CVE-2021-42056.md
@@ -20,5 +20,6 @@ Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
+- https://github.com/z00z00z00/Safenet_SAC_CVE-2021-42056
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-42327.md b/2021/CVE-2021-42327.md
index 683249dbb..9f89c5a08 100644
--- a/2021/CVE-2021-42327.md
+++ b/2021/CVE-2021-42327.md
@@ -31,6 +31,7 @@ No PoCs from references.
- https://github.com/soosmile/POC
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/trhacknon/Pocingit
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-42662.md b/2021/CVE-2021-42662.md
index 0475e6935..4f74d41d5 100644
--- a/2021/CVE-2021-42662.md
+++ b/2021/CVE-2021-42662.md
@@ -20,6 +20,7 @@ A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Onlin
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheHackingRabbi/CVE-2021-42662
- https://github.com/TheHackingRabbi/CVE-2021-42663
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2021/CVE-2021-42663.md b/2021/CVE-2021-42663.md
index 59f46f721..13d1e2167 100644
--- a/2021/CVE-2021-42663.md
+++ b/2021/CVE-2021-42663.md
@@ -18,6 +18,7 @@ An HTML injection vulnerability exists in Sourcecodester Online Event Booking an
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheHackingRabbi/CVE-2021-42663
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
diff --git a/2021/CVE-2021-42664.md b/2021/CVE-2021-42664.md
index b790a4322..fe89b6c06 100644
--- a/2021/CVE-2021-42664.md
+++ b/2021/CVE-2021-42664.md
@@ -19,6 +19,7 @@ A Stored Cross Site Scripting (XSS) Vulneraibiilty exists in Sourcecodester Engi
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheHackingRabbi/CVE-2021-42664
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
diff --git a/2021/CVE-2021-42665.md b/2021/CVE-2021-42665.md
index f2cae92e7..8239d52ad 100644
--- a/2021/CVE-2021-42665.md
+++ b/2021/CVE-2021-42665.md
@@ -22,6 +22,7 @@ An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheHackingRabbi/CVE-2021-42665
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nu11secur1ty/CVE-mitre
diff --git a/2021/CVE-2021-42666.md b/2021/CVE-2021-42666.md
index 96557a8a7..17ba59226 100644
--- a/2021/CVE-2021-42666.md
+++ b/2021/CVE-2021-42666.md
@@ -21,6 +21,7 @@ A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal i
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheHackingRabbi/CVE-2021-42666
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nu11secur1ty/CVE-mitre
diff --git a/2021/CVE-2021-42667.md b/2021/CVE-2021-42667.md
index 0f944fce2..0984a625c 100644
--- a/2021/CVE-2021-42667.md
+++ b/2021/CVE-2021-42667.md
@@ -22,6 +22,7 @@ A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheHackingRabbi/CVE-2021-42667
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nu11secur1ty/CVE-mitre
diff --git a/2021/CVE-2021-42668.md b/2021/CVE-2021-42668.md
index d6d5adfd8..b047bbd96 100644
--- a/2021/CVE-2021-42668.md
+++ b/2021/CVE-2021-42668.md
@@ -21,6 +21,7 @@ A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal i
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheHackingRabbi/CVE-2021-42668
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nu11secur1ty/CVE-mitre
diff --git a/2021/CVE-2021-42669.md b/2021/CVE-2021-42669.md
index d86b00363..96372a60f 100644
--- a/2021/CVE-2021-42669.md
+++ b/2021/CVE-2021-42669.md
@@ -20,6 +20,7 @@ A file upload vulnerability exists in Sourcecodester Engineers Online Portal in
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheHackingRabbi/CVE-2021-42669
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nu11secur1ty/CVE-mitre
diff --git a/2021/CVE-2021-42670.md b/2021/CVE-2021-42670.md
index 927942ecf..41e7ee97a 100644
--- a/2021/CVE-2021-42670.md
+++ b/2021/CVE-2021-42670.md
@@ -20,6 +20,7 @@ A SQL injection vulnerability exists in Sourcecodester Engineers Online Portal i
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheHackingRabbi/CVE-2021-42670
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nu11secur1ty/CVE-mitre
diff --git a/2021/CVE-2021-42671.md b/2021/CVE-2021-42671.md
index 2b1bd3dd8..2d55cb5f2 100644
--- a/2021/CVE-2021-42671.md
+++ b/2021/CVE-2021-42671.md
@@ -21,6 +21,7 @@ An incorrect access control vulnerability exists in Sourcecodester Engineers Onl
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheHackingRabbi/CVE-2021-42671
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nu11secur1ty/CVE-mitre
diff --git a/2021/CVE-2021-43032.md b/2021/CVE-2021-43032.md
index 274671ed0..76627439a 100644
--- a/2021/CVE-2021-43032.md
+++ b/2021/CVE-2021-43032.md
@@ -14,5 +14,6 @@ In XenForo through 2.2.7, a threat actor with access to the admin panel can crea
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/SakuraSamuraii/CVE-2021-43032
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2021/CVE-2021-43129.md b/2021/CVE-2021-43129.md
index 4f8b36296..fc4a33d25 100644
--- a/2021/CVE-2021-43129.md
+++ b/2021/CVE-2021-43129.md
@@ -16,6 +16,7 @@ A bypass exists for Desire2Learn/D2L Brightspace’s “Disable Right Click” o
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/Skotizo/CVE-2021-43129
- https://github.com/WhooAmii/POC_to_review
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
diff --git a/2021/CVE-2021-43267.md b/2021/CVE-2021-43267.md
index 14f0a9974..dd4b1a08d 100644
--- a/2021/CVE-2021-43267.md
+++ b/2021/CVE-2021-43267.md
@@ -17,6 +17,7 @@ An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/DarkSprings/CVE-2021-43267-POC
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/aixcc-public/challenge-001-exemplar
- https://github.com/bcoles/kasld
@@ -37,6 +38,7 @@ An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16.
- https://github.com/ohnonoyesyes/CVE-2021-43267
- https://github.com/soosmile/POC
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/zzhacked/CVE-2021-43267
diff --git a/2021/CVE-2021-43287.md b/2021/CVE-2021-43287.md
index 033d804ca..44d46a29a 100644
--- a/2021/CVE-2021-43287.md
+++ b/2021/CVE-2021-43287.md
@@ -19,6 +19,7 @@ No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/ArrestX/--POC
+- https://github.com/CLincat/vulcat
- https://github.com/HimmelAward/Goby_POC
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Miraitowa70/POC-Notes
diff --git a/2021/CVE-2021-43609.md b/2021/CVE-2021-43609.md
index 52bbd3b3a..feb99f7e7 100644
--- a/2021/CVE-2021-43609.md
+++ b/2021/CVE-2021-43609.md
@@ -14,4 +14,5 @@ An issue was discovered in Spiceworks Help Desk Server before 1.3.3. A Blind Boo
- https://www.linkedin.com/pulse/cve-2021-43609-write-up-division5-security-4lgwe
#### Github
+- https://github.com/d5sec/CVE-2021-43609-POC
diff --git a/2021/CVE-2021-43798.md b/2021/CVE-2021-43798.md
index a2173c259..23295f5c3 100644
--- a/2021/CVE-2021-43798.md
+++ b/2021/CVE-2021-43798.md
@@ -17,6 +17,7 @@ Grafana is an open-source platform for monitoring and observability. Grafana ver
- https://github.com/0day404/vulnerability-poc
- https://github.com/0x783kb/Security-operation-book
- https://github.com/0xAwali/Virtual-Host
+- https://github.com/0xMarcio/cve
- https://github.com/20142995/Goby
- https://github.com/20142995/pocsuite3
- https://github.com/20142995/sectool
diff --git a/2021/CVE-2021-43980.md b/2021/CVE-2021-43980.md
index 242fc20da..6a707c637 100644
--- a/2021/CVE-2021-43980.md
+++ b/2021/CVE-2021-43980.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/sr-monika/sprint-rest
+- https://github.com/versio-io/product-lifecycle-security-api
diff --git a/2021/CVE-2021-44228.md b/2021/CVE-2021-44228.md
index 1f9be59ce..e7f698fc6 100644
--- a/2021/CVE-2021-44228.md
+++ b/2021/CVE-2021-44228.md
@@ -294,6 +294,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
- https://github.com/LemonCraftRu/JndiRemover
- https://github.com/LeonardoE95/yt-it
- https://github.com/Lercas/CVE_scoring
+- https://github.com/LibHunter/LibHunter
- https://github.com/Liderbord/Log4j-Security
- https://github.com/LinkMJB/log4shell_scanner
- https://github.com/Live-Hack-CVE/CVE-2021-4104
@@ -776,6 +777,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
- https://github.com/emadshanab/Nuclei-Templates-Collection
- https://github.com/emilywang0/CVE_testing_VULN
- https://github.com/emilywang0/MergeBase_test_vuln
+- https://github.com/enomothem/PenTestNote
- https://github.com/erickrr-bd/TekiumLog4jApp
- https://github.com/ericmedina024/JndiLookupRemover
- https://github.com/erikschippers/Log4J-Hyper-V-Script
diff --git a/2021/CVE-2021-44733.md b/2021/CVE-2021-44733.md
index 17202e6de..68994ab94 100644
--- a/2021/CVE-2021-44733.md
+++ b/2021/CVE-2021-44733.md
@@ -32,6 +32,7 @@ A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Lin
- https://github.com/soosmile/POC
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/trhacknon/Pocingit
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/zecool/cve
diff --git a/2021/CVE-2021-45041.md b/2021/CVE-2021-45041.md
index baf773bd7..6fe3ec963 100644
--- a/2021/CVE-2021-45041.md
+++ b/2021/CVE-2021-45041.md
@@ -17,6 +17,7 @@ SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection v
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/manuelz120/CVE-2021-45041
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
diff --git a/2021/CVE-2021-45046.md b/2021/CVE-2021-45046.md
index 0d94a88b0..028edc19e 100644
--- a/2021/CVE-2021-45046.md
+++ b/2021/CVE-2021-45046.md
@@ -57,6 +57,7 @@ It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was i
- https://github.com/HynekPetrak/log4shell-finder
- https://github.com/ITninja04/awesome-stars
- https://github.com/JERRY123S/all-poc
+- https://github.com/LibHunter/LibHunter
- https://github.com/LoliKingdom/NukeJndiLookupFromLog4j
- https://github.com/MLX15/log4j-scan
- https://github.com/Maelstromage/Log4jSherlock
diff --git a/2021/CVE-2021-45268.md b/2021/CVE-2021-45268.md
index 9e5d8b5e7..2e54419e1 100644
--- a/2021/CVE-2021-45268.md
+++ b/2021/CVE-2021-45268.md
@@ -15,5 +15,6 @@
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/V1n1v131r4/CSRF-to-RCE-on-Backdrop-CMS
- https://github.com/V1n1v131r4/My-CVEs
diff --git a/2021/CVE-2021-45416.md b/2021/CVE-2021-45416.md
index d42a5914f..6e8fccdcd 100644
--- a/2021/CVE-2021-45416.md
+++ b/2021/CVE-2021-45416.md
@@ -13,6 +13,7 @@ Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1 allows at
- https://github.com/86x/CVE-2021-45416
#### Github
+- https://github.com/86x/CVE-2021-45416
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
diff --git a/2021/CVE-2021-45608.md b/2021/CVE-2021-45608.md
index 845cc1e68..2c8aa5a83 100644
--- a/2021/CVE-2021-45608.md
+++ b/2021/CVE-2021-45608.md
@@ -24,5 +24,6 @@ Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2021/CVE-2021-45897.md b/2021/CVE-2021-45897.md
index 7f4d24ddd..63b7b43ba 100644
--- a/2021/CVE-2021-45897.md
+++ b/2021/CVE-2021-45897.md
@@ -19,6 +19,7 @@ SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows remote code execution.
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/binganao/vulns-2022
+- https://github.com/manuelz120/CVE-2021-45897
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
diff --git a/2021/CVE-2021-46088.md b/2021/CVE-2021-46088.md
index 48f7e69ed..2b2192ae6 100644
--- a/2021/CVE-2021-46088.md
+++ b/2021/CVE-2021-46088.md
@@ -14,4 +14,5 @@ Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RC
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/paalbra/zabbix-zbxsec-7
diff --git a/2021/CVE-2021-46557.md b/2021/CVE-2021-46557.md
index 35d6e1380..8604da112 100644
--- a/2021/CVE-2021-46557.md
+++ b/2021/CVE-2021-46557.md
@@ -14,5 +14,6 @@ Vicidial 2.14-783a was discovered to contain a cross-site scripting (XSS) vulner
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Zeyad-Azima/Vicidial-stored-XSS
- https://github.com/Zeyad-Azima/Zeyad-Azima
diff --git a/2021/CVE-2021-46558.md b/2021/CVE-2021-46558.md
index 2700cc545..873cd66b9 100644
--- a/2021/CVE-2021-46558.md
+++ b/2021/CVE-2021-46558.md
@@ -14,5 +14,6 @@ Multiple cross-site scripting (XSS) vulnerabilities in the Add User module of Is
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Zeyad-Azima/Issabel-stored-XSS
- https://github.com/Zeyad-Azima/Zeyad-Azima
diff --git a/2022/CVE-2022-0185.md b/2022/CVE-2022-0185.md
index 576582147..a3edcc1d1 100644
--- a/2022/CVE-2022-0185.md
+++ b/2022/CVE-2022-0185.md
@@ -27,6 +27,7 @@ A heap-based buffer overflow flaw was found in the way the legacy_parse_param fu
- https://github.com/GhostTroops/TOP
- https://github.com/Ha0-Y/LinuxKernelExploits
- https://github.com/Ha0-Y/kernel-exploit-cve
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JERRY123S/all-poc
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Metarget/metarget
@@ -88,6 +89,7 @@ A heap-based buffer overflow flaw was found in the way the legacy_parse_param fu
- https://github.com/veritas501/pipe-primitive
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-0236.md b/2022/CVE-2022-0236.md
index 26b104ff6..503fa9479 100644
--- a/2022/CVE-2022-0236.md
+++ b/2022/CVE-2022-0236.md
@@ -22,6 +22,7 @@ The WP Import Export WordPress plugin (both free and premium versions) is vulner
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/qurbat/CVE-2022-0236
- https://github.com/soosmile/POC
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
diff --git a/2022/CVE-2022-0435.md b/2022/CVE-2022-0435.md
index 75f879664..42726a974 100644
--- a/2022/CVE-2022-0435.md
+++ b/2022/CVE-2022-0435.md
@@ -30,6 +30,7 @@ No PoCs from references.
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/teresaweber685/book_list
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/wlswotmd/CVE-2022-0435
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-0529.md b/2022/CVE-2022-0529.md
index 969c05be1..be2674e7d 100644
--- a/2022/CVE-2022-0529.md
+++ b/2022/CVE-2022-0529.md
@@ -15,6 +15,7 @@ A flaw was found in Unzip. The vulnerability occurs during the conversion of a w
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ByteHackr/unzip_poc
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-0530.md b/2022/CVE-2022-0530.md
index 66540b293..9cdbf0dc2 100644
--- a/2022/CVE-2022-0530.md
+++ b/2022/CVE-2022-0530.md
@@ -15,6 +15,7 @@ A flaw was found in Unzip. The vulnerability occurs during the conversion of a w
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ByteHackr/unzip_poc
- https://github.com/maxim12z/ECommerce
- https://github.com/nanaao/unzip_poc
diff --git a/2022/CVE-2022-0557.md b/2022/CVE-2022-0557.md
index 72609896c..33524626d 100644
--- a/2022/CVE-2022-0557.md
+++ b/2022/CVE-2022-0557.md
@@ -16,6 +16,7 @@ OS Command Injection in Packagist microweber/microweber prior to 1.2.11.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/AggressiveUser/AggressiveUser
- https://github.com/Enes4xd/Enes4xd
- https://github.com/cr0ss2018/cr0ss2018
- https://github.com/enesamaafkolan/enesamaafkolan
diff --git a/2022/CVE-2022-0563.md b/2022/CVE-2022-0563.md
index 222cd791d..382dc4de2 100644
--- a/2022/CVE-2022-0563.md
+++ b/2022/CVE-2022-0563.md
@@ -22,6 +22,7 @@ No PoCs from references.
- https://github.com/cdupuis/image-api
- https://github.com/denoslab/ensf400-lab10-ssc
- https://github.com/fokypoky/places-list
+- https://github.com/m-pasima/CI-CD-Security-image-scan
- https://github.com/mauraneh/WIK-DPS-TP02
- https://github.com/testing-felickz/docker-scout-demo
- https://github.com/toyhoshi/helm
diff --git a/2022/CVE-2022-0847.md b/2022/CVE-2022-0847.md
index 4f14f0f20..9a3901e4a 100644
--- a/2022/CVE-2022-0847.md
+++ b/2022/CVE-2022-0847.md
@@ -75,6 +75,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure
- https://github.com/Ha0-Y/LinuxKernelExploits
- https://github.com/Ha0-Y/kernel-exploit-cve
- https://github.com/HadessCS/Awesome-Privilege-Escalation
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/IHenakaarachchi/debian11-dirty_pipe-patcher
- https://github.com/ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit
- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
@@ -333,6 +334,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoami-chmod777/Hacking-Articles-Linux-Privilege-Escalation-
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/wpressly/exploitations
- https://github.com/x90hack/vulnerabilty_lab
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2022/CVE-2022-0995.md b/2022/CVE-2022-0995.md
index c00fdef2f..490084649 100644
--- a/2022/CVE-2022-0995.md
+++ b/2022/CVE-2022-0995.md
@@ -28,6 +28,7 @@ An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch
- https://github.com/CVEDB/top
- https://github.com/Ch4nc3n/PublicExploitation
- https://github.com/GhostTroops/TOP
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JERRY123S/all-poc
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Metarget/metarget
@@ -63,6 +64,7 @@ An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch
- https://github.com/trhacknon/Pocingit
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-0996.md b/2022/CVE-2022-0996.md
index 8a7c4d971..54b7d6757 100644
--- a/2022/CVE-2022-0996.md
+++ b/2022/CVE-2022-0996.md
@@ -14,4 +14,5 @@ A vulnerability was found in the 389 Directory Server that allows expired passwo
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ByteHackr/389-ds-base
diff --git a/2022/CVE-2022-1015.md b/2022/CVE-2022-1015.md
index 211ec8749..bfcf543ed 100644
--- a/2022/CVE-2022-1015.md
+++ b/2022/CVE-2022-1015.md
@@ -20,6 +20,7 @@ A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of t
- https://github.com/ARPSyndicate/cvemon
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/H4K6/CVE-2023-0179-PoC
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
@@ -59,6 +60,7 @@ A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of t
- https://github.com/trhacknon/Pocingit
- https://github.com/wechicken456/Linux-kernel
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/wlswotmd/CVE-2022-1015
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
diff --git a/2022/CVE-2022-1016.md b/2022/CVE-2022-1016.md
index 5322a899d..01a8a3dd8 100644
--- a/2022/CVE-2022-1016.md
+++ b/2022/CVE-2022-1016.md
@@ -25,6 +25,7 @@ A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_ch
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/wechicken456/Linux-kernel
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/yaobinwen/robin_on_rails
- https://github.com/zanezhub/CVE-2022-1015-1016
diff --git a/2022/CVE-2022-1172.md b/2022/CVE-2022-1172.md
index f4a878290..03545c8d3 100644
--- a/2022/CVE-2022-1172.md
+++ b/2022/CVE-2022-1172.md
@@ -13,5 +13,5 @@ Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpa
- https://huntr.dev/bounties/a26cb79c-9257-4fbf-98c5-a5a331efa264
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/Joe1sn/Joe1sn
diff --git a/2022/CVE-2022-1388.md b/2022/CVE-2022-1388.md
index 9a49fae77..e79b95c5e 100644
--- a/2022/CVE-2022-1388.md
+++ b/2022/CVE-2022-1388.md
@@ -19,6 +19,7 @@ On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.
- https://github.com/0x783kb/Security-operation-book
- https://github.com/0x7eTeam/CVE-2022-1388-PocExp
- https://github.com/0xAgun/CVE-2022-1388
+- https://github.com/0xMarcio/cve
- https://github.com/0xf4n9x/CVE-2022-1388
- https://github.com/20142995/Goby
- https://github.com/20142995/pocsuite3
diff --git a/2022/CVE-2022-1530.md b/2022/CVE-2022-1530.md
index 6fa84726c..7681d4e50 100644
--- a/2022/CVE-2022-1530.md
+++ b/2022/CVE-2022-1530.md
@@ -13,5 +13,5 @@ Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat pr
- https://huntr.dev/bounties/8fd8de01-7e83-4324-9cc8-a97acb9b70d6
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/AggressiveUser/AggressiveUser
diff --git a/2022/CVE-2022-1588.md b/2022/CVE-2022-1588.md
index d91bf8ccd..7924d2246 100644
--- a/2022/CVE-2022-1588.md
+++ b/2022/CVE-2022-1588.md
@@ -14,4 +14,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/AggressiveUser/AggressiveUser
diff --git a/2022/CVE-2022-1768.md b/2022/CVE-2022-1768.md
index 4e771c71a..b99b28143 100644
--- a/2022/CVE-2022-1768.md
+++ b/2022/CVE-2022-1768.md
@@ -5,9 +5,7 @@
### Description
-The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to, and including, 9.3.2.
-
-Please note that this is separate from CVE-2022-1453 & CVE-2022-1505.
+The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to, and including, 9.3.2.
Please note that this is separate from CVE-2022-1453 & CVE-2022-1505.
### POC
diff --git a/2022/CVE-2022-1786.md b/2022/CVE-2022-1786.md
index 883f8588f..571d65087 100644
--- a/2022/CVE-2022-1786.md
+++ b/2022/CVE-2022-1786.md
@@ -27,5 +27,6 @@ No PoCs from references.
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/scratchadams/Heap-Resources
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2022/CVE-2022-1972.md b/2022/CVE-2022-1972.md
index 8739d8f06..bfa740e02 100644
--- a/2022/CVE-2022-1972.md
+++ b/2022/CVE-2022-1972.md
@@ -36,6 +36,7 @@ No PoCs from references.
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-20004.md b/2022/CVE-2022-20004.md
index 080795adf..d6b36b657 100644
--- a/2022/CVE-2022-20004.md
+++ b/2022/CVE-2022-20004.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Live-Hack-CVE/CVE-2022-2000
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
diff --git a/2022/CVE-2022-20005.md b/2022/CVE-2022-20005.md
index c86f1ba6c..7b1816f7f 100644
--- a/2022/CVE-2022-20005.md
+++ b/2022/CVE-2022-20005.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Live-Hack-CVE/CVE-2022-2000
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
diff --git a/2022/CVE-2022-20007.md b/2022/CVE-2022-20007.md
index 95f3bf932..09dd04605 100644
--- a/2022/CVE-2022-20007.md
+++ b/2022/CVE-2022-20007.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Live-Hack-CVE/CVE-2022-2000
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
diff --git a/2022/CVE-2022-20122.md b/2022/CVE-2022-20122.md
index 1b3257157..53b869b08 100644
--- a/2022/CVE-2022-20122.md
+++ b/2022/CVE-2022-20122.md
@@ -25,5 +25,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2022/CVE-2022-20186.md b/2022/CVE-2022-20186.md
index c5ba07177..178091c5d 100644
--- a/2022/CVE-2022-20186.md
+++ b/2022/CVE-2022-20186.md
@@ -37,6 +37,7 @@ In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
diff --git a/2022/CVE-2022-20699.md b/2022/CVE-2022-20699.md
index 13a352f7a..80be61911 100644
--- a/2022/CVE-2022-20699.md
+++ b/2022/CVE-2022-20699.md
@@ -14,6 +14,7 @@ Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Audiobahn/CVE-2022-20699
- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2022/CVE-2022-2078.md b/2022/CVE-2022-2078.md
index e86e70554..8adf1ef0a 100644
--- a/2022/CVE-2022-2078.md
+++ b/2022/CVE-2022-2078.md
@@ -26,5 +26,6 @@ A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() func
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2022/CVE-2022-20826.md b/2022/CVE-2022-20826.md
index 102b2dc7f..7964df45a 100644
--- a/2022/CVE-2022-20826.md
+++ b/2022/CVE-2022-20826.md
@@ -7,9 +7,7 @@
### Description
-A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality.
-
- This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.
+A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physical access to the device to bypass the secure boot functionality.
This vulnerability is due to a logic error in the boot process. An attacker could exploit this vulnerability by injecting malicious code into a specific memory location during the boot process of an affected device. A successful exploit could allow the attacker to execute persistent code at boot time and break the chain of trust.
### POC
diff --git a/2022/CVE-2022-20829.md b/2022/CVE-2022-20829.md
index e0c098ca6..69d9db99a 100644
--- a/2022/CVE-2022-20829.md
+++ b/2022/CVE-2022-20829.md
@@ -18,6 +18,7 @@ A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/jbaines-r7/cisco_asa_research
+- https://github.com/jbaines-r7/theway
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-20917.md b/2022/CVE-2022-20917.md
index 99bfe3c30..aeb11298d 100644
--- a/2022/CVE-2022-20917.md
+++ b/2022/CVE-2022-20917.md
@@ -5,8 +5,7 @@
### Description
-A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application.
- This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software. An attacker could exploit this vulnerability by connecting to an XMPP messaging server and sending crafted XMPP messages to an affected Jabber client. A successful exploit could allow the attacker to manipulate the content of XMPP messages, possibly allowing the attacker to cause the Jabber client application to perform unsafe actions.
+A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application.
This vulnerability is due to the improper handling of nested XMPP messages within requests that are sent to the Cisco Jabber client software. An attacker could exploit this vulnerability by connecting to an XMPP messaging server and sending crafted XMPP messages to an affected Jabber client. A successful exploit could allow the attacker to manipulate the content of XMPP messages, possibly allowing the attacker to cause the Jabber client application to perform unsafe actions.
### POC
diff --git a/2022/CVE-2022-20929.md b/2022/CVE-2022-20929.md
index 92b424c05..1f17dbc59 100644
--- a/2022/CVE-2022-20929.md
+++ b/2022/CVE-2022-20929.md
@@ -5,8 +5,7 @@
### Description
-A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload.
- This vulnerability is due to insufficient cryptographic signature verification of upgrade files. An attacker could exploit this vulnerability by providing an administrator with an unauthentic upgrade file. A successful exploit could allow the attacker to fully compromise the Cisco NFVIS system.
+A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload.
This vulnerability is due to insufficient cryptographic signature verification of upgrade files. An attacker could exploit this vulnerability by providing an administrator with an unauthentic upgrade file. A successful exploit could allow the attacker to fully compromise the Cisco NFVIS system.
### POC
diff --git a/2022/CVE-2022-20951.md b/2022/CVE-2022-20951.md
index c3527663e..c2cc20be6 100644
--- a/2022/CVE-2022-20951.md
+++ b/2022/CVE-2022-20951.md
@@ -5,13 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device.
-
- This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to obtain confidential information from the BroadWorks server and other device on the network.
-
-
-
- {{value}} ["%7b%7bvalue%7d%7d"])}]]
+A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to obtain confidential information from the BroadWorks server and other device on the network.
{{value}} ["%7b%7bvalue%7d%7d"])}]]
### POC
diff --git a/2022/CVE-2022-20956.md b/2022/CVE-2022-20956.md
index 0c0ceb76d..d58b278cd 100644
--- a/2022/CVE-2022-20956.md
+++ b/2022/CVE-2022-20956.md
@@ -5,13 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files.
-
- This vulnerability is due to improper access control in the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to list, download, and delete certain files that they should not have access to.
-
- Cisco plans to release software updates that address this vulnerability.
-
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx"]
+A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files.
This vulnerability is due to improper access control in the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to list, download, and delete certain files that they should not have access to.
Cisco plans to release software updates that address this vulnerability.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx"]
### POC
diff --git a/2022/CVE-2022-20964.md b/2022/CVE-2022-20964.md
index ffc3b7ece..63951bfbd 100644
--- a/2022/CVE-2022-20964.md
+++ b/2022/CVE-2022-20964.md
@@ -5,11 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system.
-
- This vulnerability is due to improper validation of user input within requests as part of the web-based management interface. An attacker could exploit this vulnerability by manipulating requests to the web-based management interface to contain operating system commands. A successful exploit could allow the attacker to execute arbitrary operating system commands on the underlying operating system with the privileges of the web services user.
-
- Cisco has not yet released software updates that address this vulnerability.
+A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system.
This vulnerability is due to improper validation of user input within requests as part of the web-based management interface. An attacker could exploit this vulnerability by manipulating requests to the web-based management interface to contain operating system commands. A successful exploit could allow the attacker to execute arbitrary operating system commands on the underlying operating system with the privileges of the web services user.
Cisco has not yet released software updates that address this vulnerability.
### POC
diff --git a/2022/CVE-2022-20965.md b/2022/CVE-2022-20965.md
index d6dc0633b..6c6793d95 100644
--- a/2022/CVE-2022-20965.md
+++ b/2022/CVE-2022-20965.md
@@ -5,13 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to take privileges actions within the web-based management interface.
-
- This vulnerability is due to improper access control on a feature within the web-based management interface of the affected system. An attacker could exploit this vulnerability by accessing features through direct requests, bypassing checks within the application. A successful exploit could allow the attacker to take privileged actions within the web-based management interface that should be otherwise restricted.
-
-
-
- {{value}} ["%7b%7bvalue%7d%7d"])}]]
+A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to take privileges actions within the web-based management interface.
This vulnerability is due to improper access control on a feature within the web-based management interface of the affected system. An attacker could exploit this vulnerability by accessing features through direct requests, bypassing checks within the application. A successful exploit could allow the attacker to take privileged actions within the web-based management interface that should be otherwise restricted.
{{value}} ["%7b%7bvalue%7d%7d"])}]]
### POC
diff --git a/2022/CVE-2022-20966.md b/2022/CVE-2022-20966.md
index 263cb6970..2cb66bbf6 100644
--- a/2022/CVE-2022-20966.md
+++ b/2022/CVE-2022-20966.md
@@ -5,11 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface.
-
- This vulnerability is due to improper validation of input to an application feature before storage within the web-based management interface. An attacker could exploit this vulnerability by creating entries within the application interface that contain malicious HTML or script code. A successful exploit could allow the attacker to store malicious HTML or script code within the application interface for use in further cross-site scripting attacks.
-
- Cisco has not yet released software updates that address this vulnerability.
+A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface.
This vulnerability is due to improper validation of input to an application feature before storage within the web-based management interface. An attacker could exploit this vulnerability by creating entries within the application interface that contain malicious HTML or script code. A successful exploit could allow the attacker to store malicious HTML or script code within the application interface for use in further cross-site scripting attacks.
Cisco has not yet released software updates that address this vulnerability.
### POC
diff --git a/2022/CVE-2022-20967.md b/2022/CVE-2022-20967.md
index c167e8f5d..0b36cf526 100644
--- a/2022/CVE-2022-20967.md
+++ b/2022/CVE-2022-20967.md
@@ -5,11 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface.
-
- This vulnerability is due to improper validation of input to an application feature before storage within the web-based management interface. An attacker could exploit this vulnerability by creating entries within the application interface that contain malicious HTML or script code. A successful exploit could allow the attacker to store malicious HTML or script code within the application interface for use in further cross-site scripting attacks.
-
- Cisco has not yet released software updates that address this vulnerability.
+A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface.
This vulnerability is due to improper validation of input to an application feature before storage within the web-based management interface. An attacker could exploit this vulnerability by creating entries within the application interface that contain malicious HTML or script code. A successful exploit could allow the attacker to store malicious HTML or script code within the application interface for use in further cross-site scripting attacks.
Cisco has not yet released software updates that address this vulnerability.
### POC
diff --git a/2022/CVE-2022-20968.md b/2022/CVE-2022-20968.md
index 23a004dbb..c52e69eff 100644
--- a/2022/CVE-2022-20968.md
+++ b/2022/CVE-2022-20968.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.
-
-This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device.
+A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.
This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device.
### POC
diff --git a/2022/CVE-2022-21894.md b/2022/CVE-2022-21894.md
index 4bd1e20cc..80de84058 100644
--- a/2022/CVE-2022-21894.md
+++ b/2022/CVE-2022-21894.md
@@ -41,6 +41,7 @@ Secure Boot Security Feature Bypass Vulnerability
No PoCs from references.
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ASkyeye/CVE-2022-21894-Payload
- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2022/CVE-2022-21907.md b/2022/CVE-2022-21907.md
index f0bfe2fd2..162bfa6ee 100644
--- a/2022/CVE-2022-21907.md
+++ b/2022/CVE-2022-21907.md
@@ -28,6 +28,7 @@ HTTP Protocol Stack Remote Code Execution Vulnerability
- https://github.com/nu11secur1ty/Windows10Exploits/tree/master/2022/CVE-2022-21907
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/0xmaximus/Home-Demolisher
- https://github.com/20142995/sectool
- https://github.com/2lambda123/CVE-mitre
diff --git a/2022/CVE-2022-22057.md b/2022/CVE-2022-22057.md
index cbf5ab931..7d9ea6b63 100644
--- a/2022/CVE-2022-22057.md
+++ b/2022/CVE-2022-22057.md
@@ -27,5 +27,6 @@ Use after free in graphics fence due to a race condition while closing fence fil
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2022/CVE-2022-22719.md b/2022/CVE-2022-22719.md
index b1a46be1a..90ba4dd34 100644
--- a/2022/CVE-2022-22719.md
+++ b/2022/CVE-2022-22719.md
@@ -15,6 +15,7 @@ A carefully crafted request body can cause a read to a random memory area which
#### Github
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/PierreChrd/py-projet-tut
- https://github.com/Totes5706/TotesHTB
- https://github.com/bioly230/THM_Skynet
diff --git a/2022/CVE-2022-22720.md b/2022/CVE-2022-22720.md
index ac82e9c60..a829f4dfc 100644
--- a/2022/CVE-2022-22720.md
+++ b/2022/CVE-2022-22720.md
@@ -17,6 +17,7 @@ Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when err
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Benasin/CVE-2022-22720
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/PierreChrd/py-projet-tut
- https://github.com/Totes5706/TotesHTB
- https://github.com/bioly230/THM_Skynet
diff --git a/2022/CVE-2022-22721.md b/2022/CVE-2022-22721.md
index 814527c32..09af0d081 100644
--- a/2022/CVE-2022-22721.md
+++ b/2022/CVE-2022-22721.md
@@ -16,6 +16,7 @@ If LimitXMLRequestBody is set to allow request bodies larger than 350MB (default
#### Github
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/PierreChrd/py-projet-tut
- https://github.com/Totes5706/TotesHTB
- https://github.com/bioly230/THM_Skynet
diff --git a/2022/CVE-2022-22909.md b/2022/CVE-2022-22909.md
index a4a7336c5..60298f549 100644
--- a/2022/CVE-2022-22909.md
+++ b/2022/CVE-2022-22909.md
@@ -13,6 +13,7 @@ HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulner
- https://github.com/0z09e/CVE-2022-22909
#### Github
+- https://github.com/0z09e/CVE-2022-22909
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
diff --git a/2022/CVE-2022-22947.md b/2022/CVE-2022-22947.md
index b0b3dd181..8b92a74d6 100644
--- a/2022/CVE-2022-22947.md
+++ b/2022/CVE-2022-22947.md
@@ -122,6 +122,7 @@ In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are v
- https://github.com/debug4you/CVE-2022-22947
- https://github.com/dingxiao77/-cve-2022-22947-
- https://github.com/dravenww/curated-article
+- https://github.com/enomothem/PenTestNote
- https://github.com/expzhizhuo/Burp_VulPscan
- https://github.com/fbion/CVE-2022-22947
- https://github.com/flying0er/CVE-2022-22947-goby
diff --git a/2022/CVE-2022-23222.md b/2022/CVE-2022-23222.md
index 5a6e4d79b..cd4809ca1 100644
--- a/2022/CVE-2022-23222.md
+++ b/2022/CVE-2022-23222.md
@@ -26,6 +26,7 @@ No PoCs from references.
- https://github.com/Ch4nc3n/PublicExploitation
- https://github.com/FridayOrtiz/CVE-2022-23222
- https://github.com/GhostTroops/TOP
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JERRY123S/all-poc
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/KayCHENvip/vulnerability-poc
@@ -70,6 +71,7 @@ No PoCs from references.
- https://github.com/trhacknon/Pocingit
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/wxrdnx/bpf_exploit_template
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
diff --git a/2022/CVE-2022-23342.md b/2022/CVE-2022-23342.md
index 31142e11e..841931e44 100644
--- a/2022/CVE-2022-23342.md
+++ b/2022/CVE-2022-23342.md
@@ -14,6 +14,7 @@ The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase r
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/InitRoot/CVE-2022-23342
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-23378.md b/2022/CVE-2022-23378.md
index 0a675e4d2..30d56a762 100644
--- a/2022/CVE-2022-23378.md
+++ b/2022/CVE-2022-23378.md
@@ -16,6 +16,7 @@ A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version of Ta
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheGetch/CVE-2022-23378
- https://github.com/WhooAmii/POC_to_review
- https://github.com/binganao/vulns-2022
- https://github.com/k0mi-tg/CVE-POC
diff --git a/2022/CVE-2022-23539.md b/2022/CVE-2022-23539.md
index 05cdd5a6d..723d47649 100644
--- a/2022/CVE-2022-23539.md
+++ b/2022/CVE-2022-23539.md
@@ -5,7 +5,7 @@
### Description
-Versions `<=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you’ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions.
+Versions `<=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you’ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions.
### POC
diff --git a/2022/CVE-2022-23541.md b/2022/CVE-2022-23541.md
index c8be7fa3d..9d6025e9b 100644
--- a/2022/CVE-2022-23541.md
+++ b/2022/CVE-2022-23541.md
@@ -6,7 +6,7 @@
### Description
-jsonwebtoken is an implementation of JSON Web Tokens. Versions `<= 8.5.1` of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification, other than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. If your application is supporting usage of both symmetric key and asymmetric key in jwt.verify() implementation with the same key retrieval function. This issue has been patched, please update to version 9.0.0.
+jsonwebtoken is an implementation of JSON Web Tokens. Versions `<= 8.5.1` of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification, other than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. If your application is supporting usage of both symmetric key and asymmetric key in jwt.verify() implementation with the same key retrieval function. This issue has been patched, please update to version 9.0.0.
### POC
diff --git a/2022/CVE-2022-23943.md b/2022/CVE-2022-23943.md
index 6c8305677..0ee16695e 100644
--- a/2022/CVE-2022-23943.md
+++ b/2022/CVE-2022-23943.md
@@ -15,6 +15,7 @@ Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an att
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/PierreChrd/py-projet-tut
- https://github.com/Totes5706/TotesHTB
- https://github.com/bioly230/THM_Skynet
diff --git a/2022/CVE-2022-23967.md b/2022/CVE-2022-23967.md
index 63a8f6488..565978136 100644
--- a/2022/CVE-2022-23967.md
+++ b/2022/CVE-2022-23967.md
@@ -14,6 +14,7 @@
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/MaherAzzouzi/CVE-2022-23967
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-24125.md b/2022/CVE-2022-24125.md
index 418d7aa72..b8d5286ce 100644
--- a/2022/CVE-2022-24125.md
+++ b/2022/CVE-2022-24125.md
@@ -22,6 +22,7 @@ The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
+- https://github.com/tremwil/ds3-nrssr-rce
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-24126.md b/2022/CVE-2022-24126.md
index 8b256be98..0789ae670 100644
--- a/2022/CVE-2022-24126.md
+++ b/2022/CVE-2022-24126.md
@@ -15,4 +15,5 @@ A buffer overflow in the NRSessionSearchResult parser in Bandai Namco FromSoftwa
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/anquanscan/sec-tools
+- https://github.com/tremwil/ds3-nrssr-rce
diff --git a/2022/CVE-2022-24354.md b/2022/CVE-2022-24354.md
index a7b3443e1..4455c9da7 100644
--- a/2022/CVE-2022-24354.md
+++ b/2022/CVE-2022-24354.md
@@ -25,5 +25,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2022/CVE-2022-24449.md b/2022/CVE-2022-24449.md
index bd5ee3d10..815c92520 100644
--- a/2022/CVE-2022-24449.md
+++ b/2022/CVE-2022-24449.md
@@ -17,6 +17,7 @@ Solar appScreener through 3.10.4, when a valid license is not present, allows XX
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/jet-pentest/CVE-2022-24449
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-24654.md b/2022/CVE-2022-24654.md
index ae7f7b419..d4f28a400 100644
--- a/2022/CVE-2022-24654.md
+++ b/2022/CVE-2022-24654.md
@@ -19,6 +19,7 @@ Authenticated stored cross-site scripting (XSS) vulnerability in "Field Server A
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/k0mi-tg/CVE-POC
+- https://github.com/leonardobg/CVE-2022-24654
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
diff --git a/2022/CVE-2022-24899.md b/2022/CVE-2022-24899.md
index a3d04a3cb..37ed253bd 100644
--- a/2022/CVE-2022-24899.md
+++ b/2022/CVE-2022-24899.md
@@ -14,4 +14,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/AggressiveUser/AggressiveUser
diff --git a/2022/CVE-2022-24999.md b/2022/CVE-2022-24999.md
index c55a0d055..aba0b42fd 100644
--- a/2022/CVE-2022-24999.md
+++ b/2022/CVE-2022-24999.md
@@ -21,6 +21,7 @@ qs before 6.10.3, as used in Express before 4.17.3 and other products, allows at
- https://github.com/k0imet/pyfetch
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
+- https://github.com/n8tz/CVE-2022-24999
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/norefice-github/juvenile
- https://github.com/seal-community/patches
diff --git a/2022/CVE-2022-25090.md b/2022/CVE-2022-25090.md
index 10ed96c71..97047acd1 100644
--- a/2022/CVE-2022-25090.md
+++ b/2022/CVE-2022-25090.md
@@ -17,6 +17,7 @@ Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary tem
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ComparedArray/printix-CVE-2022-25090
- https://github.com/Enes4xd/Enes4xd
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
diff --git a/2022/CVE-2022-25165.md b/2022/CVE-2022-25165.md
index d2d5c78fb..e36565ae4 100644
--- a/2022/CVE-2022-25165.md
+++ b/2022/CVE-2022-25165.md
@@ -19,6 +19,7 @@ An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition
- https://github.com/H4cksploit/CVEs-master
- https://github.com/Jaikumar3/Cloud-Security-Attacks
- https://github.com/Mehedi-Babu/security_attacks_cloud
+- https://github.com/RhinoSecurityLabs/CVEs
- https://github.com/SummitRoute/csp_security_mistakes
- https://github.com/atesemre/awesome-aws-security
- https://github.com/blaise442/awesome-aws-security
diff --git a/2022/CVE-2022-25166.md b/2022/CVE-2022-25166.md
index f08c2c5c5..0b6173f0d 100644
--- a/2022/CVE-2022-25166.md
+++ b/2022/CVE-2022-25166.md
@@ -16,6 +16,7 @@ An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to includ
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/H4cksploit/CVEs-master
+- https://github.com/RhinoSecurityLabs/CVEs
- https://github.com/merlinepedra/RHINOECURITY-CVEs
- https://github.com/merlinepedra25/RHINOSECURITY-CVEs
diff --git a/2022/CVE-2022-25265.md b/2022/CVE-2022-25265.md
index 12f25d227..e2c9df75a 100644
--- a/2022/CVE-2022-25265.md
+++ b/2022/CVE-2022-25265.md
@@ -15,4 +15,5 @@ In the Linux kernel through 5.16.10, certain binary files may have the exec-all
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/x0reaxeax/exec-prot-bypass
diff --git a/2022/CVE-2022-25622.md b/2022/CVE-2022-25622.md
index 5a813ffe8..0569af25c 100644
--- a/2022/CVE-2022-25622.md
+++ b/2022/CVE-2022-25622.md
@@ -1,12 +1,12 @@
### [CVE-2022-25622](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25622)
+
-
&color=blue)
&color=blue)
@@ -82,9 +82,11 @@
+
+
@@ -94,7 +96,7 @@
### Description
-A vulnerability has been identified in SIMATIC CFU DIQ (6ES7655-5PX31-1XX0), SIMATIC CFU PA (6ES7655-5PX11-0XX0), SIMATIC ET 200pro IM154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET200AL IM157-1 PN, SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 MF HF, SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants), SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0), SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0), SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0), SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0), SINAMICS DCM, SINAMICS G110M, SINAMICS G115D, SINAMICS G120 (incl. SIPLUS variants), SINAMICS G130, SINAMICS G150, SINAMICS S110, SINAMICS S120 (incl. SIPLUS variants), SINAMICS S150, SINAMICS S210 (6SL5...), SINAMICS V90, SIPLUS ET 200S IM151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS HCS4200 CIM4210 (6BK1942-1AA00-0AA0), SIPLUS HCS4200 CIM4210C (6BK1942-1AA00-0AA1), SIPLUS HCS4300 CIM4310 (6BK1943-1AA00-0AA0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0), SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0), SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined.This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.
+A vulnerability has been identified in SIMATIC CFU DIQ (6ES7655-5PX31-1XX0), SIMATIC CFU PA (6ES7655-5PX11-0XX0), SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200pro IM154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET 200pro IM154-8FX PN/DP CPU (6ES7154-8FX00-0AB0), SIMATIC ET 200S IM151-8 PN/DP CPU (6ES7151-8AB01-0AB0), SIMATIC ET 200S IM151-8F PN/DP CPU (6ES7151-8FB01-0AB0), SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 MF HF, SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants), SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0), SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0), SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0), SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0), SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0), SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0), SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0), SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0), SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0), SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0), SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0), SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0), SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants), SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMATIC WinAC RTX 2010 (6ES7671-0RC08-0YA0), SIMATIC WinAC RTX F 2010 (6ES7671-1RC08-0YA0), SINAMICS DCM, SINAMICS G110M, SINAMICS G115D, SINAMICS G120 (incl. SIPLUS variants), SINAMICS G130, SINAMICS G150, SINAMICS S110, SINAMICS S120 (incl. SIPLUS variants), SINAMICS S150, SINAMICS S210 (6SL5...), SINAMICS V90, SIPLUS ET 200S IM151-8 PN/DP CPU (6AG1151-8AB01-7AB0), SIPLUS ET 200S IM151-8F PN/DP CPU (6AG1151-8FB01-2AB0), SIPLUS HCS4200 CIM4210 (6BK1942-1AA00-0AA0), SIPLUS HCS4200 CIM4210C (6BK1942-1AA00-0AA1), SIPLUS HCS4300 CIM4310 (6BK1943-1AA00-0AA0), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0), SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0), SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0), SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0), SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0), SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0), SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0), SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined.This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.
### POC
diff --git a/2022/CVE-2022-25636.md b/2022/CVE-2022-25636.md
index f2bc12fd8..aebc29bef 100644
--- a/2022/CVE-2022-25636.md
+++ b/2022/CVE-2022-25636.md
@@ -20,12 +20,14 @@ net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows loca
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/B0nfee/CVE-2022-25636
+- https://github.com/Bonfee/CVE-2022-25636
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/Ch4nc3n/PublicExploitation
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/GhostTroops/TOP
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JERRY123S/all-poc
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Meowmycks/OSCPprep-Cute
@@ -73,6 +75,7 @@ net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows loca
- https://github.com/veritas501/pipe-primitive
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yaobinwen/robin_on_rails
diff --git a/2022/CVE-2022-25647.md b/2022/CVE-2022-25647.md
index fc0641bed..694fbdb02 100644
--- a/2022/CVE-2022-25647.md
+++ b/2022/CVE-2022-25647.md
@@ -15,6 +15,7 @@ The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserializa
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CGCL-codes/PHunter
+- https://github.com/LibHunter/LibHunter
- https://github.com/hinat0y/Dataset1
- https://github.com/hinat0y/Dataset10
- https://github.com/hinat0y/Dataset11
diff --git a/2022/CVE-2022-25762.md b/2022/CVE-2022-25762.md
index 1321bac41..d5d7c0b78 100644
--- a/2022/CVE-2022-25762.md
+++ b/2022/CVE-2022-25762.md
@@ -13,5 +13,5 @@ If a web application sends a WebSocket message concurrently with the WebSocket c
- https://www.oracle.com/security-alerts/cpujul2022.html
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/versio-io/product-lifecycle-security-api
diff --git a/2022/CVE-2022-2585.md b/2022/CVE-2022-2585.md
index cc3ea0ac3..70173f614 100644
--- a/2022/CVE-2022-2585.md
+++ b/2022/CVE-2022-2585.md
@@ -16,6 +16,7 @@ It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU t
- https://www.openwall.com/lists/oss-security/2022/08/09/7
#### Github
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/greek0x0/2022-LPE-UAF
diff --git a/2022/CVE-2022-2586.md b/2022/CVE-2022-2586.md
index 57c813695..782373113 100644
--- a/2022/CVE-2022-2586.md
+++ b/2022/CVE-2022-2586.md
@@ -20,6 +20,7 @@ It was discovered that a nft object or expression could reference a nft set on a
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
@@ -45,6 +46,7 @@ It was discovered that a nft object or expression could reference a nft set on a
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/substing/internal_ctf
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
diff --git a/2022/CVE-2022-2588.md b/2022/CVE-2022-2588.md
index e0591dc53..66203a68e 100644
--- a/2022/CVE-2022-2588.md
+++ b/2022/CVE-2022-2588.md
@@ -32,6 +32,7 @@ It was discovered that the cls_route filter implementation in the Linux kernel w
- https://github.com/GhostTroops/TOP
- https://github.com/Ha0-Y/LinuxKernelExploits
- https://github.com/Ha0-Y/kernel-exploit-cve
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Markakd/CVE-2022-2588
- https://github.com/Markakd/DirtyCred
diff --git a/2022/CVE-2022-25881.md b/2022/CVE-2022-25881.md
index eadf4de85..d6ef0743f 100644
--- a/2022/CVE-2022-25881.md
+++ b/2022/CVE-2022-25881.md
@@ -6,8 +6,7 @@
### Description
-This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.
-
+This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.
### POC
diff --git a/2022/CVE-2022-25883.md b/2022/CVE-2022-25883.md
index ea9751c98..d1013f518 100644
--- a/2022/CVE-2022-25883.md
+++ b/2022/CVE-2022-25883.md
@@ -5,9 +5,7 @@
### Description
-Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
-
-
+Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
### POC
diff --git a/2022/CVE-2022-25901.md b/2022/CVE-2022-25901.md
index 29ba2bd99..3da3249e0 100644
--- a/2022/CVE-2022-25901.md
+++ b/2022/CVE-2022-25901.md
@@ -7,8 +7,7 @@
### Description
-Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression.
-
+Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression.
### POC
diff --git a/2022/CVE-2022-25943.md b/2022/CVE-2022-25943.md
index 15b3c1513..999cc0571 100644
--- a/2022/CVE-2022-25943.md
+++ b/2022/CVE-2022-25943.md
@@ -14,6 +14,7 @@ The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/HadiMed/KINGSOFT-WPS-Office-LPE
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-2602.md b/2022/CVE-2022-2602.md
index c953f20db..8023236d0 100644
--- a/2022/CVE-2022-2602.md
+++ b/2022/CVE-2022-2602.md
@@ -15,6 +15,7 @@ io_uring UAF, Unix SCM garbage collection
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/LukeGix/CVE-2022-2602
- https://github.com/Mr-xn/Penetration_Testing_POC
@@ -39,6 +40,7 @@ io_uring UAF, Unix SCM garbage collection
- https://github.com/th3-5had0w/CVE-2022-2602-Study
- https://github.com/wechicken456/Linux-kernel
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-26134.md b/2022/CVE-2022-26134.md
index 8b3a2dd93..95a7e3caa 100644
--- a/2022/CVE-2022-26134.md
+++ b/2022/CVE-2022-26134.md
@@ -131,6 +131,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul
- https://github.com/demining/Log4j-Vulnerability
- https://github.com/e-hakson/OSCP
- https://github.com/eljosep/OSCP-Guide
+- https://github.com/enomothem/PenTestNote
- https://github.com/f4yd4-s3c/cve-2022-26134
- https://github.com/getastra/hypejab
- https://github.com/getdrive/PoC
diff --git a/2022/CVE-2022-26180.md b/2022/CVE-2022-26180.md
index 1b2c0c472..93ee11584 100644
--- a/2022/CVE-2022-26180.md
+++ b/2022/CVE-2022-26180.md
@@ -15,4 +15,5 @@ qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/up
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/AggressiveUser/AggressiveUser
diff --git a/2022/CVE-2022-26377.md b/2022/CVE-2022-26377.md
index 132d66918..6c366c343 100644
--- a/2022/CVE-2022-26377.md
+++ b/2022/CVE-2022-26377.md
@@ -16,6 +16,7 @@ No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Awrrays/FrameVul
- https://github.com/ByteXenon/IP-Security-Database
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/Totes5706/TotesHTB
- https://github.com/bioly230/THM_Skynet
- https://github.com/firatesatoglu/shodanSearch
diff --git a/2022/CVE-2022-2639.md b/2022/CVE-2022-2639.md
index 97080f059..8dd00a67a 100644
--- a/2022/CVE-2022-2639.md
+++ b/2022/CVE-2022-2639.md
@@ -17,6 +17,7 @@ No PoCs from references.
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Miraitowa70/POC-Notes
diff --git a/2022/CVE-2022-26629.md b/2022/CVE-2022-26629.md
index ef3bd5265..c60362fa4 100644
--- a/2022/CVE-2022-26629.md
+++ b/2022/CVE-2022-26629.md
@@ -22,6 +22,7 @@ An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the L
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/scopion/CVE-2022-26629
- https://github.com/soosmile/POC
+- https://github.com/sysenter-eip/CVE-2022-26629
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-27134.md b/2022/CVE-2022-27134.md
index d6fe17864..031a7e3e9 100644
--- a/2022/CVE-2022-27134.md
+++ b/2022/CVE-2022-27134.md
@@ -14,6 +14,7 @@ EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the `transfe
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Kenun99/CVE-batdappboomx
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-27226.md b/2022/CVE-2022-27226.md
index 2e11bc8d1..b332dc078 100644
--- a/2022/CVE-2022-27226.md
+++ b/2022/CVE-2022-27226.md
@@ -19,6 +19,7 @@ A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a t
- https://github.com/AlexRogalskiy/AlexRogalskiy
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/SakuraSamuraii/ez-iRZ
- https://github.com/WhooAmii/POC_to_review
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/karimhabush/cyberowl
diff --git a/2022/CVE-2022-27254.md b/2022/CVE-2022-27254.md
index ac408558f..87fd16f7b 100644
--- a/2022/CVE-2022-27254.md
+++ b/2022/CVE-2022-27254.md
@@ -38,6 +38,7 @@ The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/nonamecoder/CVE-2022-27254
- https://github.com/nonamecoder/FlipperZeroHondaFirmware
- https://github.com/pipiscrew/timeline
- https://github.com/soosmile/POC
diff --git a/2022/CVE-2022-27255.md b/2022/CVE-2022-27255.md
index 8f7c081f8..9d6d0e26f 100644
--- a/2022/CVE-2022-27255.md
+++ b/2022/CVE-2022-27255.md
@@ -13,6 +13,7 @@ In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrite
No PoCs from references.
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2022/CVE-2022-27666.md b/2022/CVE-2022-27666.md
index c64a017a9..3f9b35f78 100644
--- a/2022/CVE-2022-27666.md
+++ b/2022/CVE-2022-27666.md
@@ -21,6 +21,7 @@ A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ip
- https://github.com/CVEDB/top
- https://github.com/Ch4nc3n/PublicExploitation
- https://github.com/GhostTroops/TOP
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
- https://github.com/JERRY123S/all-poc
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -54,6 +55,7 @@ A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ip
- https://github.com/trhacknon/Pocingit
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-27927.md b/2022/CVE-2022-27927.md
index 6d848ad3e..d9e6fab41 100644
--- a/2022/CVE-2022-27927.md
+++ b/2022/CVE-2022-27927.md
@@ -19,6 +19,7 @@ A SQL injection vulnerability exists in Microfinance Management System 1.0 when
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-28079.md b/2022/CVE-2022-28079.md
index 45e66d6fe..db3e4c45f 100644
--- a/2022/CVE-2022-28079.md
+++ b/2022/CVE-2022-28079.md
@@ -19,6 +19,7 @@ College Management System v1.0 was discovered to contain a SQL injection vulnera
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-28080.md b/2022/CVE-2022-28080.md
index 5fdf9bc16..8eac9aaeb 100644
--- a/2022/CVE-2022-28080.md
+++ b/2022/CVE-2022-28080.md
@@ -20,6 +20,7 @@ Royal Event Management System v1.0 was discovered to contain a SQL injection vul
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-28330.md b/2022/CVE-2022-28330.md
index baf91ad1e..5d50a97d3 100644
--- a/2022/CVE-2022-28330.md
+++ b/2022/CVE-2022-28330.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/firatesatoglu/shodanSearch
- https://github.com/kasem545/vulnsearch
diff --git a/2022/CVE-2022-28452.md b/2022/CVE-2022-28452.md
index 829b3654d..70aab1d03 100644
--- a/2022/CVE-2022-28452.md
+++ b/2022/CVE-2022-28452.md
@@ -21,6 +21,7 @@ Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection.
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/YavuzSahbaz/Red-Planet-Laundry-Management-System-1.0-is-vulnerable-to-SQL
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-28601.md b/2022/CVE-2022-28601.md
index 54d948b40..9a18641c2 100644
--- a/2022/CVE-2022-28601.md
+++ b/2022/CVE-2022-28601.md
@@ -14,6 +14,7 @@ A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/FlaviuPopescu/CVE-2022-28601
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-28614.md b/2022/CVE-2022-28614.md
index 463a126b8..03f0d6f3a 100644
--- a/2022/CVE-2022-28614.md
+++ b/2022/CVE-2022-28614.md
@@ -16,6 +16,7 @@ No PoCs from references.
#### Github
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/Totes5706/TotesHTB
- https://github.com/bioly230/THM_Skynet
- https://github.com/firatesatoglu/shodanSearch
diff --git a/2022/CVE-2022-28615.md b/2022/CVE-2022-28615.md
index 3dbb29219..a76cd3764 100644
--- a/2022/CVE-2022-28615.md
+++ b/2022/CVE-2022-28615.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/Totes5706/TotesHTB
- https://github.com/bioly230/THM_Skynet
- https://github.com/firatesatoglu/shodanSearch
diff --git a/2022/CVE-2022-28986.md b/2022/CVE-2022-28986.md
index 2ee176093..a5ad6d752 100644
--- a/2022/CVE-2022-28986.md
+++ b/2022/CVE-2022-28986.md
@@ -14,6 +14,7 @@ LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/FlaviuPopescu/CVE-2022-28986
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-29072.md b/2022/CVE-2022-29072.md
index 526b9179d..474875689 100644
--- a/2022/CVE-2022-29072.md
+++ b/2022/CVE-2022-29072.md
@@ -37,6 +37,7 @@
- https://github.com/jbmihoub/all-poc
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kagancapar/7-zip-malicious-code-vulnerability
+- https://github.com/kagancapar/CVE-2022-29072
- https://github.com/karimhabush/cyberowl
- https://github.com/kun-g/Scraping-Github-trending
- https://github.com/lions2012/Penetration_Testing_POC
diff --git a/2022/CVE-2022-29404.md b/2022/CVE-2022-29404.md
index 6c2e62e4a..419667689 100644
--- a/2022/CVE-2022-29404.md
+++ b/2022/CVE-2022-29404.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/Totes5706/TotesHTB
- https://github.com/bioly230/THM_Skynet
- https://github.com/firatesatoglu/shodanSearch
diff --git a/2022/CVE-2022-29464.md b/2022/CVE-2022-29464.md
index 6379b33cb..f6dcb0eb7 100644
--- a/2022/CVE-2022-29464.md
+++ b/2022/CVE-2022-29464.md
@@ -17,6 +17,7 @@ Certain WSO2 products allow unrestricted file upload with resultant remote code
#### Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/0xAgun/CVE-2022-29464
+- https://github.com/0xMarcio/cve
- https://github.com/20142995/Goby
- https://github.com/20142995/pocsuite3
- https://github.com/2lambda123/panopticon-unattributed
@@ -82,6 +83,7 @@ Certain WSO2 products allow unrestricted file upload with resultant remote code
- https://github.com/gbrsh/CVE-2022-29464
- https://github.com/gpiechnik2/nmap-CVE-2022-29464
- https://github.com/h3v0x/CVE-2022-29464
+- https://github.com/hakivvi/CVE-2022-29464
- https://github.com/hev0x/CVE-2022-29464
- https://github.com/hktalent/TOP
- https://github.com/hupe1980/CVE-2022-29464
diff --git a/2022/CVE-2022-29582.md b/2022/CVE-2022-29582.md
index 3f08e276b..19a999f91 100644
--- a/2022/CVE-2022-29582.md
+++ b/2022/CVE-2022-29582.md
@@ -38,6 +38,7 @@ In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a r
- https://github.com/tr3ss/gofetch
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
diff --git a/2022/CVE-2022-29597.md b/2022/CVE-2022-29597.md
index 95719230c..05a566678 100644
--- a/2022/CVE-2022-29597.md
+++ b/2022/CVE-2022-29597.md
@@ -16,6 +16,7 @@ Solutions Atlantic Regulatory Reporting System (RRS) v500 is vulnerable to Local
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheGetch/CVE-2022-29597
- https://github.com/WhooAmii/POC_to_review
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
diff --git a/2022/CVE-2022-29598.md b/2022/CVE-2022-29598.md
index 3bf2854eb..4b5dab99d 100644
--- a/2022/CVE-2022-29598.md
+++ b/2022/CVE-2022-29598.md
@@ -16,6 +16,7 @@ Solutions Atlantic Regulatory Reporting System (RRS) v500 is vulnerable to an re
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TheGetch/CVE-2022-29598
- https://github.com/WhooAmii/POC_to_review
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
diff --git a/2022/CVE-2022-29778.md b/2022/CVE-2022-29778.md
index 3c96eb25f..3d15f22ae 100644
--- a/2022/CVE-2022-29778.md
+++ b/2022/CVE-2022-29778.md
@@ -17,6 +17,7 @@
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/TyeYeah/DIR-890L-1.20-RCE
- https://github.com/WhooAmii/POC_to_review
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
diff --git a/2022/CVE-2022-30040.md b/2022/CVE-2022-30040.md
index 08895be3a..0c0d9cef3 100644
--- a/2022/CVE-2022-30040.md
+++ b/2022/CVE-2022-30040.md
@@ -15,6 +15,7 @@ Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability l
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Le1a/CVE-2022-30040
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-30075.md b/2022/CVE-2022-30075.md
index aca27cd83..4a4df2176 100644
--- a/2022/CVE-2022-30075.md
+++ b/2022/CVE-2022-30075.md
@@ -16,6 +16,7 @@ In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup f
- https://www.exploit-db.com/exploits/50962
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
@@ -30,6 +31,7 @@ In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup f
- https://github.com/Tig3rHu/Awesome_IOT_Vul_lib
- https://github.com/Tig3rHu/MessageForV
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/aaronsvk/CVE-2022-30075
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/gscamelo/TP-Link-Archer-AX10-V1
- https://github.com/hktalent/TOP
diff --git a/2022/CVE-2022-30292.md b/2022/CVE-2022-30292.md
index a10ac28f6..e5b71e831 100644
--- a/2022/CVE-2022-30292.md
+++ b/2022/CVE-2022-30292.md
@@ -20,6 +20,7 @@ Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a cer
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sprushed/CVE-2022-30292
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-30556.md b/2022/CVE-2022-30556.md
index 0e0542bdb..8a299d31f 100644
--- a/2022/CVE-2022-30556.md
+++ b/2022/CVE-2022-30556.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/Totes5706/TotesHTB
- https://github.com/bioly230/THM_Skynet
- https://github.com/firatesatoglu/shodanSearch
diff --git a/2022/CVE-2022-30929.md b/2022/CVE-2022-30929.md
index aff38fcf3..9e47f148e 100644
--- a/2022/CVE-2022-30929.md
+++ b/2022/CVE-2022-30929.md
@@ -14,6 +14,7 @@ Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/AgainstTheLight/CVE-2022-30929
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-31138.md b/2022/CVE-2022-31138.md
index 50be48d00..a146084d7 100644
--- a/2022/CVE-2022-31138.md
+++ b/2022/CVE-2022-31138.md
@@ -18,6 +18,7 @@ mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/k0mi-tg/CVE-POC
+- https://github.com/ly1g3/Mailcow-CVE-2022-31138
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
diff --git a/2022/CVE-2022-31245.md b/2022/CVE-2022-31245.md
index 72f2abec8..cf1299cbe 100644
--- a/2022/CVE-2022-31245.md
+++ b/2022/CVE-2022-31245.md
@@ -20,6 +20,7 @@ mailcow before 2022-05d allows a remote authenticated user to inject OS commands
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/karimhabush/cyberowl
- https://github.com/ly1g3/Mailcow-CVE-2022-31138
+- https://github.com/ly1g3/Mailcow-CVE-2022-31245
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
diff --git a/2022/CVE-2022-31262.md b/2022/CVE-2022-31262.md
index 0952315fd..169792355 100644
--- a/2022/CVE-2022-31262.md
+++ b/2022/CVE-2022-31262.md
@@ -25,6 +25,7 @@ An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/secure-77/CVE-2022-31262
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
- https://github.com/xuetusummer/Penetration_Testing_POC
diff --git a/2022/CVE-2022-31373.md b/2022/CVE-2022-31373.md
index 70a6314f1..0c1878333 100644
--- a/2022/CVE-2022-31373.md
+++ b/2022/CVE-2022-31373.md
@@ -15,5 +15,6 @@ SolarView Compact v6.0 was discovered to contain a cross-site scripting (XSS) vu
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/badboycxcc/SolarView_Compact_6.0_xss
- https://github.com/badboycxcc/badboycxcc
diff --git a/2022/CVE-2022-31813.md b/2022/CVE-2022-31813.md
index a0c01e24d..d69df67ee 100644
--- a/2022/CVE-2022-31813.md
+++ b/2022/CVE-2022-31813.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/Totes5706/TotesHTB
- https://github.com/bioly230/THM_Skynet
- https://github.com/firatesatoglu/shodanSearch
diff --git a/2022/CVE-2022-31901.md b/2022/CVE-2022-31901.md
index 546e50d25..50f500bd5 100644
--- a/2022/CVE-2022-31901.md
+++ b/2022/CVE-2022-31901.md
@@ -13,6 +13,7 @@ Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and ear
- https://github.com/CDACesec/CVE-2022-31901
#### Github
+- https://github.com/CDACesec/CVE-2022-31901
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-31902.md b/2022/CVE-2022-31902.md
index 0706b84f3..2d74d67a0 100644
--- a/2022/CVE-2022-31902.md
+++ b/2022/CVE-2022-31902.md
@@ -13,6 +13,7 @@ Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Fi
- https://github.com/CDACesec/CVE-2022-31902
#### Github
+- https://github.com/CDACesec/CVE-2022-31902
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/karimhabush/cyberowl
- https://github.com/manas3c/CVE-POC
diff --git a/2022/CVE-2022-32199.md b/2022/CVE-2022-32199.md
index b1d15486a..b52291bd6 100644
--- a/2022/CVE-2022-32199.md
+++ b/2022/CVE-2022-32199.md
@@ -13,5 +13,6 @@ db_convert.php in ScriptCase through 9.9.008 is vulnerable to Arbitrary File Del
- https://github.com/Toxich4/CVE-2022-32199
#### Github
+- https://github.com/Toxich4/CVE-2022-32199
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-32250.md b/2022/CVE-2022-32250.md
index 9c7955147..e0db18494 100644
--- a/2022/CVE-2022-32250.md
+++ b/2022/CVE-2022-32250.md
@@ -22,6 +22,7 @@ net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Decstor5/2022-32250LPE
- https://github.com/EGI-Federation/SVG-advisories
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
@@ -50,6 +51,7 @@ net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local
- https://github.com/theori-io/CVE-2022-32250-exploit
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-32275.md b/2022/CVE-2022-32275.md
index 936feff5a..634a5cda5 100644
--- a/2022/CVE-2022-32275.md
+++ b/2022/CVE-2022-32275.md
@@ -15,6 +15,7 @@
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/BrotherOfJhonny/grafana
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/kh4sh3i/Grafana-CVE
- https://github.com/lions2012/Penetration_Testing_POC
diff --git a/2022/CVE-2022-32988.md b/2022/CVE-2022-32988.md
index 6399cc472..0037e8d48 100644
--- a/2022/CVE-2022-32988.md
+++ b/2022/CVE-2022-32988.md
@@ -15,6 +15,8 @@ Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/FedericoHeichou/CVE-2022-32988
+- https://github.com/FedericoHeichou/DSL-N14U-XSS
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-34265.md b/2022/CVE-2022-34265.md
index b4828a6a0..941d04934 100644
--- a/2022/CVE-2022-34265.md
+++ b/2022/CVE-2022-34265.md
@@ -34,6 +34,7 @@ No PoCs from references.
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/qwqoro/GPN-Hackathon
+- https://github.com/seal-community/patches
- https://github.com/simonepetruzzi/WebSecurityProject
- https://github.com/t0m4too/t0m4to
- https://github.com/traumatising/CVE-2022-34265
diff --git a/2022/CVE-2022-34328.md b/2022/CVE-2022-34328.md
index c30c52bec..beddf587d 100644
--- a/2022/CVE-2022-34328.md
+++ b/2022/CVE-2022-34328.md
@@ -16,4 +16,5 @@ PMB 7.3.10 allows reflected XSS via the id parameter in an lvl=author_see reques
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Orange-Cyberdefense/CVE-repository
+- https://github.com/jenaye/PMB
diff --git a/2022/CVE-2022-34918.md b/2022/CVE-2022-34918.md
index 8213049e5..4b4b30f04 100644
--- a/2022/CVE-2022-34918.md
+++ b/2022/CVE-2022-34918.md
@@ -18,11 +18,13 @@ An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug
- https://www.randorisec.fr/crack-linux-firewall/
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xZipp0/OSCP
- https://github.com/0xsyr0/OSCP
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/IdanBanani/ELF-Injection-Shellcode-Bridgehead
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Ly0nt4r/OSCP
@@ -72,6 +74,7 @@ An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug
- https://github.com/txuswashere/OSCP
- https://github.com/veritas501/CVE-2022-34918
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xhref/OSCP
- https://github.com/xuetusummer/Penetration_Testing_POC
diff --git a/2022/CVE-2022-35131.md b/2022/CVE-2022-35131.md
index f1f700058..bbf2d75ae 100644
--- a/2022/CVE-2022-35131.md
+++ b/2022/CVE-2022-35131.md
@@ -19,6 +19,7 @@ Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted paylo
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/k0mi-tg/CVE-POC
+- https://github.com/ly1g3/Joplin-CVE-2022-35131
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
diff --git a/2022/CVE-2022-35513.md b/2022/CVE-2022-35513.md
index f1896c4e9..e1598fb2b 100644
--- a/2022/CVE-2022-35513.md
+++ b/2022/CVE-2022-35513.md
@@ -21,6 +21,7 @@ The Blink1Control2 application <= 2.2.7 uses weak password encryption and an ins
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/p1ckzi/CVE-2022-35513
- https://github.com/security-anthem/IoTPene
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
diff --git a/2022/CVE-2022-35621.md b/2022/CVE-2022-35621.md
index 6f5c486b2..936e563e5 100644
--- a/2022/CVE-2022-35621.md
+++ b/2022/CVE-2022-35621.md
@@ -14,5 +14,6 @@ Access control vulnerability in Evoh NFT EvohClaimable contract with sha256 hash
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/MacherCS/CVE_Evoh_Contract
- https://github.com/karimhabush/cyberowl
diff --git a/2022/CVE-2022-35890.md b/2022/CVE-2022-35890.md
index 1527c5916..52d179022 100644
--- a/2022/CVE-2022-35890.md
+++ b/2022/CVE-2022-35890.md
@@ -14,4 +14,5 @@ An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x b
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/sourceincite/randy
diff --git a/2022/CVE-2022-35899.md b/2022/CVE-2022-35899.md
index 26630bbe9..39fbeb30a 100644
--- a/2022/CVE-2022-35899.md
+++ b/2022/CVE-2022-35899.md
@@ -16,6 +16,7 @@ There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSD
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/AngeloPioAmirante/CVE-2022-35899
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-36126.md b/2022/CVE-2022-36126.md
index d28ddfb91..29da0722f 100644
--- a/2022/CVE-2022-36126.md
+++ b/2022/CVE-2022-36126.md
@@ -15,4 +15,5 @@ An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x b
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/sourceincite/randy
diff --git a/2022/CVE-2022-36200.md b/2022/CVE-2022-36200.md
index ec2744894..c9511209e 100644
--- a/2022/CVE-2022-36200.md
+++ b/2022/CVE-2022-36200.md
@@ -17,6 +17,7 @@ In FiberHome VDSL2 Modem HG150-Ub_V3.0, Credentials of Admin are submitted in UR
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/afaq1337/CVE-2022-36200
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-36231.md b/2022/CVE-2022-36231.md
index 8380e7a2d..77975fb98 100644
--- a/2022/CVE-2022-36231.md
+++ b/2022/CVE-2022-36231.md
@@ -13,6 +13,7 @@ pdf_info 0.5.3 is vulnerable to Command Execution because the Ruby code uses bac
- https://github.com/affix/CVE-2022-36231
#### Github
+- https://github.com/affix/CVE-2022-36231
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-36271.md b/2022/CVE-2022-36271.md
index 7efcedd85..0fc4600d9 100644
--- a/2022/CVE-2022-36271.md
+++ b/2022/CVE-2022-36271.md
@@ -16,6 +16,7 @@ Outbyte PC Repair Installation File 1.7.112.7856 is vulnerable to Dll Hijacking.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
+- https://github.com/SaumyajeetDas/POC-of-CVE-2022-36271
- https://github.com/WhooAmii/POC_to_review
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
diff --git a/2022/CVE-2022-36359.md b/2022/CVE-2022-36359.md
index 21dd0ecf1..6dd0a0400 100644
--- a/2022/CVE-2022-36359.md
+++ b/2022/CVE-2022-36359.md
@@ -15,4 +15,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/motoyasu-saburi/reported_vulnerability
+- https://github.com/seal-community/patches
diff --git a/2022/CVE-2022-36760.md b/2022/CVE-2022-36760.md
index 320c5e9c8..22b62c9a8 100644
--- a/2022/CVE-2022-36760.md
+++ b/2022/CVE-2022-36760.md
@@ -14,6 +14,7 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/bioly230/THM_Skynet
- https://github.com/firatesatoglu/shodanSearch
- https://github.com/karimhabush/cyberowl
diff --git a/2022/CVE-2022-37298.md b/2022/CVE-2022-37298.md
index 582e0c84f..d46821455 100644
--- a/2022/CVE-2022-37298.md
+++ b/2022/CVE-2022-37298.md
@@ -14,6 +14,7 @@ Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Inc
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/dbyio/cve-2022-37298
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-37434.md b/2022/CVE-2022-37434.md
index 48bd052ff..13d71d916 100644
--- a/2022/CVE-2022-37434.md
+++ b/2022/CVE-2022-37434.md
@@ -31,6 +31,7 @@ zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in infl
- https://github.com/bollwarm/SecToolSet
- https://github.com/fivexl/aws-ecr-client-golang
- https://github.com/isgo-golgo13/gokit-gorillakit-enginesvc
+- https://github.com/ivd38/zlib_overflow
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/karimhabush/cyberowl
- https://github.com/manas3c/CVE-POC
diff --git a/2022/CVE-2022-37436.md b/2022/CVE-2022-37436.md
index 773b60d72..75f863077 100644
--- a/2022/CVE-2022-37436.md
+++ b/2022/CVE-2022-37436.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/8ctorres/SIND-Practicas
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/bioly230/THM_Skynet
- https://github.com/firatesatoglu/shodanSearch
- https://github.com/karimhabush/cyberowl
diff --git a/2022/CVE-2022-37703.md b/2022/CVE-2022-37703.md
index 3c7e5b870..f58cb92da 100644
--- a/2022/CVE-2022-37703.md
+++ b/2022/CVE-2022-37703.md
@@ -14,6 +14,7 @@ In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUI
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/MaherAzzouzi/CVE-2022-37703
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
diff --git a/2022/CVE-2022-37704.md b/2022/CVE-2022-37704.md
index 9e2a4a9ea..e57c4f868 100644
--- a/2022/CVE-2022-37704.md
+++ b/2022/CVE-2022-37704.md
@@ -13,6 +13,7 @@ Amanda 3.5.1 allows privilege escalation from the regular user backup to root. T
- https://github.com/MaherAzzouzi/CVE-2022-37704
#### Github
+- https://github.com/MaherAzzouzi/CVE-2022-37704
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-37705.md b/2022/CVE-2022-37705.md
index eb57e05e3..2a8121212 100644
--- a/2022/CVE-2022-37705.md
+++ b/2022/CVE-2022-37705.md
@@ -13,6 +13,7 @@ A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user c
- https://github.com/MaherAzzouzi/CVE-2022-37705
#### Github
+- https://github.com/MaherAzzouzi/CVE-2022-37705
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
diff --git a/2022/CVE-2022-37706.md b/2022/CVE-2022-37706.md
index a57874539..356e703fe 100644
--- a/2022/CVE-2022-37706.md
+++ b/2022/CVE-2022-37706.md
@@ -17,6 +17,7 @@ enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain priv
- https://github.com/ECU-10525611-Xander/CVE-2022-37706
- https://github.com/GrayHatZone/CVE-2022-37706-LPE-exploit
- https://github.com/J0hnbX/Ubuntu-22-LPE
+- https://github.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
diff --git a/2022/CVE-2022-37783.md b/2022/CVE-2022-37783.md
new file mode 100644
index 000000000..6552ade45
--- /dev/null
+++ b/2022/CVE-2022-37783.md
@@ -0,0 +1,17 @@
+### [CVE-2022-37783](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37783)
+
+
+
+
+### Description
+
+All Craft CMS versions between 3.0.0 and 3.7.32 disclose password hashes of users who authenticate using their E-Mail address or username in Anti-CSRF-Tokens. Craft CMS uses a cookie called CRAFT_CSRF_TOKEN and a HTML hidden field called CRAFT_CSRF_TOKEN to avoid Cross Site Request Forgery attacks. The CRAFT_CSRF_TOKEN cookie discloses the password hash in without encoding it whereas the corresponding HTML hidden field discloses the users' password hash in a masked manner, which can be decoded by using public functions of the YII framework.
+
+### POC
+
+#### Reference
+- http://www.openwall.com/lists/oss-security/2024/06/06/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2022/CVE-2022-38604.md b/2022/CVE-2022-38604.md
index fec51b924..d0edfc76d 100644
--- a/2022/CVE-2022-38604.md
+++ b/2022/CVE-2022-38604.md
@@ -14,5 +14,6 @@ Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitra
- https://lucabarile.github.io/Blog/CVE-2022-38604/index.html
#### Github
+- https://github.com/LucaBarile/CVE-2022-38604
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-38766.md b/2022/CVE-2022-38766.md
index 48943f076..269e519c8 100644
--- a/2022/CVE-2022-38766.md
+++ b/2022/CVE-2022-38766.md
@@ -15,6 +15,7 @@ The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signa
#### Github
- https://github.com/1-tong/vehicle_cves
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/AUTOCRYPT-IVS-VnV/CVE-2022-38766
- https://github.com/AUTOCRYPT-RED/CVE-2022-38766
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
diff --git a/2022/CVE-2022-38813.md b/2022/CVE-2022-38813.md
index 3346a0fea..64995edaf 100644
--- a/2022/CVE-2022-38813.md
+++ b/2022/CVE-2022-38813.md
@@ -15,6 +15,7 @@ PHPGurukul Blood Donor Management System 1.0 does not properly restrict access t
- https://ihexcoder.wixsite.com/secresearch/post/cve-2022-38813-privilege-escalations-in-blood-donor-management-system-v1-0
#### Github
+- https://github.com/RashidKhanPathan/CVE-2022-38813
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-39838.md b/2022/CVE-2022-39838.md
index 27228834c..865d793e6 100644
--- a/2022/CVE-2022-39838.md
+++ b/2022/CVE-2022-39838.md
@@ -15,5 +15,6 @@ Systematic FIX Adapter (ALFAFX) 2.4.0.25 13/09/2017 allows remote file inclusion
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/fbkcs/CVE-2021-35975
+- https://github.com/jet-pentest/CVE-2022-39838
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-39952.md b/2022/CVE-2022-39952.md
index a674fbdad..eec38d582 100644
--- a/2022/CVE-2022-39952.md
+++ b/2022/CVE-2022-39952.md
@@ -13,6 +13,7 @@ A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2
No PoCs from references.
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/1f3lse/taiE
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
diff --git a/2022/CVE-2022-40032.md b/2022/CVE-2022-40032.md
index c45879ac8..d5d4efc42 100644
--- a/2022/CVE-2022-40032.md
+++ b/2022/CVE-2022-40032.md
@@ -14,6 +14,7 @@ SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.
- https://github.com/h4md153v63n/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated
#### Github
+- https://github.com/h4md153v63n/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated
- https://github.com/h4md153v63n/CVEs
- https://github.com/h4md153v63n/h4md153v63n
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-40297.md b/2022/CVE-2022-40297.md
index 698d5a1de..dcef4a291 100644
--- a/2022/CVE-2022-40297.md
+++ b/2022/CVE-2022-40297.md
@@ -17,6 +17,7 @@
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
+- https://github.com/filipkarc/PoC-ubuntutouch-pin-privesc
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/karimhabush/cyberowl
- https://github.com/manas3c/CVE-POC
diff --git a/2022/CVE-2022-40347.md b/2022/CVE-2022-40347.md
index d4b9d4e75..a6efe1de7 100644
--- a/2022/CVE-2022-40347.md
+++ b/2022/CVE-2022-40347.md
@@ -14,6 +14,7 @@ SQL Injection vulnerability in Intern Record System version 1.0 in /intern/contr
- https://github.com/h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated
#### Github
+- https://github.com/h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated
- https://github.com/h4md153v63n/CVEs
- https://github.com/h4md153v63n/h4md153v63n
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-40348.md b/2022/CVE-2022-40348.md
index 4cdd405a0..8edc28216 100644
--- a/2022/CVE-2022-40348.md
+++ b/2022/CVE-2022-40348.md
@@ -13,6 +13,7 @@ Cross Site Scripting (XSS) vulnerability in Intern Record System version 1.0 in
- https://github.com/h4md153v63n/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated
#### Github
+- https://github.com/h4md153v63n/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated
- https://github.com/h4md153v63n/CVEs
- https://github.com/h4md153v63n/h4md153v63n
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-40471.md b/2022/CVE-2022-40471.md
index f47017a7c..557af6239 100644
--- a/2022/CVE-2022-40471.md
+++ b/2022/CVE-2022-40471.md
@@ -15,6 +15,7 @@ Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacke
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/RashidKhanPathan/CVE-2022-40471
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-40624.md b/2022/CVE-2022-40624.md
index aff323b9a..ebe388496 100644
--- a/2022/CVE-2022-40624.md
+++ b/2022/CVE-2022-40624.md
@@ -14,6 +14,7 @@ pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrar
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/dhammon/pfBlockerNg-CVE-2022-40624
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-40684.md b/2022/CVE-2022-40684.md
index 79fb02e1d..b604e4af2 100644
--- a/2022/CVE-2022-40684.md
+++ b/2022/CVE-2022-40684.md
@@ -15,6 +15,7 @@ An authentication bypass using an alternate path or channel [CWE-288] in Fortine
#### Github
- https://github.com/0day404/vulnerability-poc
+- https://github.com/0xMarcio/cve
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
diff --git a/2022/CVE-2022-40881.md b/2022/CVE-2022-40881.md
index 3dbfa1634..297072f12 100644
--- a/2022/CVE-2022-40881.md
+++ b/2022/CVE-2022-40881.md
@@ -18,6 +18,7 @@ SolarView Compact 6.00 was discovered to contain a command injection vulnerabili
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Threekiii/Awesome-POC
+- https://github.com/Timorlover/SolarView_Compact_6.0_rce_via_network_test.php
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/yilin1203/CVE-2022-40881
diff --git a/2022/CVE-2022-40890.md b/2022/CVE-2022-40890.md
index 36558308a..d170d4598 100644
--- a/2022/CVE-2022-40890.md
+++ b/2022/CVE-2022-40890.md
@@ -14,4 +14,5 @@ A vulnerability in /src/amf/amf-context.c in Open5GS 2.4.10 and earlier leads to
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ToughRunner/Open5gs_bugreport
diff --git a/2022/CVE-2022-40982.md b/2022/CVE-2022-40982.md
index 30d133e7d..e9c6180d2 100644
--- a/2022/CVE-2022-40982.md
+++ b/2022/CVE-2022-40982.md
@@ -16,6 +16,7 @@ Information exposure through microarchitectural state after transient execution
#### Github
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/bcoles/kasld
+- https://github.com/codexlynx/hardware-attacks-state-of-the-art
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/hughsie/python-uswid
diff --git a/2022/CVE-2022-41218.md b/2022/CVE-2022-41218.md
index 3cdff643b..527111c5e 100644
--- a/2022/CVE-2022-41218.md
+++ b/2022/CVE-2022-41218.md
@@ -33,6 +33,7 @@ In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/whoforget/CVE-POC
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
diff --git a/2022/CVE-2022-41358.md b/2022/CVE-2022-41358.md
index e08a7174a..aaa3df72d 100644
--- a/2022/CVE-2022-41358.md
+++ b/2022/CVE-2022-41358.md
@@ -20,6 +20,7 @@ A stored cross-site scripting (XSS) vulnerability in Garage Management System v1
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/thecasual/CVE-2022-41358
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-41401.md b/2022/CVE-2022-41401.md
index 30999c2d8..d9cc2884a 100644
--- a/2022/CVE-2022-41401.md
+++ b/2022/CVE-2022-41401.md
@@ -13,5 +13,6 @@ OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability
- https://github.com/ixSly/CVE-2022-41401
#### Github
+- https://github.com/ixSly/CVE-2022-41401
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-41412.md b/2022/CVE-2022-41412.md
index 837cb6573..aecbc0234 100644
--- a/2022/CVE-2022-41412.md
+++ b/2022/CVE-2022-41412.md
@@ -17,6 +17,7 @@ An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows att
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/renmizo/CVE-2022-41412
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-41413.md b/2022/CVE-2022-41413.md
index a098762f7..194cd31e2 100644
--- a/2022/CVE-2022-41413.md
+++ b/2022/CVE-2022-41413.md
@@ -18,6 +18,7 @@ perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/renmizo/CVE-2022-41413
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-41445.md b/2022/CVE-2022-41445.md
index 397d35b98..e1a807843 100644
--- a/2022/CVE-2022-41445.md
+++ b/2022/CVE-2022-41445.md
@@ -14,6 +14,7 @@ A cross-site scripting (XSS) vulnerability in Record Management System using Cod
- https://ihexcoder.wixsite.com/secresearch/post/cve-2022-41445-cross-site-scripting-in-teachers-record-management-system-using-codeignitor
#### Github
+- https://github.com/RashidKhanPathan/CVE-2022-41445
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-41446.md b/2022/CVE-2022-41446.md
index 83f066497..04a403136 100644
--- a/2022/CVE-2022-41446.md
+++ b/2022/CVE-2022-41446.md
@@ -14,6 +14,7 @@ An access control issue in /Admin/dashboard.php of Record Management System usin
- https://ihexcoder.wixsite.com/secresearch/post/privilege-escalation-in-teachers-record-management-system-using-codeignitor
#### Github
+- https://github.com/RashidKhanPathan/CVE-2022-41446
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-42046.md b/2022/CVE-2022-42046.md
index dc2c0ec42..7386ad818 100644
--- a/2022/CVE-2022-42046.md
+++ b/2022/CVE-2022-42046.md
@@ -18,6 +18,7 @@ wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to p
- https://github.com/gmh5225/awesome-game-security
- https://github.com/goldenscale/GS_GithubMirror
- https://github.com/k0mi-tg/CVE-POC
+- https://github.com/kkent030315/CVE-2022-42046
- https://github.com/manas3c/CVE-POC
- https://github.com/nanaroam/kaditaroam
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-42176.md b/2022/CVE-2022-42176.md
index 66f23075a..24cbb0bb2 100644
--- a/2022/CVE-2022-42176.md
+++ b/2022/CVE-2022-42176.md
@@ -17,6 +17,7 @@ In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/soy-oreocato/CVE-2022-42176
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-42252.md b/2022/CVE-2022-42252.md
index 8980870d0..12b37e02a 100644
--- a/2022/CVE-2022-42252.md
+++ b/2022/CVE-2022-42252.md
@@ -17,4 +17,5 @@ No PoCs from references.
- https://github.com/fernandoreb/dependency-check-springboot
- https://github.com/sr-monika/sprint-rest
- https://github.com/tanjiti/sec_profile
+- https://github.com/versio-io/product-lifecycle-security-api
diff --git a/2022/CVE-2022-42457.md b/2022/CVE-2022-42457.md
index f5710c718..c2c45eabb 100644
--- a/2022/CVE-2022-42457.md
+++ b/2022/CVE-2022-42457.md
@@ -14,4 +14,5 @@ Generex CS141 through 2.10 allows remote command execution by administrators via
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/hubertfarnsworth12/Generex-CS141-Authenticated-Remote-Command-Execution
diff --git a/2022/CVE-2022-42703.md b/2022/CVE-2022-42703.md
index d57103738..bbf341365 100644
--- a/2022/CVE-2022-42703.md
+++ b/2022/CVE-2022-42703.md
@@ -35,5 +35,6 @@ mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf
- https://github.com/pray77/SCTF2023_kernelpwn
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/veritas501/hbp_attack_demo
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2022/CVE-2022-42889.md b/2022/CVE-2022-42889.md
index 38a6c61de..c8527257e 100644
--- a/2022/CVE-2022-42889.md
+++ b/2022/CVE-2022-42889.md
@@ -55,6 +55,7 @@ Apache Commons Text performs variable interpolation, allowing properties to be d
- https://github.com/Vamckis/Container-Security
- https://github.com/Vulnmachines/text4shell-CVE-2022-42889
- https://github.com/WFS-Mend/vtrade-common
+- https://github.com/Whoopsunix/PPPVULNS
- https://github.com/XRSec/AWVS-Update
- https://github.com/Y4tacker/JavaSec
- https://github.com/aaronm-sysdig/text4shell-docker
diff --git a/2022/CVE-2022-42895.md b/2022/CVE-2022-42895.md
index 26139707b..c2c00f176 100644
--- a/2022/CVE-2022-42895.md
+++ b/2022/CVE-2022-42895.md
@@ -25,5 +25,6 @@ No PoCs from references.
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2022/CVE-2022-42896.md b/2022/CVE-2022-42896.md
index 0f8107399..8bd5ac676 100644
--- a/2022/CVE-2022-42896.md
+++ b/2022/CVE-2022-42896.md
@@ -30,5 +30,6 @@ No PoCs from references.
- https://github.com/nidhi7598/linux-4.1.15_CVE-2022-42896
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ssr-111/linux-kernel-exploitation
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2022/CVE-2022-43117.md b/2022/CVE-2022-43117.md
index a13e18482..ac1e3cebc 100644
--- a/2022/CVE-2022-43117.md
+++ b/2022/CVE-2022-43117.md
@@ -14,6 +14,7 @@ Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discove
- https://github.com/RashidKhanPathan/CVE-2022-43117
#### Github
+- https://github.com/RashidKhanPathan/CVE-2022-43117
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-43144.md b/2022/CVE-2022-43144.md
index b10e18c68..756140379 100644
--- a/2022/CVE-2022-43144.md
+++ b/2022/CVE-2022-43144.md
@@ -15,6 +15,7 @@ A cross-site scripting (XSS) vulnerability in Canteen Management System v1.0 all
#### Github
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
+- https://github.com/mudassiruddin/CVE-2022-43144-Stored-XSS
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-43293.md b/2022/CVE-2022-43293.md
index 4b270bc73..e36396f3d 100644
--- a/2022/CVE-2022-43293.md
+++ b/2022/CVE-2022-43293.md
@@ -14,5 +14,6 @@ Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file wr
- https://lucabarile.github.io/Blog/CVE-2022-43293/index.html
#### Github
+- https://github.com/LucaBarile/CVE-2022-43293
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-44215.md b/2022/CVE-2022-44215.md
index 4d09376d1..f4e212c58 100644
--- a/2022/CVE-2022-44215.md
+++ b/2022/CVE-2022-44215.md
@@ -13,6 +13,7 @@ There is an open redirect vulnerability in Titan FTP server 19.0 and below. User
- https://github.com/JBalanza/CVE-2022-44215
#### Github
+- https://github.com/JBalanza/CVE-2022-44215
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-44268.md b/2022/CVE-2022-44268.md
index 7887ff27c..de8676236 100644
--- a/2022/CVE-2022-44268.md
+++ b/2022/CVE-2022-44268.md
@@ -44,6 +44,7 @@ ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a P
- https://github.com/daniellemonika/CSCE-5552-Prying-Eyes
- https://github.com/doyensec/imagemagick-security-policy-evaluator
- https://github.com/duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC
+- https://github.com/enomothem/PenTestNote
- https://github.com/entr0pie/CVE-2022-44268
- https://github.com/fanbyprinciple/ImageMagick-lfi-poc
- https://github.com/jnschaeffer/cve-2022-44268-detector
diff --git a/2022/CVE-2022-44276.md b/2022/CVE-2022-44276.md
index c3d4cf742..efd36558b 100644
--- a/2022/CVE-2022-44276.md
+++ b/2022/CVE-2022-44276.md
@@ -13,5 +13,6 @@ In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions r
- https://github.com/HerrLeStrate/CVE-2022-44276-PoC
#### Github
+- https://github.com/HerrLeStrate/CVE-2022-44276-PoC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-44830.md b/2022/CVE-2022-44830.md
index c10ba81eb..f2c5bb9a8 100644
--- a/2022/CVE-2022-44830.md
+++ b/2022/CVE-2022-44830.md
@@ -13,6 +13,7 @@ Sourcecodester Event Registration App v1.0 was discovered to contain multiple CS
- https://github.com/RashidKhanPathan/CVE-2022-44830
#### Github
+- https://github.com/RashidKhanPathan/CVE-2022-44830
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-45063.md b/2022/CVE-2022-45063.md
index 3f596a7d8..77a75f49e 100644
--- a/2022/CVE-2022-45063.md
+++ b/2022/CVE-2022-45063.md
@@ -10,7 +10,7 @@ xterm before 375 allows code execution via font ops, e.g., because an OSC 50 res
### POC
#### Reference
-No PoCs from references.
+- http://www.openwall.com/lists/oss-security/2024/06/17/1
#### Github
- https://github.com/ARPSyndicate/cvemon
diff --git a/2022/CVE-2022-45168.md b/2022/CVE-2022-45168.md
new file mode 100644
index 000000000..7020b444c
--- /dev/null
+++ b/2022/CVE-2022-45168.md
@@ -0,0 +1,17 @@
+### [CVE-2022-45168](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45168)
+
+
+
+
+### Description
+
+An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /login/backup_code endpoint and the /api/v1/vdeskintegration/createbackupcodes endpoint, because the application allows a user to generate or regenerate the backup codes before checking the TOTP.
+
+### POC
+
+#### Reference
+- https://www.gruppotim.it/it/footer/red-team.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2022/CVE-2022-45176.md b/2022/CVE-2022-45176.md
new file mode 100644
index 000000000..cafff37d6
--- /dev/null
+++ b/2022/CVE-2022-45176.md
@@ -0,0 +1,17 @@
+### [CVE-2022-45176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45176)
+
+
+
+
+### Description
+
+An issue was discovered in LIVEBOX Collaboration vDesk through v018. Stored Cross-site Scripting (XSS) can occur under the /api/v1/getbodyfile endpoint via the uri parameter. The web application (through its vShare functionality section) doesn't properly check parameters, sent in HTTP requests as input, before saving them on the server. In addition, crafted JavaScript content can then be reflected back to the end user and executed by the web browser.
+
+### POC
+
+#### Reference
+- https://www.gruppotim.it/it/footer/red-team.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2022/CVE-2022-45299.md b/2022/CVE-2022-45299.md
index ac6b65342..9df7e314d 100644
--- a/2022/CVE-2022-45299.md
+++ b/2022/CVE-2022-45299.md
@@ -17,6 +17,7 @@ An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attacke
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/offalltn/CVE-2022-45299
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
diff --git a/2022/CVE-2022-4543.md b/2022/CVE-2022-4543.md
index 3717746f7..388128dcd 100644
--- a/2022/CVE-2022-4543.md
+++ b/2022/CVE-2022-4543.md
@@ -32,5 +32,6 @@ A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KP
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/sunichi/cve-2022-4543-wrapper
+- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
diff --git a/2022/CVE-2022-45599.md b/2022/CVE-2022-45599.md
index 229cfe47d..036373b82 100644
--- a/2022/CVE-2022-45599.md
+++ b/2022/CVE-2022-45599.md
@@ -14,5 +14,6 @@ Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ethancunt/CVE-2022-45599
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-45600.md b/2022/CVE-2022-45600.md
index 9ce023133..3101bfa00 100644
--- a/2022/CVE-2022-45600.md
+++ b/2022/CVE-2022-45600.md
@@ -14,5 +14,6 @@ Aztech WMB250AC Mesh Routers Firmware Version 016 2020 devices improperly manage
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/ethancunt/CVE-2022-45600
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-45697.md b/2022/CVE-2022-45697.md
index fb90e8c9c..4ef92c690 100644
--- a/2022/CVE-2022-45697.md
+++ b/2022/CVE-2022-45697.md
@@ -14,4 +14,5 @@ Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when hand
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Wh04m1001/CVE
diff --git a/2022/CVE-2022-46440.md b/2022/CVE-2022-46440.md
index 53ab8034e..51f22f3ab 100644
--- a/2022/CVE-2022-46440.md
+++ b/2022/CVE-2022-46440.md
@@ -15,4 +15,5 @@ ttftool v0.9.2 was discovered to contain a segmentation violation via the readU1
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/keepinggg/poc
diff --git a/2022/CVE-2022-46485.md b/2022/CVE-2022-46485.md
index 2cb73b305..e35daba26 100644
--- a/2022/CVE-2022-46485.md
+++ b/2022/CVE-2022-46485.md
@@ -13,6 +13,7 @@ Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vul
- https://github.com/WodenSec/CVE-2022-46485
#### Github
+- https://github.com/WodenSec/CVE-2022-46485
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-47072.md b/2022/CVE-2022-47072.md
index 00f4fe28b..637bce62c 100644
--- a/2022/CVE-2022-47072.md
+++ b/2022/CVE-2022-47072.md
@@ -14,4 +14,5 @@ SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows atta
#### Github
- https://github.com/DojoSecurity/DojoSecurity
+- https://github.com/DojoSecurity/Enterprise-Architect-SQL-Injection
diff --git a/2022/CVE-2022-47514.md b/2022/CVE-2022-47514.md
index d2f604db8..e6ca343cc 100644
--- a/2022/CVE-2022-47514.md
+++ b/2022/CVE-2022-47514.md
@@ -14,4 +14,5 @@ An XML external entity (XXE) injection vulnerability in XML-RPC.NET before 2.5.0
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/jumpycastle/xmlrpc.net-poc
diff --git a/2022/CVE-2022-47949.md b/2022/CVE-2022-47949.md
index 4d99ca818..f44296bcc 100644
--- a/2022/CVE-2022-47949.md
+++ b/2022/CVE-2022-47949.md
@@ -14,5 +14,6 @@ The Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons befor
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/PabloMK7/ENLBufferPwn
- https://github.com/dgwynne/udp-bind-proxy
diff --git a/2022/CVE-2022-47966.md b/2022/CVE-2022-47966.md
index 814a2799d..8729ca0f2 100644
--- a/2022/CVE-2022-47966.md
+++ b/2022/CVE-2022-47966.md
@@ -29,6 +29,7 @@ Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through
- https://github.com/UNC1739/awesome-vulnerability-research
- https://github.com/aneasystone/github-trending
- https://github.com/fardeen-ahmed/Bug-bounty-Writeups
+- https://github.com/horizon3ai/CVE-2022-47966
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2022/CVE-2022-48019.md b/2022/CVE-2022-48019.md
index e018eba83..0cbb49c95 100644
--- a/2022/CVE-2022-48019.md
+++ b/2022/CVE-2022-48019.md
@@ -13,4 +13,5 @@ The components wfshbr64.sys and wfshbr32.sys in Another Eden before v3.0.20 and
- https://github.com/kkent030315/CVE-2022-42046
#### Github
+- https://github.com/kkent030315/CVE-2022-42046
diff --git a/2022/CVE-2022-48150.md b/2022/CVE-2022-48150.md
index df7099467..649212033 100644
--- a/2022/CVE-2022-48150.md
+++ b/2022/CVE-2022-48150.md
@@ -14,4 +14,5 @@ Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS) vulnerab
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sahilop123/-CVE-2022-48150
diff --git a/2022/CVE-2022-48311.md b/2022/CVE-2022-48311.md
index e88bcd6b8..11b8e6804 100644
--- a/2022/CVE-2022-48311.md
+++ b/2022/CVE-2022-48311.md
@@ -17,6 +17,7 @@
- https://github.com/karimhabush/cyberowl
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/swzhouu/CVE-2022-48311
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
diff --git a/2023/CVE-2023-1370.md b/2023/CVE-2023-1370.md
index ba1a366f5..3667571e6 100644
--- a/2023/CVE-2023-1370.md
+++ b/2023/CVE-2023-1370.md
@@ -5,7 +5,7 @@
### Description
-[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.
+[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively.It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.
### POC
diff --git a/2023/CVE-2023-20007.md b/2023/CVE-2023-20007.md
index 55d933128..e731286c8 100644
--- a/2023/CVE-2023-20007.md
+++ b/2023/CVE-2023-20007.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause the web-based management process on the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The attacker must have valid administrator credentials.
-
- This vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the web-based management process to restart, resulting in a DoS condition.
+A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause the web-based management process on the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The attacker must have valid administrator credentials.
This vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the web-based management process to restart, resulting in a DoS condition.
### POC
diff --git a/2023/CVE-2023-20009.md b/2023/CVE-2023-20009.md
index f5126d2a5..e7baf443f 100644
--- a/2023/CVE-2023-20009.md
+++ b/2023/CVE-2023-20009.md
@@ -7,9 +7,7 @@
### Description
-A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]].
-
- The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device.
+A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]].
The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device.
### POC
diff --git a/2023/CVE-2023-20010.md b/2023/CVE-2023-20010.md
index 4482eaa6b..565d5d18d 100644
--- a/2023/CVE-2023-20010.md
+++ b/2023/CVE-2023-20010.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
-
- This vulnerability exists because the web-based management interface inadequately validates user input. An attacker could exploit this vulnerability by authenticating to the application as a low-privileged user and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to read or modify any data on the underlying database or elevate their privileges.
+A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
This vulnerability exists because the web-based management interface inadequately validates user input. An attacker could exploit this vulnerability by authenticating to the application as a low-privileged user and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to read or modify any data on the underlying database or elevate their privileges.
### POC
diff --git a/2023/CVE-2023-20019.md b/2023/CVE-2023-20019.md
index 45dbe893a..4b21b9361 100644
--- a/2023/CVE-2023-20019.md
+++ b/2023/CVE-2023-20019.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.
-
- This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
+A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
### POC
diff --git a/2023/CVE-2023-20020.md b/2023/CVE-2023-20020.md
index ee5d26afc..731a1b9d5 100644
--- a/2023/CVE-2023-20020.md
+++ b/2023/CVE-2023-20020.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
-
- This vulnerability is due to improper input validation when parsing HTTP requests. An attacker could exploit this vulnerability by sending a sustained stream of crafted requests to an affected device. A successful exploit could allow the attacker to cause all subsequent requests to be dropped, resulting in a DoS condition.
+A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper input validation when parsing HTTP requests. An attacker could exploit this vulnerability by sending a sustained stream of crafted requests to an affected device. A successful exploit could allow the attacker to cause all subsequent requests to be dropped, resulting in a DoS condition.
### POC
diff --git a/2023/CVE-2023-20025.md b/2023/CVE-2023-20025.md
index 85300e558..5fd853bbc 100644
--- a/2023/CVE-2023-20025.md
+++ b/2023/CVE-2023-20025.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Small Business RV042 Series Routers could allow an unauthenticated, remote attacker to bypass authentication on the affected device.
-
- This vulnerability is due to incorrect user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending crafted requests to the web-based management interface. A successful exploit could allow the attacker to gain root privileges on the affected device.
+A vulnerability in the web-based management interface of Cisco Small Business RV042 Series Routers could allow an unauthenticated, remote attacker to bypass authentication on the affected device.
This vulnerability is due to incorrect user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending crafted requests to the web-based management interface. A successful exploit could allow the attacker to gain root privileges on the affected device.
### POC
@@ -15,6 +13,7 @@ A vulnerability in the web-based management interface of Cisco Small Business RV
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5
#### Github
+- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/lnversed/CVE-2023-20025
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-20026.md b/2023/CVE-2023-20026.md
index 20e04beeb..1ce62fd11 100644
--- a/2023/CVE-2023-20026.md
+++ b/2023/CVE-2023-20026.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Small Business Routers RV042 Series could allow an authenticated, remote attacker to inject arbitrary commands on an affected device.
-
- This vulnerability is due to improper validation of user input fields within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device.
+A vulnerability in the web-based management interface of Cisco Small Business Routers RV042 Series could allow an authenticated, remote attacker to inject arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input fields within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device.
### POC
diff --git a/2023/CVE-2023-20032.md b/2023/CVE-2023-20032.md
index 58ba8c3b8..40d7aa5f7 100644
--- a/2023/CVE-2023-20032.md
+++ b/2023/CVE-2023-20032.md
@@ -9,15 +9,7 @@
### Description
-On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
-
-
- A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.
-
-
- This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.
-
- For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"].
+On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.
This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.
For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"].
### POC
diff --git a/2023/CVE-2023-20043.md b/2023/CVE-2023-20043.md
index 8bd154e30..3130036d8 100644
--- a/2023/CVE-2023-20043.md
+++ b/2023/CVE-2023-20043.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges.
-
- This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by calling the script with sudo. A successful exploit could allow the attacker to take complete control of the affected device.
+A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges.
This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by calling the script with sudo. A successful exploit could allow the attacker to take complete control of the affected device.
### POC
diff --git a/2023/CVE-2023-20046.md b/2023/CVE-2023-20046.md
index 3cf265bd8..bbd312bee 100644
--- a/2023/CVE-2023-20046.md
+++ b/2023/CVE-2023-20046.md
@@ -7,11 +7,7 @@
### Description
-A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.
-
- This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.
-
- There are workarounds that address this vulnerability.
+A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.
There are workarounds that address this vulnerability.
### POC
diff --git a/2023/CVE-2023-20052.md b/2023/CVE-2023-20052.md
index cf416e51a..575b4c826 100644
--- a/2023/CVE-2023-20052.md
+++ b/2023/CVE-2023-20052.md
@@ -5,13 +5,7 @@
### Description
-On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
-
-
- A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
-
-
- This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.
+On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.
### POC
diff --git a/2023/CVE-2023-20057.md b/2023/CVE-2023-20057.md
index 64e94bd64..56d432784 100644
--- a/2023/CVE-2023-20057.md
+++ b/2023/CVE-2023-20057.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device.
-
- This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.
+A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device.
This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.
### POC
diff --git a/2023/CVE-2023-20065.md b/2023/CVE-2023-20065.md
index 41ed79c57..92119e588 100644
--- a/2023/CVE-2023-20065.md
+++ b/2023/CVE-2023-20065.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device.
-
- This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
+A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device.
This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
### POC
diff --git a/2023/CVE-2023-20075.md b/2023/CVE-2023-20075.md
index 021acc8f7..ce12816e3 100644
--- a/2023/CVE-2023-20075.md
+++ b/2023/CVE-2023-20075.md
@@ -5,9 +5,7 @@
### Description
-Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands.
-
- These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.
+Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands.
These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.
### POC
diff --git a/2023/CVE-2023-20098.md b/2023/CVE-2023-20098.md
index a04c64207..aaa6ae60f 100644
--- a/2023/CVE-2023-20098.md
+++ b/2023/CVE-2023-20098.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files.
-
- This vulnerability is due to improper filtering of directory traversal character sequences within system commands. An attacker with administrative privileges could exploit this vulnerability by running a system command containing directory traversal character sequences to target an arbitrary file. A successful exploit could allow the attacker to delete arbitrary files from the system, including files owned by root.
+A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files.
This vulnerability is due to improper filtering of directory traversal character sequences within system commands. An attacker with administrative privileges could exploit this vulnerability by running a system command containing directory traversal character sequences to target an arbitrary file. A successful exploit could allow the attacker to delete arbitrary files from the system, including files owned by root.
### POC
diff --git a/2023/CVE-2023-20105.md b/2023/CVE-2023-20105.md
index 4c4882ea3..f81323c81 100644
--- a/2023/CVE-2023-20105.md
+++ b/2023/CVE-2023-20105.md
@@ -5,11 +5,7 @@
### Description
-A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with Read-only credentials to elevate privileges to Administrator on an affected system.
-
- This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by authenticating to the application as a Read-only user and sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to alter the passwords of any user on the system, including an administrative user, and then impersonate that user.
-
- Note: Cisco Expressway Series refers to the Expressway Control (Expressway-C) device and the Expressway Edge (Expressway-E) device.
+A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with Read-only credentials to elevate privileges to Administrator on an affected system.
This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by authenticating to the application as a Read-only user and sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to alter the passwords of any user on the system, including an administrative user, and then impersonate that user.
Note: Cisco Expressway Series refers to the Expressway Control (Expressway-C) device and the Expressway Edge (Expressway-E) device.
### POC
diff --git a/2023/CVE-2023-20109.md b/2023/CVE-2023-20109.md
index b67285b02..111f693c9 100644
--- a/2023/CVE-2023-20109.md
+++ b/2023/CVE-2023-20109.md
@@ -7,9 +7,7 @@
### Description
-A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash.
-
- This vulnerability is due to insufficient validation of attributes in the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN feature. An attacker could exploit this vulnerability by either compromising an installed key server or modifying the configuration of a group member to point to a key server that is controlled by the attacker. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a denial of service (DoS) condition. For more information, see the Details ["#details"] section of this advisory.
+A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash.
This vulnerability is due to insufficient validation of attributes in the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN feature. An attacker could exploit this vulnerability by either compromising an installed key server or modifying the configuration of a group member to point to a key server that is controlled by the attacker. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a denial of service (DoS) condition. For more information, see the Details ["#details"] section of this advisory.
### POC
diff --git a/2023/CVE-2023-20115.md b/2023/CVE-2023-20115.md
index 6b4a48bb1..640903ea8 100644
--- a/2023/CVE-2023-20115.md
+++ b/2023/CVE-2023-20115.md
@@ -5,11 +5,7 @@
### Description
-A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device.
-
- This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.
-
- There are workarounds that address this vulnerability.
+A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device.
This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.
There are workarounds that address this vulnerability.
### POC
diff --git a/2023/CVE-2023-20116.md b/2023/CVE-2023-20116.md
index 6898f9e49..79d7f43b0 100644
--- a/2023/CVE-2023-20116.md
+++ b/2023/CVE-2023-20116.md
@@ -7,9 +7,7 @@
### Description
-A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
-
- This vulnerability is due to insufficient validation of user-supplied input to the web UI of the Self Care Portal. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
+A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient validation of user-supplied input to the web UI of the Self Care Portal. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
### POC
diff --git a/2023/CVE-2023-20118.md b/2023/CVE-2023-20118.md
index c8c1fd68b..80b17d5a4 100644
--- a/2023/CVE-2023-20118.md
+++ b/2023/CVE-2023-20118.md
@@ -5,11 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
-
- This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
-
- Cisco has not and will not release software updates that address this vulnerability.
+A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
Cisco has not and will not release software updates that address this vulnerability.
### POC
diff --git a/2023/CVE-2023-20119.md b/2023/CVE-2023-20119.md
index 696f963c9..3093b6790 100644
--- a/2023/CVE-2023-20119.md
+++ b/2023/CVE-2023-20119.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
-
- This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
+A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
### POC
diff --git a/2023/CVE-2023-20133.md b/2023/CVE-2023-20133.md
index 13bf8397a..0cba1cf97 100644
--- a/2023/CVE-2023-20133.md
+++ b/2023/CVE-2023-20133.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
-
- This vulnerability exists because of insufficient validation of user-supplied input in Webex Events (classic) programs, email templates, and survey questions. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
+A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability exists because of insufficient validation of user-supplied input in Webex Events (classic) programs, email templates, and survey questions. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
### POC
diff --git a/2023/CVE-2023-20178.md b/2023/CVE-2023-20178.md
index 578137365..b3f75a7e0 100644
--- a/2023/CVE-2023-20178.md
+++ b/2023/CVE-2023-20178.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.
-
- This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.
+A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.
This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.
### POC
diff --git a/2023/CVE-2023-20180.md b/2023/CVE-2023-20180.md
index b698aa7f5..1b073460e 100644
--- a/2023/CVE-2023-20180.md
+++ b/2023/CVE-2023-20180.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
-
- This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions. These actions could include joining meetings and scheduling training sessions.
+A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions. These actions could include joining meetings and scheduling training sessions.
### POC
diff --git a/2023/CVE-2023-20188.md b/2023/CVE-2023-20188.md
index 0081e7b93..4e7f0f6e8 100644
--- a/2023/CVE-2023-20188.md
+++ b/2023/CVE-2023-20188.md
@@ -5,11 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.
-
- This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need to have valid credentials to access the web-based management interface of the affected device.
-
- Cisco has not released software updates to address this vulnerability.
+A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need to have valid credentials to access the web-based management interface of the affected device.
Cisco has not released software updates to address this vulnerability.
### POC
diff --git a/2023/CVE-2023-20197.md b/2023/CVE-2023-20197.md
index 3d82a7dee..6d2f68d91 100644
--- a/2023/CVE-2023-20197.md
+++ b/2023/CVE-2023-20197.md
@@ -7,11 +7,7 @@
### Description
-A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
-
- This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding. An attacker could exploit this vulnerability by submitting a crafted HFS+ filesystem image to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to stop responding, resulting in a DoS condition on the affected software and consuming available system resources.
-
- For a description of this vulnerability, see the ClamAV blog .
+A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding. An attacker could exploit this vulnerability by submitting a crafted HFS+ filesystem image to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to stop responding, resulting in a DoS condition on the affected software and consuming available system resources.
For a description of this vulnerability, see the ClamAV blog .
### POC
diff --git a/2023/CVE-2023-20198.md b/2023/CVE-2023-20198.md
index f1188214b..c8d66672d 100644
--- a/2023/CVE-2023-20198.md
+++ b/2023/CVE-2023-20198.md
@@ -37,6 +37,7 @@ Cisco is providing an update for the ongoing investigation into observed exploit
- https://github.com/XRSec/AWVS-Update
- https://github.com/ZephrFish/CVE-2023-20198-Checker
- https://github.com/ZephrFish/Cisco-IOS-XE-Scanner
+- https://github.com/aleff-github/aleff-github
- https://github.com/aleff-github/my-flipper-shits
- https://github.com/alekos3/CVE_2023_20198_Detector
- https://github.com/alekos3/CVE_2023_20198_Remediator
diff --git a/2023/CVE-2023-20202.md b/2023/CVE-2023-20202.md
index 9244b5a88..31dc2babd 100644
--- a/2023/CVE-2023-20202.md
+++ b/2023/CVE-2023-20202.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.
-
- This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of network requests to an affected device. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to reload, resulting in a DoS condition.
+A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.
This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of network requests to an affected device. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to reload, resulting in a DoS condition.
### POC
diff --git a/2023/CVE-2023-20209.md b/2023/CVE-2023-20209.md
index d76add2bd..c08e332d2 100644
--- a/2023/CVE-2023-20209.md
+++ b/2023/CVE-2023-20209.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device.
-
- This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges.
+A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges.
### POC
diff --git a/2023/CVE-2023-20211.md b/2023/CVE-2023-20211.md
index 6bdef5130..dd7d348cb 100644
--- a/2023/CVE-2023-20211.md
+++ b/2023/CVE-2023-20211.md
@@ -7,9 +7,7 @@
### Description
-A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
-
- This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by authenticating to the application as a user with read-only or higher privileges and sending crafted HTTP requests to an affected system. A successful exploit could allow the attacker to read or modify data in the underlying database or elevate their privileges.
+A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by authenticating to the application as a user with read-only or higher privileges and sending crafted HTTP requests to an affected system. A successful exploit could allow the attacker to read or modify data in the underlying database or elevate their privileges.
### POC
diff --git a/2023/CVE-2023-20217.md b/2023/CVE-2023-20217.md
index 2eec74774..5a013da11 100644
--- a/2023/CVE-2023-20217.md
+++ b/2023/CVE-2023-20217.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device.
-
- This vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing certain commands using sudo. A successful exploit could allow the attacker to view arbitrary files as root on the underlying operating system. The attacker must have valid credentials on the affected device.
+A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing certain commands using sudo. A successful exploit could allow the attacker to view arbitrary files as root on the underlying operating system. The attacker must have valid credentials on the affected device.
### POC
diff --git a/2023/CVE-2023-20218.md b/2023/CVE-2023-20218.md
index c313e86f2..86da4c5d8 100644
--- a/2023/CVE-2023-20218.md
+++ b/2023/CVE-2023-20218.md
@@ -5,13 +5,7 @@
### Description
-A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to to modify a web page in the context of a user's browser.
-
- This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to alter the contents of a web page to redirect the user to potentially malicious websites, or the attacker could use this vulnerability to conduct further client-side attacks.
-
- Cisco will not release software updates that address this vulnerability.
-
- {{value}} ["%7b%7bvalue%7d%7d"])}]]
+A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to to modify a web page in the context of a user's browser.
This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to alter the contents of a web page to redirect the user to potentially malicious websites, or the attacker could use this vulnerability to conduct further client-side attacks.
Cisco will not release software updates that address this vulnerability.
{{value}} ["%7b%7bvalue%7d%7d"])}]]
### POC
diff --git a/2023/CVE-2023-20224.md b/2023/CVE-2023-20224.md
index 31732aba2..7661cdb68 100644
--- a/2023/CVE-2023-20224.md
+++ b/2023/CVE-2023-20224.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device.
-
- This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An attacker could exploit this vulnerability by authenticating to an affected device and using crafted commands at the prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. The attacker must have valid credentials on the affected device.
+A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device.
This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An attacker could exploit this vulnerability by authenticating to an affected device and using crafted commands at the prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. The attacker must have valid credentials on the affected device.
### POC
diff --git a/2023/CVE-2023-20226.md b/2023/CVE-2023-20226.md
index d7b4bfbcc..ba4f99a54 100644
--- a/2023/CVE-2023-20226.md
+++ b/2023/CVE-2023-20226.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.
-
- This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
+A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to the mishandling of a crafted packet stream through the AppQoE or UTD application. An attacker could exploit this vulnerability by sending a crafted packet stream through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
### POC
diff --git a/2023/CVE-2023-20227.md b/2023/CVE-2023-20227.md
index 02212c431..e95964941 100644
--- a/2023/CVE-2023-20227.md
+++ b/2023/CVE-2023-20227.md
@@ -5,11 +5,7 @@
### Description
-A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
-
- This vulnerability is due to improper handling of certain L2TP packets. An attacker could exploit this vulnerability by sending crafted L2TP packets to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.
-
- Note: Only traffic directed to the affected system can be used to exploit this vulnerability.
+A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper handling of certain L2TP packets. An attacker could exploit this vulnerability by sending crafted L2TP packets to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.
Note: Only traffic directed to the affected system can be used to exploit this vulnerability.
### POC
diff --git a/2023/CVE-2023-20231.md b/2023/CVE-2023-20231.md
index 9b46a7f73..b1103b559 100644
--- a/2023/CVE-2023-20231.md
+++ b/2023/CVE-2023-20231.md
@@ -5,11 +5,7 @@
### Description
-A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device.
-
- This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges.
-
- Note: This vulnerability is exploitable only if the attacker obtains the credentials for a Lobby Ambassador account. This account is not configured by default.
+A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device.
This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges.
Note: This vulnerability is exploitable only if the attacker obtains the credentials for a Lobby Ambassador account. This account is not configured by default.
### POC
diff --git a/2023/CVE-2023-20235.md b/2023/CVE-2023-20235.md
index a55ec564c..9390131eb 100644
--- a/2023/CVE-2023-20235.md
+++ b/2023/CVE-2023-20235.md
@@ -5,9 +5,7 @@
### Description
-A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user.
-
- This vulnerability exists because Docker containers with the privileged runtime option are not blocked when they are in application development mode. An attacker could exploit this vulnerability by using the Docker CLI to access an affected device. The application development workflow is meant to be used only on development systems and not in production systems.
+A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user.
This vulnerability exists because Docker containers with the privileged runtime option are not blocked when they are in application development mode. An attacker could exploit this vulnerability by using the Docker CLI to access an affected device. The application development workflow is meant to be used only on development systems and not in production systems.
### POC
diff --git a/2023/CVE-2023-20251.md b/2023/CVE-2023-20251.md
index 912775e15..7d648666c 100644
--- a/2023/CVE-2023-20251.md
+++ b/2023/CVE-2023-20251.md
@@ -7,9 +7,7 @@
### Description
-A vulnerability in the memory buffer of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause memory leaks that could eventually lead to a device reboot.
-
- This vulnerability is due to memory leaks caused by multiple clients connecting under specific conditions. An attacker could exploit this vulnerability by causing multiple wireless clients to attempt to connect to an access point (AP) on an affected device. A successful exploit could allow the attacker to cause the affected device to reboot after a significant amount of time, resulting in a denial of service (DoS) condition.
+A vulnerability in the memory buffer of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause memory leaks that could eventually lead to a device reboot.
This vulnerability is due to memory leaks caused by multiple clients connecting under specific conditions. An attacker could exploit this vulnerability by causing multiple wireless clients to attempt to connect to an access point (AP) on an affected device. A successful exploit could allow the attacker to cause the affected device to reboot after a significant amount of time, resulting in a denial of service (DoS) condition.
### POC
diff --git a/2023/CVE-2023-20268.md b/2023/CVE-2023-20268.md
index 214203d2c..1bd8d86f2 100644
--- a/2023/CVE-2023-20268.md
+++ b/2023/CVE-2023-20268.md
@@ -9,9 +9,7 @@
### Description
-A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.
-
- This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.
+A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device.
This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic.
### POC
diff --git a/2023/CVE-2023-20269.md b/2023/CVE-2023-20269.md
index 4b817525c..d1199f070 100644
--- a/2023/CVE-2023-20269.md
+++ b/2023/CVE-2023-20269.md
@@ -7,21 +7,7 @@
### Description
-A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.
-
- This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following:
-
-
- Identify valid credentials that could then be used to establish an unauthorized remote access VPN session.
- Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier).
-
- Notes:
-
-
- Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured.
- This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured.
-
- Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability.
+A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.
This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following:
Identify valid credentials that could then be used to establish an unauthorized remote access VPN session.
Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier).
Notes:
Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured.
This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured.
Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability.
### POC
diff --git a/2023/CVE-2023-20273.md b/2023/CVE-2023-20273.md
index ff992ab70..ede2d16ef 100644
--- a/2023/CVE-2023-20273.md
+++ b/2023/CVE-2023-20273.md
@@ -17,6 +17,7 @@ A vulnerability in the web UI feature of Cisco IOS XE Software could allow an au
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Shadow0ps/CVE-2023-20198-Scanner
+- https://github.com/aleff-github/aleff-github
- https://github.com/aleff-github/my-flipper-shits
- https://github.com/cadencejames/Check-HttpServerStatus
- https://github.com/f1tao/awesome-iot-security-resource
diff --git a/2023/CVE-2023-20598.md b/2023/CVE-2023-20598.md
index 84a2c5c9b..77165471e 100644
--- a/2023/CVE-2023-20598.md
+++ b/2023/CVE-2023-20598.md
@@ -25,4 +25,5 @@ No PoCs from references.
#### Github
- https://github.com/hfiref0x/KDU
+- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-2123.md b/2023/CVE-2023-2123.md
index 31bb375d6..86076dcfa 100644
--- a/2023/CVE-2023-2123.md
+++ b/2023/CVE-2023-2123.md
@@ -15,5 +15,6 @@ The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and
#### Github
- https://github.com/0xn4d/poc-cve-xss-encoded-wp-inventory-manager-plugin
+- https://github.com/daniloalbuqrque/poc-cve-xss-encoded-wp-inventory-manager-plugin
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-21839.md b/2023/CVE-2023-21839.md
index 30770a2c7..dbfdf3476 100644
--- a/2023/CVE-2023-21839.md
+++ b/2023/CVE-2023-21839.md
@@ -14,6 +14,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
- https://www.oracle.com/security-alerts/cpujan2023.html
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/0xn0ne/simple-scanner
- https://github.com/20142995/pocsuite3
- https://github.com/20142995/sectool
diff --git a/2023/CVE-2023-21987.md b/2023/CVE-2023-21987.md
index 7835e8396..42b880e47 100644
--- a/2023/CVE-2023-21987.md
+++ b/2023/CVE-2023-21987.md
@@ -14,4 +14,5 @@ Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (comp
#### Github
- https://github.com/AtonceInventions/Hypervisor
+- https://github.com/husseinmuhaisen/Hypervisor
diff --git a/2023/CVE-2023-21991.md b/2023/CVE-2023-21991.md
index 7a68422da..bdcc2f995 100644
--- a/2023/CVE-2023-21991.md
+++ b/2023/CVE-2023-21991.md
@@ -14,4 +14,5 @@ Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (comp
#### Github
- https://github.com/AtonceInventions/Hypervisor
+- https://github.com/husseinmuhaisen/Hypervisor
diff --git a/2023/CVE-2023-22515.md b/2023/CVE-2023-22515.md
index 05723667f..8f4321d63 100644
--- a/2023/CVE-2023-22515.md
+++ b/2023/CVE-2023-22515.md
@@ -6,9 +6,7 @@
### Description
-Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
-
-Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
+Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
### POC
diff --git a/2023/CVE-2023-22527.md b/2023/CVE-2023-22527.md
index 848c91707..e2fdeda50 100644
--- a/2023/CVE-2023-22527.md
+++ b/2023/CVE-2023-22527.md
@@ -36,6 +36,7 @@ A template injection vulnerability on older versions of Confluence Data Center a
- https://github.com/RevoltSecurities/CVE-2023-22527
- https://github.com/Sudistark/patch-diff-CVE-2023-22527
- https://github.com/Threekiii/Awesome-POC
+- https://github.com/Threekiii/Awesome-Redteam
- https://github.com/Threekiii/CVE
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/Tropinene/Yscanner
diff --git a/2023/CVE-2023-22906.md b/2023/CVE-2023-22906.md
index 53efd5cdf..6bd671956 100644
--- a/2023/CVE-2023-22906.md
+++ b/2023/CVE-2023-22906.md
@@ -15,4 +15,5 @@ Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileg
#### Github
- https://github.com/abrahim7112/Vulnerability-checking-program-for-Android
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/nonamecoder/CVE-2023-22906
diff --git a/2023/CVE-2023-23169.md b/2023/CVE-2023-23169.md
index 70fd7f818..da0703ef0 100644
--- a/2023/CVE-2023-23169.md
+++ b/2023/CVE-2023-23169.md
@@ -13,5 +13,6 @@ Synapsoft pdfocus 1.17 is vulnerable to local file inclusion and server-side req
- https://github.com/S4nshine/CVE-2023-23169
#### Github
+- https://github.com/S4nshine/CVE-2023-23169
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-23333.md b/2023/CVE-2023-23333.md
index 6996962b0..de2f66142 100644
--- a/2023/CVE-2023-23333.md
+++ b/2023/CVE-2023-23333.md
@@ -17,6 +17,7 @@ There is a command injection vulnerability in SolarView Compact through 6.00, at
- https://github.com/BugBlocker/lotus-scripts
- https://github.com/Mr-xn/CVE-2023-23333
- https://github.com/Mr-xn/Penetration_Testing_POC
+- https://github.com/Timorlover/CVE-2023-23333
- https://github.com/WhiteOwl-Pub/PoC-SolarView-Compact-CVE-2023-23333
- https://github.com/abrahim7112/Vulnerability-checking-program-for-Android
- https://github.com/dddinmx/POC-Pocsuite3
diff --git a/2023/CVE-2023-23397.md b/2023/CVE-2023-23397.md
index 68d216489..c39da8f18 100644
--- a/2023/CVE-2023-23397.md
+++ b/2023/CVE-2023-23397.md
@@ -58,6 +58,7 @@ No PoCs from references.
- https://github.com/ahmedkhlief/CVE-2023-23397-POC
- https://github.com/ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook
- https://github.com/alecdhuse/Lantern-Shark
+- https://github.com/aleff-github/aleff-github
- https://github.com/aleff-github/my-flipper-shits
- https://github.com/alicangnll/CVE-2023-23397
- https://github.com/alsaeroth/CVE-2023-23397-POC
diff --git a/2023/CVE-2023-23563.md b/2023/CVE-2023-23563.md
index a32ce3a5b..e96ecd14a 100644
--- a/2023/CVE-2023-23563.md
+++ b/2023/CVE-2023-23563.md
@@ -14,4 +14,5 @@ An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authentica
- https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md
#### Github
+- https://github.com/Orange-Cyberdefense/CVE-repository
diff --git a/2023/CVE-2023-23564.md b/2023/CVE-2023-23564.md
index fb0b99122..5386c5540 100644
--- a/2023/CVE-2023-23564.md
+++ b/2023/CVE-2023-23564.md
@@ -14,4 +14,5 @@ An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authentica
- https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md
#### Github
+- https://github.com/Orange-Cyberdefense/CVE-repository
diff --git a/2023/CVE-2023-23565.md b/2023/CVE-2023-23565.md
index fd041cf28..a50308a2d 100644
--- a/2023/CVE-2023-23565.md
+++ b/2023/CVE-2023-23565.md
@@ -14,4 +14,5 @@ An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authentica
- https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md
#### Github
+- https://github.com/Orange-Cyberdefense/CVE-repository
diff --git a/2023/CVE-2023-23583.md b/2023/CVE-2023-23583.md
index 04ac64979..222a846b1 100644
--- a/2023/CVE-2023-23583.md
+++ b/2023/CVE-2023-23583.md
@@ -17,6 +17,7 @@ No PoCs from references.
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/Mav3r1ck0x1/CVE-2023-23583-Reptar-
- https://github.com/blazcode/INTEL-SA-00950
+- https://github.com/codexlynx/hardware-attacks-state-of-the-art
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/speed47/spectre-meltdown-checker
diff --git a/2023/CVE-2023-23607.md b/2023/CVE-2023-23607.md
index 62426c647..ed764d54a 100644
--- a/2023/CVE-2023-23607.md
+++ b/2023/CVE-2023-23607.md
@@ -13,5 +13,5 @@ erohtar/Dasherr is a dashboard for self-hosted services. In affected versions un
- https://github.com/erohtar/Dasherr/security/advisories/GHSA-6rgc-2x44-7phq
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-23752.md b/2023/CVE-2023-23752.md
index 97b025b18..d6a95c2d4 100644
--- a/2023/CVE-2023-23752.md
+++ b/2023/CVE-2023-23752.md
@@ -35,6 +35,7 @@ No PoCs from references.
- https://github.com/BearClaw96/Joomla-v4.x-Unauthenticated-information-disclosure
- https://github.com/BugBlocker/lotus-scripts
- https://github.com/C1ph3rX13/CVE-2023-23752
+- https://github.com/CLincat/vulcat
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
diff --git a/2023/CVE-2023-24580.md b/2023/CVE-2023-24580.md
index 9b22245b1..4dca2e7c2 100644
--- a/2023/CVE-2023-24580.md
+++ b/2023/CVE-2023-24580.md
@@ -14,4 +14,5 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/seal-community/patches
diff --git a/2023/CVE-2023-24709.md b/2023/CVE-2023-24709.md
index 721b7b5a0..446893109 100644
--- a/2023/CVE-2023-24709.md
+++ b/2023/CVE-2023-24709.md
@@ -17,6 +17,7 @@ An issue found in Paradox Security Systems IPR512 allows attackers to cause a de
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/DRAGOWN/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC
+- https://github.com/SlashXzerozero/Injection-vulnerability-in-Paradox-Security-Systems-IPR512
- https://github.com/SlashXzerozero/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-25157.md b/2023/CVE-2023-25157.md
index 1d9c9691f..d33148c47 100644
--- a/2023/CVE-2023-25157.md
+++ b/2023/CVE-2023-25157.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/0x2458bughunt/CVE-2023-25157
- https://github.com/0x783kb/Security-operation-book
+- https://github.com/0xMarcio/cve
- https://github.com/20142995/sectool
- https://github.com/7imbitz/CVE-2023-25157-checker
- https://github.com/Awrrays/FrameVul
diff --git a/2023/CVE-2023-25690.md b/2023/CVE-2023-25690.md
index 4a4b1aa48..dc1ed2b37 100644
--- a/2023/CVE-2023-25690.md
+++ b/2023/CVE-2023-25690.md
@@ -18,6 +18,7 @@ Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.5
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/EGI-Federation/SVG-advisories
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/GGontijo/CTF-s
- https://github.com/GhostTroops/TOP
- https://github.com/H4lo/awesome-IoT-security-article
diff --git a/2023/CVE-2023-2579.md b/2023/CVE-2023-2579.md
index 3b6fcdabb..016dc8b76 100644
--- a/2023/CVE-2023-2579.md
+++ b/2023/CVE-2023-2579.md
@@ -15,5 +15,6 @@ The InventoryPress WordPress plugin through 1.7 does not sanitise and escape som
#### Github
- https://github.com/0xn4d/poc-cve-xss-inventory-press-plugin
+- https://github.com/daniloalbuqrque/poc-cve-xss-inventory-press-plugin
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-26112.md b/2023/CVE-2023-26112.md
index 6a20d07cf..502b0c82a 100644
--- a/2023/CVE-2023-26112.md
+++ b/2023/CVE-2023-26112.md
@@ -5,10 +5,7 @@
### Description
-All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)\((.*)\).
-
-**Note:** This is only exploitable in the case of a developer, putting the offending value in a server side configuration file.
-
+All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)\((.*)\).
**Note:** This is only exploitable in the case of a developer, putting the offending value in a server side configuration file.
### POC
diff --git a/2023/CVE-2023-26115.md b/2023/CVE-2023-26115.md
index 7b27caff5..6ee5f6375 100644
--- a/2023/CVE-2023-26115.md
+++ b/2023/CVE-2023-26115.md
@@ -6,8 +6,7 @@
### Description
-All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.
-
+All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.
### POC
diff --git a/2023/CVE-2023-26122.md b/2023/CVE-2023-26122.md
index 495876cdf..7d7d88a61 100644
--- a/2023/CVE-2023-26122.md
+++ b/2023/CVE-2023-26122.md
@@ -5,12 +5,7 @@
### Description
-All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.
-Exploiting this vulnerability might result in remote code execution ("RCE").
-
-**Vulnerable functions:**
-
-__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf().
+All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.
Exploiting this vulnerability might result in remote code execution ("RCE").
**Vulnerable functions:**
__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf().
### POC
diff --git a/2023/CVE-2023-26123.md b/2023/CVE-2023-26123.md
index da03cfb4b..fac99b54a 100644
--- a/2023/CVE-2023-26123.md
+++ b/2023/CVE-2023-26123.md
@@ -5,9 +5,7 @@
### Description
-Versions of the package raysan5/raylib before 4.5.0 are vulnerable to Cross-site Scripting (XSS) such that the SetClipboardText API does not properly escape the ' character, allowing attacker-controlled input to break out of the string and execute arbitrary JavaScript via emscripten_run_script function.
-
-**Note:** This vulnerability is present only when compiling raylib for PLATFORM_WEB. All the other Desktop/Mobile/Embedded platforms are not affected.
+Versions of the package raysan5/raylib before 4.5.0 are vulnerable to Cross-site Scripting (XSS) such that the SetClipboardText API does not properly escape the ' character, allowing attacker-controlled input to break out of the string and execute arbitrary JavaScript via emscripten_run_script function.
**Note:** This vulnerability is present only when compiling raylib for PLATFORM_WEB. All the other Desktop/Mobile/Embedded platforms are not affected.
### POC
diff --git a/2023/CVE-2023-26125.md b/2023/CVE-2023-26125.md
index fa6537296..e9cb19332 100644
--- a/2023/CVE-2023-26125.md
+++ b/2023/CVE-2023-26125.md
@@ -5,9 +5,7 @@
### Description
-Versions of the package github.com/gin-gonic/gin before 1.9.0 are vulnerable to Improper Input Validation by allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning.
-
-**Note:** Although this issue does not pose a significant threat on its own it can serve as an input vector for other more impactful vulnerabilities. However, successful exploitation may depend on the server configuration and whether the header is used in the application logic.
+Versions of the package github.com/gin-gonic/gin before 1.9.0 are vulnerable to Improper Input Validation by allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning.
**Note:** Although this issue does not pose a significant threat on its own it can serve as an input vector for other more impactful vulnerabilities. However, successful exploitation may depend on the server configuration and whether the header is used in the application logic.
### POC
diff --git a/2023/CVE-2023-26126.md b/2023/CVE-2023-26126.md
index 4abf3846f..f07257313 100644
--- a/2023/CVE-2023-26126.md
+++ b/2023/CVE-2023-26126.md
@@ -5,8 +5,7 @@
### Description
-All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.
-
+All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.
### POC
diff --git a/2023/CVE-2023-26127.md b/2023/CVE-2023-26127.md
index 623b43b27..cf1c6abc9 100644
--- a/2023/CVE-2023-26127.md
+++ b/2023/CVE-2023-26127.md
@@ -5,11 +5,7 @@
### Description
-All versions of the package n158 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports' function.
-
-**Note:**
-
-To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.
+All versions of the package n158 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports' function.
**Note:**
To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.
### POC
diff --git a/2023/CVE-2023-26128.md b/2023/CVE-2023-26128.md
index a5a642e9b..13840b6fe 100644
--- a/2023/CVE-2023-26128.md
+++ b/2023/CVE-2023-26128.md
@@ -5,11 +5,7 @@
### Description
-All versions of the package keep-module-latest are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the installModule function.
-
-**Note:**
-
-To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.
+All versions of the package keep-module-latest are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the installModule function.
**Note:**
To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.
### POC
diff --git a/2023/CVE-2023-26129.md b/2023/CVE-2023-26129.md
index 60971d181..6a15b4e96 100644
--- a/2023/CVE-2023-26129.md
+++ b/2023/CVE-2023-26129.md
@@ -5,11 +5,7 @@
### Description
-All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file.
-
-**Note:**
-
-To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.
+All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file.
**Note:**
To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.
### POC
diff --git a/2023/CVE-2023-26130.md b/2023/CVE-2023-26130.md
index 02afa5b33..327c0e5f6 100644
--- a/2023/CVE-2023-26130.md
+++ b/2023/CVE-2023-26130.md
@@ -5,9 +5,7 @@
### Description
-Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors.
-
-**Note:** This issue is present due to an incomplete fix for [CVE-2020-11709](https://security.snyk.io/vuln/SNYK-UNMANAGED-YHIROSECPPHTTPLIB-2366507).
+Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors.
**Note:** This issue is present due to an incomplete fix for [CVE-2020-11709](https://security.snyk.io/vuln/SNYK-UNMANAGED-YHIROSECPPHTTPLIB-2366507).
### POC
diff --git a/2023/CVE-2023-26131.md b/2023/CVE-2023-26131.md
index 85a64f25f..efa9689e9 100644
--- a/2023/CVE-2023-26131.md
+++ b/2023/CVE-2023-26131.md
@@ -6,8 +6,7 @@
### Description
-All versions of the package github.com/xyproto/algernon/engine; all versions of the package github.com/xyproto/algernon/themes are vulnerable to Cross-site Scripting (XSS) via the themes.NoPage(filename, theme) function due to improper user input sanitization. Exploiting this vulnerability is possible when a file/resource is not found.
-
+All versions of the package github.com/xyproto/algernon/engine; all versions of the package github.com/xyproto/algernon/themes are vulnerable to Cross-site Scripting (XSS) via the themes.NoPage(filename, theme) function due to improper user input sanitization. Exploiting this vulnerability is possible when a file/resource is not found.
### POC
diff --git a/2023/CVE-2023-26133.md b/2023/CVE-2023-26133.md
index 9cf648fe2..ae2181f9b 100644
--- a/2023/CVE-2023-26133.md
+++ b/2023/CVE-2023-26133.md
@@ -5,8 +5,7 @@
### Description
-All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend() in the file utils.js.
-
+All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend() in the file utils.js.
### POC
diff --git a/2023/CVE-2023-26144.md b/2023/CVE-2023-26144.md
index 71442e72a..0fe2520a9 100644
--- a/2023/CVE-2023-26144.md
+++ b/2023/CVE-2023-26144.md
@@ -5,9 +5,7 @@
### Description
-Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance.
-
-**Note:** It was not proven that this vulnerability can crash the process.
+Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance.
**Note:** It was not proven that this vulnerability can crash the process.
### POC
diff --git a/2023/CVE-2023-26145.md b/2023/CVE-2023-26145.md
index 30c8dfc97..4e2904973 100644
--- a/2023/CVE-2023-26145.md
+++ b/2023/CVE-2023-26145.md
@@ -5,18 +5,7 @@
### Description
-This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke() and pydash.collections.invoke_map() accept dotted paths (Deep Path Strings) to target a nested Python object, relative to the original source object. These paths can be used to target internal class attributes and dict items, to retrieve, modify or invoke nested Python objects.
-
-**Note:**
-
-The pydash.objects.invoke() method is vulnerable to Command Injection when the following prerequisites are satisfied:
-
-1) The source object (argument 1) is not a built-in object such as list/dict (otherwise, the __init__.__globals__ path is not accessible)
-
-2) The attacker has control over argument 2 (the path string) and argument 3 (the argument to pass to the invoked method)
-
-
-The pydash.collections.invoke_map() method is also vulnerable, but is harder to exploit as the attacker does not have direct control over the argument to be passed to the invoked function.
+This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke() and pydash.collections.invoke_map() accept dotted paths (Deep Path Strings) to target a nested Python object, relative to the original source object. These paths can be used to target internal class attributes and dict items, to retrieve, modify or invoke nested Python objects.
**Note:**
The pydash.objects.invoke() method is vulnerable to Command Injection when the following prerequisites are satisfied:
1) The source object (argument 1) is not a built-in object such as list/dict (otherwise, the __init__.__globals__ path is not accessible)
2) The attacker has control over argument 2 (the path string) and argument 3 (the argument to pass to the invoked method)
The pydash.collections.invoke_map() method is also vulnerable, but is harder to exploit as the attacker does not have direct control over the argument to be passed to the invoked function.
### POC
diff --git a/2023/CVE-2023-26149.md b/2023/CVE-2023-26149.md
index 69a7c2003..b585e359f 100644
--- a/2023/CVE-2023-26149.md
+++ b/2023/CVE-2023-26149.md
@@ -5,11 +5,7 @@
### Description
-Versions of the package quill-mention before 4.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, via the renderList function.
-
-**Note:**
-
-If the mentions list is sourced from unsafe (user-sourced) data, this might allow an injection attack when a Quill user hits @.
+Versions of the package quill-mention before 4.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, via the renderList function.
**Note:**
If the mentions list is sourced from unsafe (user-sourced) data, this might allow an injection attack when a Quill user hits @.
### POC
diff --git a/2023/CVE-2023-26150.md b/2023/CVE-2023-26150.md
index c38f7c313..88df5f52a 100644
--- a/2023/CVE-2023-26150.md
+++ b/2023/CVE-2023-26150.md
@@ -5,11 +5,7 @@
### Description
-Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication.
-
-**Note:**
-
-This issue is a result of missing checks for services that require an active session.
+Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication.
**Note:**
This issue is a result of missing checks for services that require an active session.
### POC
diff --git a/2023/CVE-2023-26153.md b/2023/CVE-2023-26153.md
index 245702ded..18f19433b 100644
--- a/2023/CVE-2023-26153.md
+++ b/2023/CVE-2023-26153.md
@@ -5,11 +5,7 @@
### Description
-Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geo_location' cookie. This issue can be exploited remotely via a malicious cookie value.
-
-**Note:**
-
- An attacker can use this vulnerability to execute commands on the host system.
+Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geo_location' cookie. This issue can be exploited remotely via a malicious cookie value.
**Note:**
An attacker can use this vulnerability to execute commands on the host system.
### POC
diff --git a/2023/CVE-2023-26156.md b/2023/CVE-2023-26156.md
index 80c975b68..6ed271e24 100644
--- a/2023/CVE-2023-26156.md
+++ b/2023/CVE-2023-26156.md
@@ -5,11 +5,7 @@
### Description
-Versions of the package chromedriver before 119.0.1 are vulnerable to Command Injection when setting the chromedriver.path to an arbitrary system binary. This could lead to unauthorized access and potentially malicious actions on the host system.
-
-**Note:**
-
-An attacker must have access to the system running the vulnerable chromedriver library to exploit it. The success of exploitation also depends on the permissions and privileges of the process running chromedriver.
+Versions of the package chromedriver before 119.0.1 are vulnerable to Command Injection when setting the chromedriver.path to an arbitrary system binary. This could lead to unauthorized access and potentially malicious actions on the host system.
**Note:**
An attacker must have access to the system running the vulnerable chromedriver library to exploit it. The success of exploitation also depends on the permissions and privileges of the process running chromedriver.
### POC
diff --git a/2023/CVE-2023-26158.md b/2023/CVE-2023-26158.md
index de8f656a1..a0c0ba62d 100644
--- a/2023/CVE-2023-26158.md
+++ b/2023/CVE-2023-26158.md
@@ -5,58 +5,7 @@
### Description
-All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf).
-
-User controlled inputs inside the extend() method of the Mock.Handler, Mock.Random, Mock.RE.Handler or Mock.Util, will allow an attacker to exploit this vulnerability.
-
- Workaround
-
-By using a denylist of dangerous attributes, this weakness can be eliminated.
-
-Add the following line in the Util.extend function:
-
-js
-js if (["__proto__", "constructor", "prototype"].includes(name)) continue
-
-
-js
-// src/mock/handler.js
-Util.extend = function extend() {
- var target = arguments[0] || {},
- i = 1,
- length = arguments.length,
- options, name, src, copy, clone
-
- if (length === 1) {
- target = this
- i = 0
- }
-
- for (; i < length; i++) {
- options = arguments[i]
- if (!options) continue
-
- for (name in options) {
- if (["__proto__", "constructor", "prototype"].includes(name)) continue
- src = target[name]
- copy = options[name]
-
- if (target === copy) continue
- if (copy === undefined) continue
-
- if (Util.isArray(copy) || Util.isObject(copy)) {
- if (Util.isArray(copy)) clone = src && Util.isArray(src) ? src : []
- if (Util.isObject(copy)) clone = src && Util.isObject(src) ? src : {}
-
- target[name] = Util.extend(clone, copy)
- } else {
- target[name] = copy
- }
- }
- }
-
- return target
- }
+All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf).
User controlled inputs inside the extend() method of the Mock.Handler, Mock.Random, Mock.RE.Handler or Mock.Util, will allow an attacker to exploit this vulnerability.
Workaround
By using a denylist of dangerous attributes, this weakness can be eliminated.
Add the following line in the Util.extend function:
js
js if (["__proto__", "constructor", "prototype"].includes(name)) continue
js
// src/mock/handler.js
Util.extend = function extend() {
var target = arguments[0] || {},
i = 1,
length = arguments.length,
options, name, src, copy, clone
if (length === 1) {
target = this
i = 0
}
for (; i < length; i++) {
options = arguments[i]
if (!options) continue
for (name in options) {
if (["__proto__", "constructor", "prototype"].includes(name)) continue
src = target[name]
copy = options[name]
if (target === copy) continue
if (copy === undefined) continue
if (Util.isArray(copy) || Util.isObject(copy)) {
if (Util.isArray(copy)) clone = src && Util.isArray(src) ? src : []
if (Util.isObject(copy)) clone = src && Util.isObject(src) ? src : {}
target[name] = Util.extend(clone, copy)
} else {
target[name] = copy
}
}
}
return target
}
### POC
diff --git a/2023/CVE-2023-2640.md b/2023/CVE-2023-2640.md
index dd6587587..35ce8c38e 100644
--- a/2023/CVE-2023-2640.md
+++ b/2023/CVE-2023-2640.md
@@ -16,6 +16,7 @@ No PoCs from references.
- https://github.com/0xWhoami35/root-kernel
- https://github.com/0xsyr0/OSCP
- https://github.com/Ev3rPalestine/Analytics-HTB-Walkthrough
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/K5LK/CVE-2023-2640-32629
- https://github.com/Kiosec/Linux-Exploitation
- https://github.com/Nkipohcs/CVE-2023-2640-CVE-2023-32629
diff --git a/2023/CVE-2023-27035.md b/2023/CVE-2023-27035.md
index 2e811ef6b..7c3af3c6b 100644
--- a/2023/CVE-2023-27035.md
+++ b/2023/CVE-2023-27035.md
@@ -14,5 +14,6 @@ An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send des
- https://github.com/fivex3/CVE-2023-27035
#### Github
+- https://github.com/fivex3/CVE-2023-27035
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-27055.md b/2023/CVE-2023-27055.md
index 106cc3ab4..146fc8d82 100644
--- a/2023/CVE-2023-27055.md
+++ b/2023/CVE-2023-27055.md
@@ -13,4 +13,5 @@ Aver Information Inc PTZApp2 v20.01044.48 allows attackers to access sensitive f
- https://github.com/StolidWaffle/AVer-PTZApp2
#### Github
+- https://github.com/StolidWaffle/AVer-PTZApp2
diff --git a/2023/CVE-2023-27522.md b/2023/CVE-2023-27522.md
index 20bdb51e2..49c7e2a46 100644
--- a/2023/CVE-2023-27522.md
+++ b/2023/CVE-2023-27522.md
@@ -14,6 +14,7 @@ No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/xonoxitron/cpe2cve
diff --git a/2023/CVE-2023-27653.md b/2023/CVE-2023-27653.md
new file mode 100644
index 000000000..122fe2585
--- /dev/null
+++ b/2023/CVE-2023-27653.md
@@ -0,0 +1,17 @@
+### [CVE-2023-27653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27653)
+
+
+
+
+### Description
+
+An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a denial of service via the SharedPreference files.
+
+### POC
+
+#### Reference
+- https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27653/CVE%20detail.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-27654.md b/2023/CVE-2023-27654.md
new file mode 100644
index 000000000..bc473b084
--- /dev/null
+++ b/2023/CVE-2023-27654.md
@@ -0,0 +1,17 @@
+### [CVE-2023-27654](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27654)
+
+
+
+
+### Description
+
+An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a escalation of privileges via the TTMultiProvider component.
+
+### POC
+
+#### Reference
+- https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27654/CVE%20detail.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-27742.md b/2023/CVE-2023-27742.md
index d3a9a1765..8e9393882 100644
--- a/2023/CVE-2023-27742.md
+++ b/2023/CVE-2023-27742.md
@@ -13,5 +13,6 @@ IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via th
- https://github.com/G37SYS73M/CVE-2023-27742
#### Github
+- https://github.com/G37SYS73M/CVE-2023-27742
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-27842.md b/2023/CVE-2023-27842.md
index 86e65290d..144c622d3 100644
--- a/2023/CVE-2023-27842.md
+++ b/2023/CVE-2023-27842.md
@@ -18,4 +18,5 @@ Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2
- https://github.com/0xFTW/CVE-2023-27842
- https://github.com/cowsecurity/CVE-2023-27842
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/tristao-marinho/CVE-2023-27842
diff --git a/2023/CVE-2023-28252.md b/2023/CVE-2023-28252.md
index 6a633ac41..eae917346 100644
--- a/2023/CVE-2023-28252.md
+++ b/2023/CVE-2023-28252.md
@@ -47,6 +47,7 @@ Windows Common Log File System Driver Elevation of Privilege Vulnerability
- http://packetstormsecurity.com/files/174668/Windows-Common-Log-File-System-Driver-clfs.sys-Privilege-Escalation.html
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/726232111/CVE-2023-28252
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2023/CVE-2023-28489.md b/2023/CVE-2023-28489.md
index ba8ba40ef..1a9844f5c 100644
--- a/2023/CVE-2023-28489.md
+++ b/2023/CVE-2023-28489.md
@@ -6,8 +6,7 @@
### Description
-A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation” is enabled. The parameter is disabled by default.
-The vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution on the device.
+A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation” is enabled. The parameter is disabled by default.
The vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution on the device.
### POC
diff --git a/2023/CVE-2023-28708.md b/2023/CVE-2023-28708.md
index 004187d18..59ba78997 100644
--- a/2023/CVE-2023-28708.md
+++ b/2023/CVE-2023-28708.md
@@ -19,4 +19,5 @@ No PoCs from references.
- https://github.com/fernandoreb/dependency-check-springboot
- https://github.com/scordero1234/java_sec_demo-main
- https://github.com/trganda/dockerv
+- https://github.com/versio-io/product-lifecycle-security-api
diff --git a/2023/CVE-2023-29357.md b/2023/CVE-2023-29357.md
index da37df7bc..58850be7f 100644
--- a/2023/CVE-2023-29357.md
+++ b/2023/CVE-2023-29357.md
@@ -13,6 +13,7 @@ Microsoft SharePoint Server Elevation of Privilege Vulnerability
No PoCs from references.
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/Chocapikk/CVE-2023-29357
diff --git a/2023/CVE-2023-29360.md b/2023/CVE-2023-29360.md
index c354d5e8c..18681cf2e 100644
--- a/2023/CVE-2023-29360.md
+++ b/2023/CVE-2023-29360.md
@@ -29,6 +29,9 @@ Microsoft Streaming Service Elevation of Privilege Vulnerability
No PoCs from references.
#### Github
+- https://github.com/CVEDB/awesome-cve-repo
+- https://github.com/CVEDB/top
+- https://github.com/GhostTroops/TOP
- https://github.com/Nero22k/cve-2023-29360
- https://github.com/Ostorlab/KEV
- https://github.com/cvefeed/cvefeed.io
diff --git a/2023/CVE-2023-29478.md b/2023/CVE-2023-29478.md
index d72a0398f..cd5cb6a29 100644
--- a/2023/CVE-2023-29478.md
+++ b/2023/CVE-2023-29478.md
@@ -14,5 +14,6 @@ BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filename
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Exopteron/BiblioRCE
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-2986.md b/2023/CVE-2023-2986.md
index c7a7b7843..6b7747ac3 100644
--- a/2023/CVE-2023-2986.md
+++ b/2023/CVE-2023-2986.md
@@ -17,6 +17,7 @@ The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to au
#### Github
- https://github.com/Alucard0x1/CVE-2023-2986
+- https://github.com/Ayantaker/CVE-2023-2986
- https://github.com/abrahim7112/Vulnerability-checking-program-for-Android
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-30145.md b/2023/CVE-2023-30145.md
index a08e77994..a99d841ba 100644
--- a/2023/CVE-2023-30145.md
+++ b/2023/CVE-2023-30145.md
@@ -16,4 +16,5 @@ Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/paragbagul111/CVE-2023-30145
diff --git a/2023/CVE-2023-30146.md b/2023/CVE-2023-30146.md
index 155fac892..a20ce35de 100644
--- a/2023/CVE-2023-30146.md
+++ b/2023/CVE-2023-30146.md
@@ -13,5 +13,6 @@ Assmann Digitus Plug&View IP Camera HT-IP211HDP, version 2.000.022 allows unauth
- https://github.com/L1-0/CVE-2023-30146
#### Github
+- https://github.com/L1-0/CVE-2023-30146
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-30256.md b/2023/CVE-2023-30256.md
index d1348742a..ffbbf9614 100644
--- a/2023/CVE-2023-30256.md
+++ b/2023/CVE-2023-30256.md
@@ -14,6 +14,7 @@ Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remo
- https://github.com/ahrixia/CVE-2023-30256
#### Github
+- https://github.com/ahrixia/CVE-2023-30256
- https://github.com/ahrixia/ahrixia
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-30330.md b/2023/CVE-2023-30330.md
index 66dc7a7c5..d4e6d6e2e 100644
--- a/2023/CVE-2023-30330.md
+++ b/2023/CVE-2023-30330.md
@@ -14,4 +14,5 @@ SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Loca
- https://www.exploit-db.com/exploits/51404
#### Github
+- https://github.com/Filiplain/LFI-to-RCE-SE-Suite-2.0
diff --git a/2023/CVE-2023-30367.md b/2023/CVE-2023-30367.md
index 13d1a7379..0aaf33963 100644
--- a/2023/CVE-2023-30367.md
+++ b/2023/CVE-2023-30367.md
@@ -14,6 +14,7 @@ Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software tha
- https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumper
#### Github
+- https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumper
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-3044.md b/2023/CVE-2023-3044.md
index 94378b746..0e3e85491 100644
--- a/2023/CVE-2023-3044.md
+++ b/2023/CVE-2023-3044.md
@@ -13,4 +13,5 @@ An excessively large PDF page size (found in fuzz testing, unlikely in normal PD
- https://github.com/baker221/poc-xpdf
#### Github
+- https://github.com/baker221/poc-xpdf
diff --git a/2023/CVE-2023-30459.md b/2023/CVE-2023-30459.md
index d1128b6d3..92d900810 100644
--- a/2023/CVE-2023-30459.md
+++ b/2023/CVE-2023-30459.md
@@ -14,5 +14,6 @@ SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has admin
- https://smartptt.com
#### Github
+- https://github.com/Toxich4/CVE-2023-30459
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-30757.md b/2023/CVE-2023-30757.md
index 8581b25a1..c6b5e3115 100644
--- a/2023/CVE-2023-30757.md
+++ b/2023/CVE-2023-30757.md
@@ -11,9 +11,7 @@
### Description
-A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). The know-how protection feature in affected products does not properly update the encryption of existing program blocks when a project file is updated.
-
-This could allow attackers with access to the project file to recover previous - yet unprotected - versions of the project without the knowledge of the know-how protection password.
+A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). The know-how protection feature in affected products does not properly update the encryption of existing program blocks when a project file is updated.
This could allow attackers with access to the project file to recover previous - yet unprotected - versions of the project without the knowledge of the know-how protection password.
### POC
diff --git a/2023/CVE-2023-31122.md b/2023/CVE-2023-31122.md
index b7b140fe0..cf8cfa95c 100644
--- a/2023/CVE-2023-31122.md
+++ b/2023/CVE-2023-31122.md
@@ -13,6 +13,7 @@ Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue a
No PoCs from references.
#### Github
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/arsenalzp/apch-operator
- https://github.com/klemakle/audit-pentest-BOX
- https://github.com/xonoxitron/cpe2cve
diff --git a/2023/CVE-2023-31445.md b/2023/CVE-2023-31445.md
index eb1a7b8be..0cb392e13 100644
--- a/2023/CVE-2023-31445.md
+++ b/2023/CVE-2023-31445.md
@@ -15,5 +15,6 @@ Cassia Access controller before 2.1.1.2203171453, was discovered to have a unpri
- https://www.swiruhack.online/cves/202331445/md.html
#### Github
+- https://github.com/Dodge-MPTC/CVE-2023-31445-Unprivileged-Information-Disclosure
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-3149.md b/2023/CVE-2023-3149.md
index f994785b2..7c5a1c48d 100644
--- a/2023/CVE-2023-3149.md
+++ b/2023/CVE-2023-3149.md
@@ -11,6 +11,7 @@ A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It
#### Reference
- https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-adminusermanage_userphp
+- https://vuldb.com/?id.231018
#### Github
No PoCs found on GitHub currently.
diff --git a/2023/CVE-2023-31497.md b/2023/CVE-2023-31497.md
index e7f91d66d..fb6f2df52 100644
--- a/2023/CVE-2023-31497.md
+++ b/2023/CVE-2023-31497.md
@@ -13,5 +13,6 @@ Incorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Sec
- https://github.com/0xInfection/EPScalate
#### Github
+- https://github.com/0xInfection/EPScalate
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-31594.md b/2023/CVE-2023-31594.md
index e9b8dce10..ef8fb8f95 100644
--- a/2023/CVE-2023-31594.md
+++ b/2023/CVE-2023-31594.md
@@ -13,5 +13,6 @@ IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an e
- https://github.com/Yozarseef95/CVE-2023-31594
#### Github
+- https://github.com/Yozarseef95/CVE-2023-31594
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-31595.md b/2023/CVE-2023-31595.md
index 4147c9ada..5edfc9584 100644
--- a/2023/CVE-2023-31595.md
+++ b/2023/CVE-2023-31595.md
@@ -13,5 +13,6 @@ IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via unau
- https://github.com/Yozarseef95/CVE-2023-31595
#### Github
+- https://github.com/Yozarseef95/CVE-2023-31595
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-31664.md b/2023/CVE-2023-31664.md
index d250056c0..dfc87c98c 100644
--- a/2023/CVE-2023-31664.md
+++ b/2023/CVE-2023-31664.md
@@ -13,5 +13,6 @@ A reflected cross-site scripting (XSS) vulnerability in /authenticationendpoint/
- https://github.com/adilkhan7/CVE-2023-31664
#### Github
+- https://github.com/adilkhan7/CVE-2023-31664
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-31705.md b/2023/CVE-2023-31705.md
index c983e056c..cf937c7fb 100644
--- a/2023/CVE-2023-31705.md
+++ b/2023/CVE-2023-31705.md
@@ -13,5 +13,6 @@ A Reflected Cross-site scripting (XSS) vulnerability in Sourcecodester Task Remi
- https://github.com/d34dun1c02n/CVE-2023-31705
#### Github
+- https://github.com/d34dun1c02n/CVE-2023-31705
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-31726.md b/2023/CVE-2023-31726.md
index b502a52d9..cf9bccb4a 100644
--- a/2023/CVE-2023-31726.md
+++ b/2023/CVE-2023-31726.md
@@ -13,5 +13,6 @@ AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited b
- https://github.com/J6451/CVE-2023-31726
#### Github
+- https://github.com/J6451/CVE-2023-31726
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-31851.md b/2023/CVE-2023-31851.md
index 944497c8c..279b49c21 100644
--- a/2023/CVE-2023-31851.md
+++ b/2023/CVE-2023-31851.md
@@ -13,5 +13,6 @@ Cudy LT400 1.13.4 is has a cross-site scripting (XSS) vulnerability in /cgi-bin/
- https://github.com/CalfCrusher/CVE-2023-31851
#### Github
+- https://github.com/CalfCrusher/CVE-2023-31851
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-31852.md b/2023/CVE-2023-31852.md
index f96c4089a..df64b18e9 100644
--- a/2023/CVE-2023-31852.md
+++ b/2023/CVE-2023-31852.md
@@ -13,5 +13,6 @@ Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting (XSS) in cgi-bin/luci/ad
- https://github.com/CalfCrusher/CVE-2023-31852
#### Github
+- https://github.com/CalfCrusher/CVE-2023-31852
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-31853.md b/2023/CVE-2023-31853.md
index e286baa81..112b24a0b 100644
--- a/2023/CVE-2023-31853.md
+++ b/2023/CVE-2023-31853.md
@@ -13,5 +13,6 @@ Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in /cgi-bin/luci/admi
- https://github.com/CalfCrusher/CVE-2023-31853
#### Github
+- https://github.com/CalfCrusher/CVE-2023-31853
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-32522.md b/2023/CVE-2023-32522.md
index a4dd9f55d..0d981d300 100644
--- a/2023/CVE-2023-32522.md
+++ b/2023/CVE-2023-32522.md
@@ -5,9 +5,7 @@
### Description
-A path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files.
-
-Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
+A path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
### POC
diff --git a/2023/CVE-2023-32629.md b/2023/CVE-2023-32629.md
index 91a4d35f3..dbb89ffd4 100644
--- a/2023/CVE-2023-32629.md
+++ b/2023/CVE-2023-32629.md
@@ -16,6 +16,7 @@ Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up
- https://github.com/0xWhoami35/root-kernel
- https://github.com/0xsyr0/OSCP
- https://github.com/Ev3rPalestine/Analytics-HTB-Walkthrough
+- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/K5LK/CVE-2023-2640-32629
- https://github.com/Kiosec/Linux-Exploitation
- https://github.com/Nkipohcs/CVE-2023-2640-CVE-2023-32629
diff --git a/2023/CVE-2023-32784.md b/2023/CVE-2023-32784.md
index 96f3afa9d..9be05613b 100644
--- a/2023/CVE-2023-32784.md
+++ b/2023/CVE-2023-32784.md
@@ -53,6 +53,7 @@ In KeePass 2.x before 2.54, it is possible to recover the cleartext master passw
- https://github.com/rvsvishnuv/rvsvishnuv.github.io
- https://github.com/s3mPr1linux/KEEPASS_PASS_DUMP
- https://github.com/und3sc0n0c1d0/BruteForce-to-KeePass
+- https://github.com/vdohney/keepass-password-dumper
- https://github.com/ynuwenhof/keedump
- https://github.com/z-jxy/keepass_dump
diff --git a/2023/CVE-2023-33105.md b/2023/CVE-2023-33105.md
index 77e7e0978..0147ac775 100644
--- a/2023/CVE-2023-33105.md
+++ b/2023/CVE-2023-33105.md
@@ -14,4 +14,5 @@ No PoCs from references.
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-33253.md b/2023/CVE-2023-33253.md
index af13d7b9b..b5c45bcf4 100644
--- a/2023/CVE-2023-33253.md
+++ b/2023/CVE-2023-33253.md
@@ -13,5 +13,6 @@ LabCollector 6.0 though 6.15 allows remote code execution. An authenticated remo
- https://github.com/Toxich4/CVE-2023-33253
#### Github
+- https://github.com/Toxich4/CVE-2023-33253
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-33408.md b/2023/CVE-2023-33408.md
index e0bd4a44e..93d64d703 100644
--- a/2023/CVE-2023-33408.md
+++ b/2023/CVE-2023-33408.md
@@ -13,5 +13,6 @@ Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exi
- https://github.com/Thirukrishnan/CVE-2023-33408
#### Github
+- https://github.com/Thirukrishnan/CVE-2023-33408
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-33409.md b/2023/CVE-2023-33409.md
index 6302d841e..a836550d7 100644
--- a/2023/CVE-2023-33409.md
+++ b/2023/CVE-2023-33409.md
@@ -13,5 +13,6 @@ Minical 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF) via minical/pub
- https://github.com/Thirukrishnan/CVE-2023-33409
#### Github
+- https://github.com/Thirukrishnan/CVE-2023-33409
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-33410.md b/2023/CVE-2023-33410.md
index b3cf9b1d4..7adb3ff62 100644
--- a/2023/CVE-2023-33410.md
+++ b/2023/CVE-2023-33410.md
@@ -13,5 +13,6 @@ Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an
- https://github.com/Thirukrishnan/CVE-2023-33410
#### Github
+- https://github.com/Thirukrishnan/CVE-2023-33410
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-33693.md b/2023/CVE-2023-33693.md
index c3c6d93b9..7a6b0d9a9 100644
--- a/2023/CVE-2023-33693.md
+++ b/2023/CVE-2023-33693.md
@@ -13,5 +13,5 @@ A buffer overflow in EasyPlayerPro-Win v3.2.19.0106 to v3.6.19.0823 allows attac
- https://github.com/tsingsee/EasyPlayerPro-Win/pull/24
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/ernestang98/win-exploits
diff --git a/2023/CVE-2023-33733.md b/2023/CVE-2023-33733.md
index fc3234780..0121e50e4 100644
--- a/2023/CVE-2023-33733.md
+++ b/2023/CVE-2023-33733.md
@@ -15,6 +15,7 @@ Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying
#### Github
- https://github.com/L41KAA/CVE-2023-33733-Exploit-PoC
- https://github.com/buiduchoang24/CVE-2023-33733
+- https://github.com/c53elyas/CVE-2023-33733
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/onion2203/CVE-2023-33733
- https://github.com/onion2203/Lab_Reportlab
diff --git a/2023/CVE-2023-33747.md b/2023/CVE-2023-33747.md
index 18bd1cf2b..90503256c 100644
--- a/2023/CVE-2023-33747.md
+++ b/2023/CVE-2023-33747.md
@@ -15,5 +15,6 @@ CloudPanel v2.2.2 allows attackers to execute a path traversal.
#### Github
- https://github.com/0xWhoami35/CloudPanel-CVE-2023-33747
+- https://github.com/EagleTube/CloudPanel
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-33757.md b/2023/CVE-2023-33757.md
index 527b63f34..9c0ddaed7 100644
--- a/2023/CVE-2023-33757.md
+++ b/2023/CVE-2023-33757.md
@@ -13,4 +13,5 @@ A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (
- https://github.com/twignet/splicecom
#### Github
+- https://github.com/twignet/splicecom
diff --git a/2023/CVE-2023-33758.md b/2023/CVE-2023-33758.md
index 341bea458..11bb7a2da 100644
--- a/2023/CVE-2023-33758.md
+++ b/2023/CVE-2023-33758.md
@@ -13,4 +13,5 @@ Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-s
- https://github.com/twignet/splicecom
#### Github
+- https://github.com/twignet/splicecom
diff --git a/2023/CVE-2023-33759.md b/2023/CVE-2023-33759.md
index 676f795d1..12ad356b0 100644
--- a/2023/CVE-2023-33759.md
+++ b/2023/CVE-2023-33759.md
@@ -13,4 +13,5 @@ SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authent
- https://github.com/twignet/splicecom
#### Github
+- https://github.com/twignet/splicecom
diff --git a/2023/CVE-2023-33760.md b/2023/CVE-2023-33760.md
index 89a31065b..e39cffbf2 100644
--- a/2023/CVE-2023-33760.md
+++ b/2023/CVE-2023-33760.md
@@ -13,4 +13,5 @@ SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default
- https://github.com/twignet/splicecom
#### Github
+- https://github.com/twignet/splicecom
diff --git a/2023/CVE-2023-33781.md b/2023/CVE-2023-33781.md
index 3a91a1578..ee4a39d97 100644
--- a/2023/CVE-2023-33781.md
+++ b/2023/CVE-2023-33781.md
@@ -14,4 +14,5 @@ An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary comman
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/s0tr/CVE-2023-33781
diff --git a/2023/CVE-2023-33782.md b/2023/CVE-2023-33782.md
index ef06d11bd..c668aaf99 100644
--- a/2023/CVE-2023-33782.md
+++ b/2023/CVE-2023-33782.md
@@ -14,4 +14,5 @@ D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerabil
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/s0tr/CVE-2023-33782
diff --git a/2023/CVE-2023-33817.md b/2023/CVE-2023-33817.md
index bca2b26e7..bef9a8b83 100644
--- a/2023/CVE-2023-33817.md
+++ b/2023/CVE-2023-33817.md
@@ -14,5 +14,6 @@ hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability.
#### Github
- https://github.com/ARPSyndicate/cvemon
+- https://github.com/leekenghwa/CVE-2023-33817---SQL-Injection-found-in-HotelDruid-3.0.5
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-3396.md b/2023/CVE-2023-3396.md
new file mode 100644
index 000000000..d6da42f46
--- /dev/null
+++ b/2023/CVE-2023-3396.md
@@ -0,0 +1,17 @@
+### [CVE-2023-3396](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3396)
+
+
+
+
+### Description
+
+A vulnerability was found in Campcodes Retro Cellphone Online Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-232351.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.232351
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-34096.md b/2023/CVE-2023-34096.md
index 51e6ea98e..079357a24 100644
--- a/2023/CVE-2023-34096.md
+++ b/2023/CVE-2023-34096.md
@@ -17,5 +17,6 @@ Thruk is a multibackend monitoring webinterface which currently supports Naemon,
- https://www.exploit-db.com/exploits/51509
#### Github
+- https://github.com/galoget/Thruk-CVE-2023-34096
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-34312.md b/2023/CVE-2023-34312.md
index 018784964..3d6bdfb0b 100644
--- a/2023/CVE-2023-34312.md
+++ b/2023/CVE-2023-34312.md
@@ -25,4 +25,5 @@ In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and
- https://github.com/silentEAG/awesome-stars
- https://github.com/u604b/Awsome-Stars
- https://github.com/u604b/awesome-stars
+- https://github.com/vi3t1/qq-tim-elevation
diff --git a/2023/CVE-2023-34362.md b/2023/CVE-2023-34362.md
index 1dd244483..df6e6f505 100644
--- a/2023/CVE-2023-34362.md
+++ b/2023/CVE-2023-34362.md
@@ -14,6 +14,7 @@ In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.
- http://packetstormsecurity.com/files/173110/MOVEit-SQL-Injection.html
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/0xdead8ead-randori/cve_search_msf
- https://github.com/ARPSyndicate/cvemon
- https://github.com/BenjiTrapp/cisa-known-vuln-scraper
diff --git a/2023/CVE-2023-34598.md b/2023/CVE-2023-34598.md
index 43676ca78..1e78a2246 100644
--- a/2023/CVE-2023-34598.md
+++ b/2023/CVE-2023-34598.md
@@ -20,6 +20,7 @@ Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible
- https://github.com/izj007/wechat
- https://github.com/komodoooo/Some-things
- https://github.com/komodoooo/some-things
+- https://github.com/maddsec/CVE-2023-34598
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/whoami13apt/files2
diff --git a/2023/CVE-2023-34599.md b/2023/CVE-2023-34599.md
index c1a0873ee..5ef10d033 100644
--- a/2023/CVE-2023-34599.md
+++ b/2023/CVE-2023-34599.md
@@ -15,5 +15,6 @@ Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibb
#### Github
- https://github.com/Imahian/CVE-2023-34599
- https://github.com/hheeyywweellccoommee/CVE-2023-34599-xsddo
+- https://github.com/maddsec/CVE-2023-34599
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-34758.md b/2023/CVE-2023-34758.md
index 059d06433..84c5ce3bf 100644
--- a/2023/CVE-2023-34758.md
+++ b/2023/CVE-2023-34758.md
@@ -15,4 +15,5 @@ Sliver from v1.5.x to v1.5.39 has an improper cryptographic implementation, whic
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/tangent65536/Slivjacker
diff --git a/2023/CVE-2023-34924.md b/2023/CVE-2023-34924.md
index 8fde7379c..c9fe12b24 100644
--- a/2023/CVE-2023-34924.md
+++ b/2023/CVE-2023-34924.md
@@ -13,6 +13,7 @@ H3C Magic B1STW B1STV100R012 was discovered to contain a stack overflow via the
- https://github.com/ChrisL0tus/CVE-2023-34924
#### Github
+- https://github.com/ChrisL0tus/CVE-2023-34924
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-34939.md b/2023/CVE-2023-34939.md
index 14a9958b2..98b20b17c 100644
--- a/2023/CVE-2023-34939.md
+++ b/2023/CVE-2023-34939.md
@@ -15,4 +15,5 @@ Onlyoffice Community Server before v12.5.2 was discovered to contain a remote co
#### Github
- https://github.com/20142995/sectool
+- https://github.com/firsov/onlyoffice
diff --git a/2023/CVE-2023-3505.md b/2023/CVE-2023-3505.md
new file mode 100644
index 000000000..adcac7a8c
--- /dev/null
+++ b/2023/CVE-2023-3505.md
@@ -0,0 +1,17 @@
+### [CVE-2023-3505](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3505)
+
+
+
+
+### Description
+
+A vulnerability was found in Onest CRM 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/project/update/2 of the component Project List Handler. The manipulation of the argument name with the input leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-232953 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.232953
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-3519.md b/2023/CVE-2023-3519.md
index e876e0ae4..07b32b06a 100644
--- a/2023/CVE-2023-3519.md
+++ b/2023/CVE-2023-3519.md
@@ -14,6 +14,7 @@ Unauthenticated remote code execution
- http://packetstormsecurity.com/files/173997/Citrix-ADC-NetScaler-Remote-Code-Execution.html
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/Aicks/Citrix-CVE-2023-3519
- https://github.com/BishopFox/CVE-2023-3519
- https://github.com/CVEDB/awesome-cve-repo
diff --git a/2023/CVE-2023-35885.md b/2023/CVE-2023-35885.md
index a637e35c0..7573e6ea8 100644
--- a/2023/CVE-2023-35885.md
+++ b/2023/CVE-2023-35885.md
@@ -19,6 +19,7 @@ CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication.
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Tropinene/Yscanner
- https://github.com/d4n-sec/d4n-sec.github.io
+- https://github.com/datackmy/FallingSkies-CVE-2023-35885
- https://github.com/getdrive/PoC
- https://github.com/iluaster/getdrive_PoC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-36123.md b/2023/CVE-2023-36123.md
index 663bcdc62..cd2189c92 100644
--- a/2023/CVE-2023-36123.md
+++ b/2023/CVE-2023-36123.md
@@ -13,5 +13,6 @@ Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version A
- https://github.com/9Bakabaka/CVE-2023-36123
#### Github
+- https://github.com/9Bakabaka/CVE-2023-36123
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-36143.md b/2023/CVE-2023-36143.md
index 61537604f..4bd45c1bc 100644
--- a/2023/CVE-2023-36143.md
+++ b/2023/CVE-2023-36143.md
@@ -14,5 +14,6 @@ Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the
#### Github
- https://github.com/RobinTrigon/CVE-2023-36143
+- https://github.com/leonardobg/CVE-2023-36143
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-36144.md b/2023/CVE-2023-36144.md
index 8c6057e6e..d63cdeccb 100644
--- a/2023/CVE-2023-36144.md
+++ b/2023/CVE-2023-36144.md
@@ -13,5 +13,6 @@ An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allo
- https://github.com/leonardobg/CVE-2023-36144
#### Github
+- https://github.com/leonardobg/CVE-2023-36144
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-36644.md b/2023/CVE-2023-36644.md
index f9dd5ac9c..d303084d8 100644
--- a/2023/CVE-2023-36644.md
+++ b/2023/CVE-2023-36644.md
@@ -13,5 +13,6 @@ Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to r
- https://github.com/caffeinated-labs/CVE-2023-36644
#### Github
+- https://github.com/caffeinated-labs/CVE-2023-36644
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-36745.md b/2023/CVE-2023-36745.md
index d3be5f56a..c3ed1e77b 100644
--- a/2023/CVE-2023-36745.md
+++ b/2023/CVE-2023-36745.md
@@ -17,6 +17,7 @@ Microsoft Exchange Server Remote Code Execution Vulnerability
No PoCs from references.
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/GhostTroops/TOP
diff --git a/2023/CVE-2023-3684.md b/2023/CVE-2023-3684.md
index a606da0eb..57098154d 100644
--- a/2023/CVE-2023-3684.md
+++ b/2023/CVE-2023-3684.md
@@ -10,7 +10,7 @@ A vulnerability was found in LivelyWorks Articart 2.0.1 and classified as proble
### POC
#### Reference
-No PoCs from references.
+- https://vuldb.com/?id.234230
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2023/CVE-2023-36884.md b/2023/CVE-2023-36884.md
index 84fbb0b1d..0d1f4684a 100644
--- a/2023/CVE-2023-36884.md
+++ b/2023/CVE-2023-36884.md
@@ -49,6 +49,7 @@ Windows Search Remote Code Execution Vulnerability
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/ToddMaxey/CVE-2023-36884
+- https://github.com/aleff-github/aleff-github
- https://github.com/aleff-github/my-flipper-shits
- https://github.com/bkzk/cisco-email-filters
- https://github.com/deepinstinct/Storm0978-RomCom-Campaign
diff --git a/2023/CVE-2023-3753.md b/2023/CVE-2023-3753.md
new file mode 100644
index 000000000..75d5a4a98
--- /dev/null
+++ b/2023/CVE-2023-3753.md
@@ -0,0 +1,17 @@
+### [CVE-2023-3753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3753)
+
+
+
+
+### Description
+
+A vulnerability classified as problematic has been found in Creativeitem Mastery LMS 1.2. This affects an unknown part of the file /browse. The manipulation of the argument search/featured/recommended/skill leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-234423. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.234423
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-37598.md b/2023/CVE-2023-37598.md
index 680fa77bf..208944a94 100644
--- a/2023/CVE-2023-37598.md
+++ b/2023/CVE-2023-37598.md
@@ -15,4 +15,5 @@ A Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allow
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sahiloj/CVE-2023-37598
diff --git a/2023/CVE-2023-3784.md b/2023/CVE-2023-3784.md
index ac8b8ef45..8d086b594 100644
--- a/2023/CVE-2023-3784.md
+++ b/2023/CVE-2023-3784.md
@@ -11,6 +11,7 @@ A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been decl
#### Reference
- https://seclists.org/fulldisclosure/2023/Jul/37
+- https://vuldb.com/?id.235051
- https://www.vulnerability-lab.com/get_content.php?id=2317
#### Github
diff --git a/2023/CVE-2023-38286.md b/2023/CVE-2023-38286.md
index f7a873801..2cd9c5bbd 100644
--- a/2023/CVE-2023-38286.md
+++ b/2023/CVE-2023-38286.md
@@ -15,5 +15,6 @@ Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot A
#### Github
- https://github.com/fractal-visi0n/security-assessement
- https://github.com/izj007/wechat
+- https://github.com/p1n93r/SpringBootAdmin-thymeleaf-SSTI
- https://github.com/whoami13apt/files2
diff --git a/2023/CVE-2023-3833.md b/2023/CVE-2023-3833.md
new file mode 100644
index 000000000..b0a8c096f
--- /dev/null
+++ b/2023/CVE-2023-3833.md
@@ -0,0 +1,17 @@
+### [CVE-2023-3833](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3833)
+
+
+
+
+### Description
+
+A vulnerability was found in Bug Finder Montage 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /user/ticket/create of the component Ticket Handler. The manipulation of the argument message leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-235159. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.235159
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-38389.md b/2023/CVE-2023-38389.md
new file mode 100644
index 000000000..9fcc24030
--- /dev/null
+++ b/2023/CVE-2023-38389.md
@@ -0,0 +1,18 @@
+### [CVE-2023-38389](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38389)
+
+
+
+
+### Description
+
+Incorrect Authorization vulnerability in Artbees JupiterX Core allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JupiterX Core: from n/a through 3.3.8.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/codeb0ss/CVE-2023-38389-PoC
+- https://github.com/securi3ytalent/wordpress-exploit
+
diff --git a/2023/CVE-2023-38545.md b/2023/CVE-2023-38545.md
index 1316e890c..47f1bb213 100644
--- a/2023/CVE-2023-38545.md
+++ b/2023/CVE-2023-38545.md
@@ -25,6 +25,7 @@ No PoCs from references.
- https://github.com/fatmo666/CVE-2023-38545-libcurl-SOCKS5-heap-buffer-overflow
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/imfht/CVE-2023-38545
+- https://github.com/industrial-edge/iih-essentials-development-kit
- https://github.com/izj007/wechat
- https://github.com/kherrick/lobsters
- https://github.com/malinkamedok/devops_sandbox
diff --git a/2023/CVE-2023-38546.md b/2023/CVE-2023-38546.md
index 68a474dcd..c1b416d69 100644
--- a/2023/CVE-2023-38546.md
+++ b/2023/CVE-2023-38546.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/alex-grandson/docker-python-example
- https://github.com/fokypoky/places-list
+- https://github.com/industrial-edge/iih-essentials-development-kit
- https://github.com/malinkamedok/devops_sandbox
- https://github.com/testing-felickz/docker-scout-demo
diff --git a/2023/CVE-2023-38624.md b/2023/CVE-2023-38624.md
index cf051a13d..e73f9a2e4 100644
--- a/2023/CVE-2023-38624.md
+++ b/2023/CVE-2023-38624.md
@@ -5,11 +5,7 @@
### Description
-A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly.
-
-Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
-
-This is a similar, but not identical vulnerability as CVE-2023-38625 through CVE-2023-38627.
+A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This is a similar, but not identical vulnerability as CVE-2023-38625 through CVE-2023-38627.
### POC
diff --git a/2023/CVE-2023-38829.md b/2023/CVE-2023-38829.md
index 2f6cc818e..49e4ab8b0 100644
--- a/2023/CVE-2023-38829.md
+++ b/2023/CVE-2023-38829.md
@@ -14,5 +14,6 @@ An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execut
#### Github
- https://github.com/Luwak-IoT-Security/CVEs
+- https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-38840.md b/2023/CVE-2023-38840.md
index 5d65b9606..ab7405e30 100644
--- a/2023/CVE-2023-38840.md
+++ b/2023/CVE-2023-38840.md
@@ -15,5 +15,6 @@ Bitwarden Desktop 2023.7.0 and below allows an attacker with local access to obt
- https://redmaple.tech/blogs/2023/extract-bitwarden-vault-passwords/
#### Github
+- https://github.com/markuta/bw-dump
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-38890.md b/2023/CVE-2023-38890.md
index 138ca6c7e..5416ee78f 100644
--- a/2023/CVE-2023-38890.md
+++ b/2023/CVE-2023-38890.md
@@ -13,5 +13,6 @@ Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary
- https://github.com/akshadjoshi/CVE-2023-38890
#### Github
+- https://github.com/akshadjoshi/CVE-2023-38890
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-38891.md b/2023/CVE-2023-38891.md
index e26d05bfc..7c5c1d7ab 100644
--- a/2023/CVE-2023-38891.md
+++ b/2023/CVE-2023-38891.md
@@ -13,5 +13,6 @@ SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated
- https://github.com/jselliott/CVE-2023-38891
#### Github
+- https://github.com/jselliott/CVE-2023-38891
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-39063.md b/2023/CVE-2023-39063.md
index f70caca44..58c8a6772 100644
--- a/2023/CVE-2023-39063.md
+++ b/2023/CVE-2023-39063.md
@@ -13,5 +13,6 @@ Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to
- https://github.com/AndreGNogueira/CVE-2023-39063
#### Github
+- https://github.com/AndreGNogueira/CVE-2023-39063
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-39115.md b/2023/CVE-2023-39115.md
index cb3328589..125ecebfd 100644
--- a/2023/CVE-2023-39115.md
+++ b/2023/CVE-2023-39115.md
@@ -15,5 +15,6 @@ install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Scrip
- https://www.exploit-db.com/exploits/51656
#### Github
+- https://github.com/Raj789-sec/CVE-2023-39115
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-39269.md b/2023/CVE-2023-39269.md
index c8ec9a243..3b3cbf882 100644
--- a/2023/CVE-2023-39269.md
+++ b/2023/CVE-2023-39269.md
@@ -154,8 +154,7 @@
### Description
-A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. The web server of the affected devices contains a vulnerability that may lead to a denial of service condition.
-An attacker may cause total loss of availability of the web server, which might recover after the attack is over.
+A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. The web server of the affected devices contains a vulnerability that may lead to a denial of service condition.
An attacker may cause total loss of availability of the web server, which might recover after the attack is over.
### POC
diff --git a/2023/CVE-2023-39341.md b/2023/CVE-2023-39341.md
index e3b2dbe26..b4aff6c8b 100644
--- a/2023/CVE-2023-39341.md
+++ b/2023/CVE-2023-39341.md
@@ -17,8 +17,7 @@
### Description
-"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition.
-Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).
+"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition.
Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).
### POC
diff --git a/2023/CVE-2023-39379.md b/2023/CVE-2023-39379.md
index ab9beb66c..1755b6c1f 100644
--- a/2023/CVE-2023-39379.md
+++ b/2023/CVE-2023-39379.md
@@ -7,7 +7,7 @@
### Description
-Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software Infrastructure Manager Advanced Edition V2.8.0.060, Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX V2.8.0.060, and Fujitsu Software Infrastructure Manager Essential Edition V2.8.0.060.
+Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software Infrastructure Manager Advanced Edition V2.8.0.060, Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX V2.8.0.060, and Fujitsu Software Infrastructure Manager Essential Edition V2.8.0.060.
### POC
diff --git a/2023/CVE-2023-39848.md b/2023/CVE-2023-39848.md
index de85d1818..98de84a1b 100644
--- a/2023/CVE-2023-39848.md
+++ b/2023/CVE-2023-39848.md
@@ -14,6 +14,7 @@ No PoCs from references.
#### Github
- https://github.com/AS-Mend-RenovateEE/RenovateEEDVWA
+- https://github.com/Abhitejabodapati/DVWA-SAST
- https://github.com/Blake384/DVWA
- https://github.com/BrunoiMesquita/DAMN-VULNERABLE-PHP-WEB-APPLICATION
- https://github.com/Bulnick/SCode
@@ -25,6 +26,7 @@ No PoCs from references.
- https://github.com/HowAreYouChristian/crs
- https://github.com/HycCodeQL/DVWA
- https://github.com/Iamishfaq07/DVWA
+- https://github.com/Jackbling/DVWA
- https://github.com/Jun1u2/TestGR
- https://github.com/Kir-Scheluh/SSDLC-lab4-test
- https://github.com/LenninPeren/PruebaDVWA
@@ -43,6 +45,8 @@ No PoCs from references.
- https://github.com/Security-Test-Account/DVWA
- https://github.com/ShrutikaNakhale/DVWA2
- https://github.com/Slon12jr/DVWA
+- https://github.com/TINNI-Lal/DVWA
+- https://github.com/Yahyazaizi/application-test-security
- https://github.com/Zahidkhan1221/DWVA
- https://github.com/andersongodoy/DVWA-CORRIGIDO
- https://github.com/asmendio/RenovateEETest
diff --git a/2023/CVE-2023-40297.md b/2023/CVE-2023-40297.md
index dac55aeb6..49c9d0a82 100644
--- a/2023/CVE-2023-40297.md
+++ b/2023/CVE-2023-40297.md
@@ -14,4 +14,5 @@ Stakater Forecastle 1.0.139 and before allows %5C../ directory traversal in the
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sahar042/CVE-2023-40297
diff --git a/2023/CVE-2023-40362.md b/2023/CVE-2023-40362.md
index 3c8138698..013f49354 100644
--- a/2023/CVE-2023-40362.md
+++ b/2023/CVE-2023-40362.md
@@ -13,5 +13,6 @@ An issue was discovered in CentralSquare Click2Gov Building Permit before Octobe
- https://github.com/ally-petitt/CVE-2023-40362
#### Github
+- https://github.com/ally-petitt/CVE-2023-40362
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-4039.md b/2023/CVE-2023-4039.md
index 7b65cf42f..d7bae6e30 100644
--- a/2023/CVE-2023-4039.md
+++ b/2023/CVE-2023-4039.md
@@ -6,7 +6,7 @@
### Description
-**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables.The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.
+** DISPUTED ** **DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables.The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.
### POC
@@ -17,4 +17,5 @@
- https://github.com/GrigGM/05-virt-04-docker-hw
- https://github.com/bollwarm/SecToolSet
- https://github.com/fokypoky/places-list
+- https://github.com/m-pasima/CI-CD-Security-image-scan
diff --git a/2023/CVE-2023-40546.md b/2023/CVE-2023-40546.md
index daebd90d1..aab7faa99 100644
--- a/2023/CVE-2023-40546.md
+++ b/2023/CVE-2023-40546.md
@@ -26,4 +26,5 @@ No PoCs from references.
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/seal-community/patches
diff --git a/2023/CVE-2023-40547.md b/2023/CVE-2023-40547.md
index 0c1593bf2..4f27dfdf8 100644
--- a/2023/CVE-2023-40547.md
+++ b/2023/CVE-2023-40547.md
@@ -26,4 +26,5 @@ No PoCs from references.
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/seal-community/patches
diff --git a/2023/CVE-2023-40549.md b/2023/CVE-2023-40549.md
index bd16178fe..f13955656 100644
--- a/2023/CVE-2023-40549.md
+++ b/2023/CVE-2023-40549.md
@@ -26,4 +26,5 @@ No PoCs from references.
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/seal-community/patches
diff --git a/2023/CVE-2023-40550.md b/2023/CVE-2023-40550.md
index 3f27ad431..0f9979441 100644
--- a/2023/CVE-2023-40550.md
+++ b/2023/CVE-2023-40550.md
@@ -26,4 +26,5 @@ No PoCs from references.
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/seal-community/patches
diff --git a/2023/CVE-2023-40551.md b/2023/CVE-2023-40551.md
index c7b462e6d..2b19198c1 100644
--- a/2023/CVE-2023-40551.md
+++ b/2023/CVE-2023-40551.md
@@ -26,4 +26,5 @@ No PoCs from references.
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/seal-community/patches
diff --git a/2023/CVE-2023-40661.md b/2023/CVE-2023-40661.md
index fd35bbe77..1f6ce615b 100644
--- a/2023/CVE-2023-40661.md
+++ b/2023/CVE-2023-40661.md
@@ -7,8 +7,7 @@
### Description
-Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a custom-crafted USB device or smart card to manipulate responses to APDUs. This manipulation can potentially allow
-compromise key generation, certificate loading, and other card management operations during enrollment.
+Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a custom-crafted USB device or smart card to manipulate responses to APDUs. This manipulation can potentially allow
compromise key generation, certificate loading, and other card management operations during enrollment.
### POC
diff --git a/2023/CVE-2023-40868.md b/2023/CVE-2023-40868.md
index 0f47866d9..ea3537936 100644
--- a/2023/CVE-2023-40868.md
+++ b/2023/CVE-2023-40868.md
@@ -13,5 +13,6 @@ Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo
- https://github.com/MinoTauro2020/CVE-2023-40868
#### Github
+- https://github.com/MinoTauro2020/CVE-2023-40868
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-40869.md b/2023/CVE-2023-40869.md
index dd77eaa97..0d4ecabb3 100644
--- a/2023/CVE-2023-40869.md
+++ b/2023/CVE-2023-40869.md
@@ -13,5 +13,6 @@ Cross Site Scripting vulnerability in mooSocial mooSocial Software 3.1.6 and 3.1
- https://github.com/MinoTauro2020/CVE-2023-40869
#### Github
+- https://github.com/MinoTauro2020/CVE-2023-40869
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-41164.md b/2023/CVE-2023-41164.md
index 1ca17327b..82655e546 100644
--- a/2023/CVE-2023-41164.md
+++ b/2023/CVE-2023-41164.md
@@ -14,4 +14,5 @@ No PoCs from references.
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/seal-community/patches
diff --git a/2023/CVE-2023-41179.md b/2023/CVE-2023-41179.md
index 33351efbd..825c8593c 100644
--- a/2023/CVE-2023-41179.md
+++ b/2023/CVE-2023-41179.md
@@ -9,9 +9,7 @@
### Description
-A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.
-
-Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.
+A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.
Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.
### POC
diff --git a/2023/CVE-2023-41707.md b/2023/CVE-2023-41707.md
index bdc5afd9f..3aeca01b8 100644
--- a/2023/CVE-2023-41707.md
+++ b/2023/CVE-2023-41707.md
@@ -5,8 +5,7 @@
### Description
-Processing of user-defined mail search expressions is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of mail search expressions now gets monitored, and the related request is terminated if a resource threshold is reached.
- No publicly available exploits are known.
+Processing of user-defined mail search expressions is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of mail search expressions now gets monitored, and the related request is terminated if a resource threshold is reached.
No publicly available exploits are known.
### POC
diff --git a/2023/CVE-2023-41717.md b/2023/CVE-2023-41717.md
index a63c11855..3d97366ca 100644
--- a/2023/CVE-2023-41717.md
+++ b/2023/CVE-2023-41717.md
@@ -13,5 +13,6 @@ Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior all
- https://github.com/federella/CVE-2023-41717
#### Github
+- https://github.com/federella/CVE-2023-41717
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-42222.md b/2023/CVE-2023-42222.md
index 580debde4..cc31250b9 100644
--- a/2023/CVE-2023-42222.md
+++ b/2023/CVE-2023-42222.md
@@ -14,5 +14,6 @@ WebCatalog before 49.0 is vulnerable to Incorrect Access Control. WebCatalog cal
- https://github.com/itssixtyn3in/CVE-2023-42222
#### Github
+- https://github.com/itssixtyn3in/CVE-2023-42222
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-42283.md b/2023/CVE-2023-42283.md
index 7a44dad46..8bb44062d 100644
--- a/2023/CVE-2023-42283.md
+++ b/2023/CVE-2023-42283.md
@@ -13,5 +13,6 @@ Blind SQL injection in api_id parameter in Tyk Gateway version 5.0.3 allows atta
- https://github.com/andreysanyuk/CVE-2023-42283
#### Github
+- https://github.com/andreysanyuk/CVE-2023-42283
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-42284.md b/2023/CVE-2023-42284.md
index 9a1c669df..2f0f25365 100644
--- a/2023/CVE-2023-42284.md
+++ b/2023/CVE-2023-42284.md
@@ -13,5 +13,6 @@ Blind SQL injection in api_version parameter in Tyk Gateway version 5.0.3 allows
- https://github.com/andreysanyuk/CVE-2023-42284
#### Github
+- https://github.com/andreysanyuk/CVE-2023-42284
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-42362.md b/2023/CVE-2023-42362.md
index 45b7793f1..11eee24ca 100644
--- a/2023/CVE-2023-42362.md
+++ b/2023/CVE-2023-42362.md
@@ -13,5 +13,6 @@ An arbitrary file upload vulnerability in Teller Web App v.4.4.0 allows a remote
- https://github.com/Mr-n0b3dy/CVE-2023-42362
#### Github
+- https://github.com/Mr-n0b3dy/CVE-2023-42362
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-42363.md b/2023/CVE-2023-42363.md
index 2e5569722..f83424ecf 100644
--- a/2023/CVE-2023-42363.md
+++ b/2023/CVE-2023-42363.md
@@ -13,5 +13,6 @@ A use-after-free vulnerability was discovered in xasprintf function in xfuncs_pr
No PoCs from references.
#### Github
+- https://github.com/bcgov/jag-cdds
- https://github.com/cdupuis/aspnetapp
diff --git a/2023/CVE-2023-42366.md b/2023/CVE-2023-42366.md
index 8c8b1407f..f4f780a7d 100644
--- a/2023/CVE-2023-42366.md
+++ b/2023/CVE-2023-42366.md
@@ -13,5 +13,6 @@ A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token func
No PoCs from references.
#### Github
+- https://github.com/bcgov/jag-cdds
- https://github.com/cdupuis/aspnetapp
diff --git a/2023/CVE-2023-42469.md b/2023/CVE-2023-42469.md
index b4e62a126..ef46c08bd 100644
--- a/2023/CVE-2023-42469.md
+++ b/2023/CVE-2023-42469.md
@@ -16,6 +16,7 @@ The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android e
- https://github.com/actuator/cve/blob/main/CVE-2023-42469
#### Github
+- https://github.com/actuator/com.full.dialer.top.secure.encrypted
- https://github.com/actuator/cve
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-43148.md b/2023/CVE-2023-43148.md
index 12a0b3d16..e80212b52 100644
--- a/2023/CVE-2023-43148.md
+++ b/2023/CVE-2023-43148.md
@@ -14,5 +14,6 @@ SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability that allo
#### Github
- https://github.com/MinoTauro2020/CVE-2023-43147
+- https://github.com/MinoTauro2020/CVE-2023-43148
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-43149.md b/2023/CVE-2023-43149.md
index 541d28ea6..b3bd6851e 100644
--- a/2023/CVE-2023-43149.md
+++ b/2023/CVE-2023-43149.md
@@ -13,6 +13,7 @@ SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF) that allows
- https://github.com/MinoTauro2020/CVE-2023-43149
#### Github
+- https://github.com/MinoTauro2020/CVE-2023-43149
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-43261.md b/2023/CVE-2023-43261.md
index ec81f648d..6531bf31a 100644
--- a/2023/CVE-2023-43261.md
+++ b/2023/CVE-2023-43261.md
@@ -20,4 +20,5 @@ An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.
- https://github.com/johe123qwe/github-trending
- https://github.com/komodoooo/Some-things
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/win3zz/CVE-2023-43261
diff --git a/2023/CVE-2023-43284.md b/2023/CVE-2023-43284.md
index 546fecbef..a2cf254f0 100644
--- a/2023/CVE-2023-43284.md
+++ b/2023/CVE-2023-43284.md
@@ -13,5 +13,6 @@ D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices a
- https://github.com/MateusTesser/CVE-2023-43284
#### Github
+- https://github.com/MateusTesser/CVE-2023-43284
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-43323.md b/2023/CVE-2023-43323.md
index 0483c48a9..88068df89 100644
--- a/2023/CVE-2023-43323.md
+++ b/2023/CVE-2023-43323.md
@@ -13,5 +13,6 @@ mooSocial 3.1.8 is vulnerable to external service interaction on post function.
- https://github.com/ahrixia/CVE-2023-43323
#### Github
+- https://github.com/ahrixia/CVE-2023-43323
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-43325.md b/2023/CVE-2023-43325.md
index c6808775e..a9001e267 100644
--- a/2023/CVE-2023-43325.md
+++ b/2023/CVE-2023-43325.md
@@ -13,6 +13,7 @@ A reflected cross-site scripting (XSS) vulnerability in the data[redirect_url] p
- https://github.com/ahrixia/CVE-2023-43325
#### Github
+- https://github.com/ahrixia/CVE-2023-43325
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-43326.md b/2023/CVE-2023-43326.md
index 8da3e2baa..5ac20afee 100644
--- a/2023/CVE-2023-43326.md
+++ b/2023/CVE-2023-43326.md
@@ -13,5 +13,6 @@ A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of
- https://github.com/ahrixia/CVE-2023-43326
#### Github
+- https://github.com/ahrixia/CVE-2023-43326
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-43340.md b/2023/CVE-2023-43340.md
index 5ee60cee3..9527b9642 100644
--- a/2023/CVE-2023-43340.md
+++ b/2023/CVE-2023-43340.md
@@ -15,4 +15,5 @@ Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local att
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options
diff --git a/2023/CVE-2023-43341.md b/2023/CVE-2023-43341.md
index b59e09d18..388ebe4ed 100644
--- a/2023/CVE-2023-43341.md
+++ b/2023/CVE-2023-43341.md
@@ -15,4 +15,5 @@ Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-
diff --git a/2023/CVE-2023-43342.md b/2023/CVE-2023-43342.md
index e34d95cd7..33ab0495c 100644
--- a/2023/CVE-2023-43342.md
+++ b/2023/CVE-2023-43342.md
@@ -15,4 +15,5 @@ Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend
diff --git a/2023/CVE-2023-43343.md b/2023/CVE-2023-43343.md
index 123d92b1c..0bffc5c7d 100644
--- a/2023/CVE-2023-43343.md
+++ b/2023/CVE-2023-43343.md
@@ -15,4 +15,5 @@ Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files
diff --git a/2023/CVE-2023-43344.md b/2023/CVE-2023-43344.md
index 4537a668b..7b821dc45 100644
--- a/2023/CVE-2023-43344.md
+++ b/2023/CVE-2023-43344.md
@@ -14,4 +14,5 @@ Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description
diff --git a/2023/CVE-2023-43345.md b/2023/CVE-2023-43345.md
index 5c699a2e6..802e780ec 100644
--- a/2023/CVE-2023-43345.md
+++ b/2023/CVE-2023-43345.md
@@ -14,4 +14,5 @@ Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content
diff --git a/2023/CVE-2023-43346.md b/2023/CVE-2023-43346.md
index 8e51707d0..b062a5635 100644
--- a/2023/CVE-2023-43346.md
+++ b/2023/CVE-2023-43346.md
@@ -15,4 +15,5 @@ Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend
diff --git a/2023/CVE-2023-43352.md b/2023/CVE-2023-43352.md
index 0944fe945..1874f1a0d 100644
--- a/2023/CVE-2023-43352.md
+++ b/2023/CVE-2023-43352.md
@@ -15,4 +15,5 @@ An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43352-CMSmadesimple-SSTI--Content
diff --git a/2023/CVE-2023-43353.md b/2023/CVE-2023-43353.md
index cfbd5c423..180639d27 100644
--- a/2023/CVE-2023-43353.md
+++ b/2023/CVE-2023-43353.md
@@ -14,4 +14,5 @@ Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local atta
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra
diff --git a/2023/CVE-2023-43354.md b/2023/CVE-2023-43354.md
index 5097b024a..6f56eb5ac 100644
--- a/2023/CVE-2023-43354.md
+++ b/2023/CVE-2023-43354.md
@@ -14,4 +14,5 @@ Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local atta
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension
diff --git a/2023/CVE-2023-43355.md b/2023/CVE-2023-43355.md
index 58735851e..81fcbe099 100644
--- a/2023/CVE-2023-43355.md
+++ b/2023/CVE-2023-43355.md
@@ -15,4 +15,5 @@ Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local atta
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user
diff --git a/2023/CVE-2023-43356.md b/2023/CVE-2023-43356.md
index 85d60a8e6..9c93343d3 100644
--- a/2023/CVE-2023-43356.md
+++ b/2023/CVE-2023-43356.md
@@ -14,4 +14,5 @@ Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local atta
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings
diff --git a/2023/CVE-2023-43357.md b/2023/CVE-2023-43357.md
index ceacb4129..ba3c68230 100644
--- a/2023/CVE-2023-43357.md
+++ b/2023/CVE-2023-43357.md
@@ -14,4 +14,5 @@ Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local atta
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut
diff --git a/2023/CVE-2023-43358.md b/2023/CVE-2023-43358.md
index edab2e54a..9762c4ac1 100644
--- a/2023/CVE-2023-43358.md
+++ b/2023/CVE-2023-43358.md
@@ -15,4 +15,5 @@ Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local atta
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43358-CMSmadesimple-Stored-XSS---News
diff --git a/2023/CVE-2023-43359.md b/2023/CVE-2023-43359.md
index d0b4a30ce..775731597 100644
--- a/2023/CVE-2023-43359.md
+++ b/2023/CVE-2023-43359.md
@@ -14,4 +14,5 @@ Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local atta
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager
diff --git a/2023/CVE-2023-43360.md b/2023/CVE-2023-43360.md
index ca92d6f1e..9a4870863 100644
--- a/2023/CVE-2023-43360.md
+++ b/2023/CVE-2023-43360.md
@@ -15,4 +15,5 @@ Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local atta
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sromanhu/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension
diff --git a/2023/CVE-2023-43662.md b/2023/CVE-2023-43662.md
new file mode 100644
index 000000000..abd891c9a
--- /dev/null
+++ b/2023/CVE-2023-43662.md
@@ -0,0 +1,17 @@
+### [CVE-2023-43662](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43662)
+
+
+&color=brighgreen)
+
+### Description
+
+ShokoServer is a media server which specializes in organizing anime. In affected versions the `/api/Image/WithPath` endpoint is accessible without authentication and is supposed to return default server images. The endpoint accepts the parameter `serverImagePath`, which is not sanitized in any way before being passed to `System.IO.File.OpenRead`, which results in an arbitrary file read. This issue may lead to an arbitrary file read which is exacerbated in the windows installer which installs the ShokoServer as administrator. Any unauthenticated attacker may be able to access sensitive information and read files stored on the server. The `/api/Image/WithPath` endpoint has been removed in commit `6c57ba0f0` which will be included in subsequent releases. Users should limit access to the `/api/Image/WithPath` endpoint or manually patch their installations until a patched release is made. This issue was discovered by the GitHub Security lab and is also indexed as GHSL-2023-191.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/wy876/POC
+
diff --git a/2023/CVE-2023-43955.md b/2023/CVE-2023-43955.md
index cf84a8909..7deb34aba 100644
--- a/2023/CVE-2023-43955.md
+++ b/2023/CVE-2023-43955.md
@@ -15,6 +15,7 @@ The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandl
- https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk
#### Github
+- https://github.com/actuator/com.phlox.tvwebbrowser
- https://github.com/actuator/cve
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-44313.md b/2023/CVE-2023-44313.md
new file mode 100644
index 000000000..2cd5bd7a2
--- /dev/null
+++ b/2023/CVE-2023-44313.md
@@ -0,0 +1,17 @@
+### [CVE-2023-44313](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44313)
+
+
+&color=brighgreen)
+
+### Description
+
+Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb before 2.1.0(include).Users are recommended to upgrade to version 2.2.0, which fixes the issue.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/tanjiti/sec_profile
+
diff --git a/2023/CVE-2023-44487.md b/2023/CVE-2023-44487.md
index 113a08f1d..1e77ac6fd 100644
--- a/2023/CVE-2023-44487.md
+++ b/2023/CVE-2023-44487.md
@@ -45,6 +45,7 @@ The HTTP/2 protocol allows a denial of service (server resource consumption) bec
- https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/AlexRogalskiy/AlexRogalskiy
- https://github.com/Austnez/tools
- https://github.com/ByteHackr/CVE-2023-44487
@@ -84,6 +85,7 @@ The HTTP/2 protocol allows a denial of service (server resource consumption) bec
- https://github.com/lucasrod16/exploitlens
- https://github.com/m00dy/r4p1d-r3s3t
- https://github.com/malinkamedok/devops_sandbox
+- https://github.com/micrictor/http2-rst-stream
- https://github.com/ndrscodes/http2-rst-stream-attacker
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nvdg2/http2RapidReset
diff --git a/2023/CVE-2023-4450.md b/2023/CVE-2023-4450.md
index b6e5c4f93..7e8873e55 100644
--- a/2023/CVE-2023-4450.md
+++ b/2023/CVE-2023-4450.md
@@ -14,6 +14,7 @@ No PoCs from references.
#### Github
- https://github.com/Threekiii/Awesome-POC
+- https://github.com/bigblackhat/oFx
- https://github.com/chennbnbnb/JDoop-release
- https://github.com/hxysaury/saury-vulnhub
- https://github.com/ilikeoyt/CVE-2023-4450-Attack
diff --git a/2023/CVE-2023-4462.md b/2023/CVE-2023-4462.md
index f02d25dd2..48b561901 100644
--- a/2023/CVE-2023-4462.md
+++ b/2023/CVE-2023-4462.md
@@ -49,4 +49,5 @@ A vulnerability classified as problematic has been found in Poly Trio 8300, Trio
- https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices
#### Github
+- https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices
diff --git a/2023/CVE-2023-4464.md b/2023/CVE-2023-4464.md
index b59d175ef..030291981 100644
--- a/2023/CVE-2023-4464.md
+++ b/2023/CVE-2023-4464.md
@@ -49,4 +49,5 @@ A vulnerability, which was classified as critical, has been found in Poly Trio 8
- https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices
#### Github
+- https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices
diff --git a/2023/CVE-2023-4465.md b/2023/CVE-2023-4465.md
index 2c946d15c..4b6f198f3 100644
--- a/2023/CVE-2023-4465.md
+++ b/2023/CVE-2023-4465.md
@@ -49,4 +49,5 @@ A vulnerability, which was classified as problematic, was found in Poly Trio 830
- https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices
#### Github
+- https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices
diff --git a/2023/CVE-2023-4467.md b/2023/CVE-2023-4467.md
index ff21efffc..a2c1d62b1 100644
--- a/2023/CVE-2023-4467.md
+++ b/2023/CVE-2023-4467.md
@@ -14,4 +14,5 @@ A vulnerability was found in Poly Trio 8800 7.2.6.0019 and classified as critica
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices
diff --git a/2023/CVE-2023-44811.md b/2023/CVE-2023-44811.md
index 2d0724665..a4c67df12 100644
--- a/2023/CVE-2023-44811.md
+++ b/2023/CVE-2023-44811.md
@@ -13,5 +13,6 @@ Cross Site Request Forgery (CSRF) vulnerability in MooSocial v.3.1.8 allows a re
- https://github.com/ahrixia/CVE-2023-44811
#### Github
+- https://github.com/ahrixia/CVE-2023-44811
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-44812.md b/2023/CVE-2023-44812.md
index e72f2b189..f18a86bbc 100644
--- a/2023/CVE-2023-44812.md
+++ b/2023/CVE-2023-44812.md
@@ -13,5 +13,6 @@ Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote at
- https://github.com/ahrixia/CVE-2023-44812
#### Github
+- https://github.com/ahrixia/CVE-2023-44812
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-44813.md b/2023/CVE-2023-44813.md
index abac28d4d..376d57945 100644
--- a/2023/CVE-2023-44813.md
+++ b/2023/CVE-2023-44813.md
@@ -13,5 +13,6 @@ Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote at
- https://github.com/ahrixia/CVE-2023-44813
#### Github
+- https://github.com/ahrixia/CVE-2023-44813
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-44961.md b/2023/CVE-2023-44961.md
index 669dcf2db..253e4eb94 100644
--- a/2023/CVE-2023-44961.md
+++ b/2023/CVE-2023-44961.md
@@ -13,5 +13,6 @@ SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before allows
- https://github.com/ggb0n/CVE-2023-44961
#### Github
+- https://github.com/ggb0n/CVE-2023-44961
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-44962.md b/2023/CVE-2023-44962.md
index 8ead16aba..d6a9e740e 100644
--- a/2023/CVE-2023-44962.md
+++ b/2023/CVE-2023-44962.md
@@ -13,5 +13,6 @@ File Upload vulnerability in Koha Library Software 23.05.04 and before allows a
- https://github.com/ggb0n/CVE-2023-44962
#### Github
+- https://github.com/ggb0n/CVE-2023-44962
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-45205.md b/2023/CVE-2023-45205.md
index f7c688814..afaddd517 100644
--- a/2023/CVE-2023-45205.md
+++ b/2023/CVE-2023-45205.md
@@ -1,6 +1,6 @@
### [CVE-2023-45205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45205)
-
+
### Description
diff --git a/2023/CVE-2023-45471.md b/2023/CVE-2023-45471.md
index 394f629ad..2572b162a 100644
--- a/2023/CVE-2023-45471.md
+++ b/2023/CVE-2023-45471.md
@@ -13,6 +13,7 @@ The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in vers
- https://github.com/itsAptx/CVE-2023-45471
#### Github
+- https://github.com/itsAptx/CVE-2023-45471
- https://github.com/mehdibelhajamor/CVE-2023-45471
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-45542.md b/2023/CVE-2023-45542.md
index 506b14096..91cd32270 100644
--- a/2023/CVE-2023-45542.md
+++ b/2023/CVE-2023-45542.md
@@ -13,5 +13,6 @@ Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker t
- https://github.com/ahrixia/CVE-2023-45542
#### Github
+- https://github.com/ahrixia/CVE-2023-45542
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-45674.md b/2023/CVE-2023-45674.md
new file mode 100644
index 000000000..3a87f9baa
--- /dev/null
+++ b/2023/CVE-2023-45674.md
@@ -0,0 +1,17 @@
+### [CVE-2023-45674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45674)
+
+
+&color=brighgreen)
+
+### Description
+
+Farmbot-Web-App is a web control interface for the Farmbot farm automation platform. An SQL injection vulnerability was found in FarmBot's web app that allows authenticated attackers to extract arbitrary data from its database (including the user table). This issue may lead to Information Disclosure. This issue has been patched in version 15.8.4. Users are advised to upgrade. There are no known workarounds for this issue.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/OrenGitHub/dhscanner
+
diff --git a/2023/CVE-2023-45802.md b/2023/CVE-2023-45802.md
index f177d8c4f..ed4f7daa5 100644
--- a/2023/CVE-2023-45802.md
+++ b/2023/CVE-2023-45802.md
@@ -13,6 +13,7 @@ When a HTTP/2 stream was reset (RST frame) by a client, there was a time window
No PoCs from references.
#### Github
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/arsenalzp/apch-operator
- https://github.com/karimhabush/cyberowl
- https://github.com/xonoxitron/cpe2cve
diff --git a/2023/CVE-2023-45992.md b/2023/CVE-2023-45992.md
index 3de8bee38..4f4fc5c8f 100644
--- a/2023/CVE-2023-45992.md
+++ b/2023/CVE-2023-45992.md
@@ -14,5 +14,6 @@ A vulnerability in the web-based interface of the RUCKUS Cloudpath product on ve
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/harry935/CVE-2023-45992
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-46014.md b/2023/CVE-2023-46014.md
index 0d627f2a0..e45f796fb 100644
--- a/2023/CVE-2023-46014.md
+++ b/2023/CVE-2023-46014.md
@@ -13,6 +13,7 @@ SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0
- https://github.com/ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability
#### Github
+- https://github.com/ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability
- https://github.com/ersinerenler/Code-Projects-Blood-Bank-1.0
- https://github.com/esasadam06/Simple-CRUD-Functionality-SQLi-POC
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-46015.md b/2023/CVE-2023-46015.md
index 149138c63..8d5f96830 100644
--- a/2023/CVE-2023-46015.md
+++ b/2023/CVE-2023-46015.md
@@ -13,6 +13,7 @@ Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Ban
- https://github.com/ersinerenler/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability
#### Github
+- https://github.com/ersinerenler/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability
- https://github.com/ersinerenler/Code-Projects-Blood-Bank-1.0
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-46016.md b/2023/CVE-2023-46016.md
index f8a9d1c88..9c6f03e0d 100644
--- a/2023/CVE-2023-46016.md
+++ b/2023/CVE-2023-46016.md
@@ -13,6 +13,7 @@ Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows att
- https://github.com/ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability
#### Github
+- https://github.com/ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability
- https://github.com/ersinerenler/Code-Projects-Blood-Bank-1.0
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-46017.md b/2023/CVE-2023-46017.md
index 56a3dcc15..aba14ee28 100644
--- a/2023/CVE-2023-46017.md
+++ b/2023/CVE-2023-46017.md
@@ -13,6 +13,7 @@ SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0
- https://github.com/ersinerenler/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability
#### Github
+- https://github.com/ersinerenler/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability
- https://github.com/ersinerenler/Code-Projects-Blood-Bank-1.0
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-46018.md b/2023/CVE-2023-46018.md
index ba28a29d4..67428a7cc 100644
--- a/2023/CVE-2023-46018.md
+++ b/2023/CVE-2023-46018.md
@@ -13,6 +13,7 @@ SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \
- https://github.com/ersinerenler/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability
#### Github
+- https://github.com/ersinerenler/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability
- https://github.com/ersinerenler/Code-Projects-Blood-Bank-1.0
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-46019.md b/2023/CVE-2023-46019.md
index 5434ef779..d97d23c39 100644
--- a/2023/CVE-2023-46019.md
+++ b/2023/CVE-2023-46019.md
@@ -13,6 +13,7 @@ Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank
- https://github.com/ersinerenler/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability
#### Github
+- https://github.com/ersinerenler/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability
- https://github.com/ersinerenler/Code-Projects-Blood-Bank-1.0
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-46020.md b/2023/CVE-2023-46020.md
index eda46ed76..aaaeb03ac 100644
--- a/2023/CVE-2023-46020.md
+++ b/2023/CVE-2023-46020.md
@@ -13,6 +13,7 @@ Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0
- https://github.com/ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability
#### Github
+- https://github.com/ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability
- https://github.com/ersinerenler/Code-Projects-Blood-Bank-1.0
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-46021.md b/2023/CVE-2023-46021.md
index 04a2df885..b7a128630 100644
--- a/2023/CVE-2023-46021.md
+++ b/2023/CVE-2023-46021.md
@@ -13,6 +13,7 @@ SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows
- https://github.com/ersinerenler/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability
#### Github
+- https://github.com/ersinerenler/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability
- https://github.com/ersinerenler/Code-Projects-Blood-Bank-1.0
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-46022.md b/2023/CVE-2023-46022.md
index 231ed7e7c..b855eb422 100644
--- a/2023/CVE-2023-46022.md
+++ b/2023/CVE-2023-46022.md
@@ -13,6 +13,7 @@ SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows
- https://github.com/ersinerenler/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability
#### Github
+- https://github.com/ersinerenler/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability
- https://github.com/ersinerenler/Code-Projects-Blood-Bank-1.0
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-46404.md b/2023/CVE-2023-46404.md
index 9a5128beb..d6988e03c 100644
--- a/2023/CVE-2023-46404.md
+++ b/2023/CVE-2023-46404.md
@@ -14,4 +14,5 @@ PCRS <= 3.11 (d0de1e) “Questions” page and “Code editor” page are vulner
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/windecks/CVE-2023-46404
diff --git a/2023/CVE-2023-46451.md b/2023/CVE-2023-46451.md
index 6a03e6105..1df7d0001 100644
--- a/2023/CVE-2023-46451.md
+++ b/2023/CVE-2023-46451.md
@@ -15,4 +15,5 @@ Best Courier Management System v1.0 is vulnerable to Cross Site Scripting (XSS)
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/sajaljat/CVE-2023-46451
diff --git a/2023/CVE-2023-46480.md b/2023/CVE-2023-46480.md
index 9bc11a4c7..9cfbd4b73 100644
--- a/2023/CVE-2023-46480.md
+++ b/2023/CVE-2023-46480.md
@@ -14,4 +14,5 @@ An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code a
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/shahzaibak96/CVE-2023-46480
diff --git a/2023/CVE-2023-46694.md b/2023/CVE-2023-46694.md
index 84432f9a5..7cbdc452d 100644
--- a/2023/CVE-2023-46694.md
+++ b/2023/CVE-2023-46694.md
@@ -13,4 +13,5 @@ Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potent
- https://github.com/invisiblebyte/CVE-2023-46694
#### Github
+- https://github.com/invisiblebyte/CVE-2023-46694
diff --git a/2023/CVE-2023-46747.md b/2023/CVE-2023-46747.md
index 63e48a5b3..8ba473a12 100644
--- a/2023/CVE-2023-46747.md
+++ b/2023/CVE-2023-46747.md
@@ -13,6 +13,7 @@ Undisclosed requests may bypass configuration utility authentication, allowing a
- http://packetstormsecurity.com/files/175673/F5-BIG-IP-TMUI-AJP-Smuggling-Remote-Command-Execution.html
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/AliBrTab/CVE-2023-46747-POC
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
diff --git a/2023/CVE-2023-46865.md b/2023/CVE-2023-46865.md
index 08036db58..8bb60ab7b 100644
--- a/2023/CVE-2023-46865.md
+++ b/2023/CVE-2023-46865.md
@@ -15,6 +15,7 @@
- https://notes.netbytesec.com/2023/11/post-auth-rce-in-crater-invoice.html
#### Github
+- https://github.com/asylumdx/Crater-CVE-2023-46865-RCE
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-48078.md b/2023/CVE-2023-48078.md
index 0a3540a0a..1b5888e61 100644
--- a/2023/CVE-2023-48078.md
+++ b/2023/CVE-2023-48078.md
@@ -13,4 +13,5 @@ SQL Injection vulnerability in add.php in Simple CRUD Functionality v1.0 allows
- https://github.com/esasadam06/Simple-CRUD-Functionality-SQLi-POC
#### Github
+- https://github.com/esasadam06/Simple-CRUD-Functionality-SQLi-POC
diff --git a/2023/CVE-2023-48104.md b/2023/CVE-2023-48104.md
index 04e10224f..83058ad40 100644
--- a/2023/CVE-2023-48104.md
+++ b/2023/CVE-2023-48104.md
@@ -14,5 +14,6 @@ Alinto SOGo before 5.9.1 is vulnerable to HTML Injection.
- https://habr.com/ru/articles/804863/
#### Github
+- https://github.com/E1tex/CVE-2023-48104
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-48193.md b/2023/CVE-2023-48193.md
index 44f018cfc..e372e513a 100644
--- a/2023/CVE-2023-48193.md
+++ b/2023/CVE-2023-48193.md
@@ -5,7 +5,7 @@
### Description
-Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function.
+** DISPUTED ** Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users who are allowed to execute files.
### POC
diff --git a/2023/CVE-2023-48849.md b/2023/CVE-2023-48849.md
index 823cc14c9..baa514209 100644
--- a/2023/CVE-2023-48849.md
+++ b/2023/CVE-2023-48849.md
@@ -13,5 +13,6 @@ Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthentica
- https://github.com/delsploit/CVE-2023-48849
#### Github
+- https://github.com/delsploit/CVE-2023-48849
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-48858.md b/2023/CVE-2023-48858.md
index 943148ee4..f1e844dc8 100644
--- a/2023/CVE-2023-48858.md
+++ b/2023/CVE-2023-48858.md
@@ -13,5 +13,6 @@ A Cross-site scripting (XSS) vulnerability in login page php code in Armex ABO.C
- https://github.com/Shumerez/CVE-2023-48858
#### Github
+- https://github.com/Shumerez/CVE-2023-48858
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-49052.md b/2023/CVE-2023-49052.md
index 98c51d2ea..a9d5ae82e 100644
--- a/2023/CVE-2023-49052.md
+++ b/2023/CVE-2023-49052.md
@@ -14,5 +14,6 @@ File Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to exec
- https://github.com/Cyber-Wo0dy/report/blob/main/microweber/v2.0.4/microweber_unrestricted_upload
#### Github
+- https://github.com/Cyber-Wo0dy/CVE-2023-49052
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-49110.md b/2023/CVE-2023-49110.md
new file mode 100644
index 000000000..03b7b7694
--- /dev/null
+++ b/2023/CVE-2023-49110.md
@@ -0,0 +1,17 @@
+### [CVE-2023-49110](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49110)
+
+
+
+
+### Description
+
+When the Kiuwan Local Analyzer uploads the scan results to the Kiuwan SAST web application (either on-premises or cloud/SaaS solution), the transmitted data consists of a ZIP archive containing several files, some of them in the XML file format. During Kiuwan's server-side processing of these XML files, it resolves external XML entities, resulting in a XML external entity injection attack. An attacker with privileges to scan source code within the "Code Security" module is able to extract any files of the operating system with the rights of the application server user and is potentially able to gain sensitive files, such as configuration and passwords. Furthermore, this vulnerability also allows an attacker to initiate connections to internal systems, e.g. for port scans or accessing other internal functions / applications such as the Wildfly admin console of Kiuwan.This issue affects Kiuwan SAST: = V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)), SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)), SENTRON 7KM PAC3220 AC/DC (7KM3220-0BA01-1DA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)), SENTRON 7KM PAC3220 DC (7KM3220-1BA01-1EA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)). The read out protection of the internal flash of affected devices was not properly set at the end of the manufacturing process.
-
-An attacker with physical access to the device could read out the data.
+A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)), SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)), SENTRON 7KM PAC3220 AC/DC (7KM3220-0BA01-1DA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)), SENTRON 7KM PAC3220 DC (7KM3220-1BA01-1EA0) (All versions >= V3.2.3 < V3.3.0 only when manufactured between LQN231003... and LQN231215... ( with LQNYYMMDD...)). The read out protection of the internal flash of affected devices was not properly set at the end of the manufacturing process.
An attacker with physical access to the device could read out the data.
### POC
diff --git a/2024/CVE-2024-21484.md b/2024/CVE-2024-21484.md
index f02c68c39..3fa96105c 100644
--- a/2024/CVE-2024-21484.md
+++ b/2024/CVE-2024-21484.md
@@ -9,11 +9,7 @@
### Description
-Versions of the package jsrsasign before 11.0.0 are vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process. An attacker can decrypt ciphertexts by exploiting the Marvin security flaw. Exploiting this vulnerability requires the attacker to have access to a large number of ciphertexts encrypted with the same key.
-
- Workaround
-
-The vulnerability can be mitigated by finding and replacing RSA and RSAOAEP decryption with another crypto library.
+Versions of the package jsrsasign before 11.0.0 are vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process. An attacker can decrypt ciphertexts by exploiting the Marvin security flaw. Exploiting this vulnerability requires the attacker to have access to a large number of ciphertexts encrypted with the same key.
Workaround
The vulnerability can be mitigated by finding and replacing RSA and RSAOAEP decryption with another crypto library.
### POC
diff --git a/2024/CVE-2024-21485.md b/2024/CVE-2024-21485.md
index cd4ec6027..9b65faa5e 100644
--- a/2024/CVE-2024-21485.md
+++ b/2024/CVE-2024-21485.md
@@ -9,11 +9,7 @@
### Description
-Versions of the package dash-core-components before 2.13.0; versions of the package dash-core-components before 2.0.0; versions of the package dash before 2.15.0; versions of the package dash-html-components before 2.0.0; versions of the package dash-html-components before 2.0.16 are vulnerable to Cross-site Scripting (XSS) when the href of the a tag is controlled by an adversary. An authenticated attacker who stores a view that exploits this vulnerability could steal the data that's visible to another user who opens that view - not just the data already included on the page, but they could also, in theory, make additional requests and access other data accessible to this user. In some cases, they could also steal the access tokens of that user, which would allow the attacker to act as that user, including viewing other apps and resources hosted on the same server.
-
-**Note:**
-
-This is only exploitable in Dash apps that include some mechanism to store user input to be reloaded by a different user.
+Versions of the package dash-core-components before 2.13.0; versions of the package dash-core-components before 2.0.0; versions of the package dash before 2.15.0; versions of the package dash-html-components before 2.0.0; versions of the package dash-html-components before 2.0.16 are vulnerable to Cross-site Scripting (XSS) when the href of the a tag is controlled by an adversary. An authenticated attacker who stores a view that exploits this vulnerability could steal the data that's visible to another user who opens that view - not just the data already included on the page, but they could also, in theory, make additional requests and access other data accessible to this user. In some cases, they could also steal the access tokens of that user, which would allow the attacker to act as that user, including viewing other apps and resources hosted on the same server.
**Note:**
This is only exploitable in Dash apps that include some mechanism to store user input to be reloaded by a different user.
### POC
diff --git a/2024/CVE-2024-21490.md b/2024/CVE-2024-21490.md
index f1ca5adff..317fd9815 100644
--- a/2024/CVE-2024-21490.md
+++ b/2024/CVE-2024-21490.md
@@ -7,12 +7,7 @@
### Description
-This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service.
-
-
-**Note:**
-
-This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).
+This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service.
**Note:**
This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).
### POC
diff --git a/2024/CVE-2024-21491.md b/2024/CVE-2024-21491.md
index c3b34a3c6..39a227ac2 100644
--- a/2024/CVE-2024-21491.md
+++ b/2024/CVE-2024-21491.md
@@ -5,11 +5,7 @@
### Description
-Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches the beginning of the actual signature.
-
-**Note:**
-
-The attacker would need to know a victim uses the Rust library for verification,no easy way to automatically check that; and uses webhooks by a service that uses Svix, and then figure out a way to craft a malicious payload that will actually include all of the correct identifiers needed to trick the receivers to cause actual issues.
+Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches the beginning of the actual signature.
**Note:**
The attacker would need to know a victim uses the Rust library for verification,no easy way to automatically check that; and uses webhooks by a service that uses Svix, and then figure out a way to craft a malicious payload that will actually include all of the correct identifiers needed to trick the receivers to cause actual issues.
### POC
diff --git a/2024/CVE-2024-21503.md b/2024/CVE-2024-21503.md
index 92d42803c..07e8c2c20 100644
--- a/2024/CVE-2024-21503.md
+++ b/2024/CVE-2024-21503.md
@@ -5,9 +5,7 @@
### Description
-Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service.
-
-Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings.
+Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service.
Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings.
### POC
diff --git a/2024/CVE-2024-21505.md b/2024/CVE-2024-21505.md
index 3fc5117d1..be237606d 100644
--- a/2024/CVE-2024-21505.md
+++ b/2024/CVE-2024-21505.md
@@ -5,8 +5,7 @@
### Description
-Versions of the package web3-utils before 4.2.1 are vulnerable to Prototype Pollution via the utility functions format and mergeDeep, due to insecure recursive merge.
-An attacker can manipulate an object's prototype, potentially leading to the alteration of the behavior of all objects inheriting from the affected prototype by passing specially crafted input to these functions.
+Versions of the package web3-utils before 4.2.1 are vulnerable to Prototype Pollution via the utility functions format and mergeDeep, due to insecure recursive merge.
An attacker can manipulate an object's prototype, potentially leading to the alteration of the behavior of all objects inheriting from the affected prototype by passing specially crafted input to these functions.
### POC
diff --git a/2024/CVE-2024-21677.md b/2024/CVE-2024-21677.md
index 33d2583ba..88ae3466f 100644
--- a/2024/CVE-2024-21677.md
+++ b/2024/CVE-2024-21677.md
@@ -14,6 +14,7 @@ No PoCs from references.
#### Github
- https://github.com/NaInSec/CVE-LIST
+- https://github.com/enomothem/PenTestNote
- https://github.com/netlas-io/netlas-dorks
- https://github.com/tanjiti/sec_profile
diff --git a/2024/CVE-2024-21683.md b/2024/CVE-2024-21683.md
index d01ef1d9e..f82503542 100644
--- a/2024/CVE-2024-21683.md
+++ b/2024/CVE-2024-21683.md
@@ -5,7 +5,7 @@
### Description
-This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.3, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.htmlYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.This vulnerability was found internally.
+This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.htmlYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.This vulnerability was found internally.
### POC
@@ -21,6 +21,7 @@ No PoCs from references.
- https://github.com/ZonghaoLi777/githubTrending
- https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server
- https://github.com/aneasystone/github-trending
+- https://github.com/enomothem/PenTestNote
- https://github.com/fireinrain/github-trending
- https://github.com/jafshare/GithubTrending
- https://github.com/johe123qwe/github-trending
diff --git a/2024/CVE-2024-21733.md b/2024/CVE-2024-21733.md
index 3780fd7ad..08ddba969 100644
--- a/2024/CVE-2024-21733.md
+++ b/2024/CVE-2024-21733.md
@@ -17,6 +17,7 @@ Generation of Error Message Containing Sensitive Information vulnerability in Ap
- https://github.com/Marco-zcl/POC
- https://github.com/Ostorlab/KEV
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/versio-io/product-lifecycle-security-api
- https://github.com/wjlin0/poc-doc
- https://github.com/wy876/POC
diff --git a/2024/CVE-2024-21751.md b/2024/CVE-2024-21751.md
new file mode 100644
index 000000000..a5c597c6a
--- /dev/null
+++ b/2024/CVE-2024-21751.md
@@ -0,0 +1,17 @@
+### [CVE-2024-21751](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21751)
+
+
+
+
+### Description
+
+Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-21798.md b/2024/CVE-2024-21798.md
index e1c9c7e62..0aac23f47 100644
--- a/2024/CVE-2024-21798.md
+++ b/2024/CVE-2024-21798.md
@@ -1,4 +1,5 @@
### [CVE-2024-21798](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21798)
+
@@ -8,13 +9,14 @@
+
&color=brighgreen)
### Description
-ELECOM wireless LAN routers contain a cross-site scripting vulnerability. Assume that a malicious administrative user configures the affected product with specially crafted content. When another administrative user logs in and operates the product, an arbitrary script may be executed on the web browser. Affected products and versions are as follows: WRC-1167GS2-B v1.67 and earlier, WRC-1167GS2H-B v1.67 and earlier, WRC-2533GS2-B v1.62 and earlier, WRC-2533GS2-W v1.62 and earlier, WRC-2533GS2V-B v1.62 and earlier, WRC-X3200GST3-B v1.25 and earlier, and WRC-G01-W v1.24 and earlier.
+ELECOM wireless LAN routers contain a cross-site scripting vulnerability. Assume that a malicious administrative user configures the affected product with specially crafted content. When another administrative user logs in and operates the product, an arbitrary script may be executed on the web browser. Note that WMC-X1800GST-B is also included in e-Mesh Starter Kit "WMC-2LX-B".
### POC
diff --git a/2024/CVE-2024-2193.md b/2024/CVE-2024-2193.md
index 86dbe3543..852edd609 100644
--- a/2024/CVE-2024-2193.md
+++ b/2024/CVE-2024-2193.md
@@ -16,6 +16,7 @@ A Speculative Race Condition (SRC) vulnerability that impacts modern CPU archite
#### Github
- https://github.com/NaInSec/CVE-LIST
+- https://github.com/codexlynx/hardware-attacks-state-of-the-art
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/uthrasri/CVE-2024-2193
diff --git a/2024/CVE-2024-22002.md b/2024/CVE-2024-22002.md
new file mode 100644
index 000000000..b467f6fa7
--- /dev/null
+++ b/2024/CVE-2024-22002.md
@@ -0,0 +1,18 @@
+### [CVE-2024-22002](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22002)
+
+
+
+
+### Description
+
+CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged users to insert DLL files in the cuepkg-1.2.6 subdirectory of the installation directory.
+
+### POC
+
+#### Reference
+- https://github.com/0xkickit/iCUE_DllHijack_LPE-CVE-2024-22002
+
+#### Github
+- https://github.com/0xkickit/iCUE_DllHijack_LPE-CVE-2024-22002
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-22039.md b/2024/CVE-2024-22039.md
index 04ffb7ef3..71771a038 100644
--- a/2024/CVE-2024-22039.md
+++ b/2024/CVE-2024-22039.md
@@ -37,8 +37,7 @@
### Description
-A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.6602), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions < V3.2.6601), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.2.5015), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions < MP8), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions < MP6 SR3), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions < MP7 SR5), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions < V3.0.6602), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.0.5016), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions < V3.2.6601), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.2.5015), Sinteso Mobile (All versions < V3.0.0). The network communication library in affected systems does not validate the length of certain X.509 certificate attributes which might result in a stack-based buffer overflow.
-This could allow an unauthenticated remote attacker to execute code on the underlying operating system with root privileges.
+A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.6602), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions < V3.2.6601), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.2.5015), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions < MP8), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions < MP6 SR3), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions < MP7 SR5), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions < V3.0.6602), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.0.5016), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions < V3.2.6601), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.2.5015), Sinteso Mobile (All versions < V3.0.0). The network communication library in affected systems does not validate the length of certain X.509 certificate attributes which might result in a stack-based buffer overflow.
This could allow an unauthenticated remote attacker to execute code on the underlying operating system with root privileges.
### POC
diff --git a/2024/CVE-2024-22040.md b/2024/CVE-2024-22040.md
index fd024cbed..ac5f425f0 100644
--- a/2024/CVE-2024-22040.md
+++ b/2024/CVE-2024-22040.md
@@ -33,8 +33,7 @@
### Description
-A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.3.5617), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions), Sinteso FS20 EN Fire Panel FC20 MP8 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems insufficiently validates HMAC values which might result in a buffer overread.
-This could allow an unauthenticated remote attacker to crash the network service.
+A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.3.5617), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions), Sinteso FS20 EN Fire Panel FC20 MP8 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems insufficiently validates HMAC values which might result in a buffer overread.
This could allow an unauthenticated remote attacker to crash the network service.
### POC
diff --git a/2024/CVE-2024-22041.md b/2024/CVE-2024-22041.md
index 7472f7796..8f25ddab2 100644
--- a/2024/CVE-2024-22041.md
+++ b/2024/CVE-2024-22041.md
@@ -33,8 +33,7 @@
### Description
-A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.3.5617), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions), Sinteso FS20 EN Fire Panel FC20 MP8 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems improperly handles memory buffers when parsing X.509 certificates.
-This could allow an unauthenticated remote attacker to crash the network service.
+A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.3.5617), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions), Sinteso FS20 EN Fire Panel FC20 MP8 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems improperly handles memory buffers when parsing X.509 certificates.
This could allow an unauthenticated remote attacker to crash the network service.
### POC
diff --git a/2024/CVE-2024-22120.md b/2024/CVE-2024-22120.md
index 81e7730cf..8cfd0b32b 100644
--- a/2024/CVE-2024-22120.md
+++ b/2024/CVE-2024-22120.md
@@ -19,6 +19,7 @@ Zabbix server can perform command execution for configured scripts. After comman
- https://github.com/W01fh4cker/CVE-2024-22120-RCE
- https://github.com/ZonghaoLi777/githubTrending
- https://github.com/aneasystone/github-trending
+- https://github.com/enomothem/PenTestNote
- https://github.com/fireinrain/github-trending
- https://github.com/johe123qwe/github-trending
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-2218.md b/2024/CVE-2024-2218.md
new file mode 100644
index 000000000..0004f8a11
--- /dev/null
+++ b/2024/CVE-2024-2218.md
@@ -0,0 +1,17 @@
+### [CVE-2024-2218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2218)
+
+
+&color=brighgreen)
+
+### Description
+
+The LuckyWP Table of Contents WordPress plugin through 2.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/ecd615f7-946e-45af-a610-0654a243b1dc/
+
+#### Github
+- https://github.com/DojoSecurity/DojoSecurity
+
diff --git a/2024/CVE-2024-22296.md b/2024/CVE-2024-22296.md
new file mode 100644
index 000000000..32667221e
--- /dev/null
+++ b/2024/CVE-2024-22296.md
@@ -0,0 +1,17 @@
+### [CVE-2024-22296](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22296)
+
+
+
+
+### Description
+
+Missing Authorization vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.28.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-22298.md b/2024/CVE-2024-22298.md
new file mode 100644
index 000000000..eee87fdab
--- /dev/null
+++ b/2024/CVE-2024-22298.md
@@ -0,0 +1,17 @@
+### [CVE-2024-22298](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22298)
+
+
+
+
+### Description
+
+Missing Authorization vulnerability in TMS Amelia ameliabooking.This issue affects Amelia: from n/a through 1.0.98.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-22514.md b/2024/CVE-2024-22514.md
index 21b2960f3..2cc450567 100644
--- a/2024/CVE-2024-22514.md
+++ b/2024/CVE-2024-22514.md
@@ -14,5 +14,6 @@ An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run
#### Github
- https://github.com/Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution
+- https://github.com/Orange-418/CVE-2024-22514-Remote-Code-Execution
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-22515.md b/2024/CVE-2024-22515.md
index be03dc8ce..8f3912f6a 100644
--- a/2024/CVE-2024-22515.md
+++ b/2024/CVE-2024-22515.md
@@ -14,5 +14,6 @@ Unrestricted File Upload vulnerability in iSpyConnect.com Agent DVR 5.1.6.0 allo
#### Github
- https://github.com/Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution
+- https://github.com/Orange-418/CVE-2024-22515-File-Upload-Vulnerability
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-22532.md b/2024/CVE-2024-22532.md
index edd08fb65..b680f748c 100644
--- a/2024/CVE-2024-22532.md
+++ b/2024/CVE-2024-22532.md
@@ -15,4 +15,5 @@ Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x86) allows
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/pwndorei/CVE-2024-22532
diff --git a/2024/CVE-2024-2257.md b/2024/CVE-2024-2257.md
new file mode 100644
index 000000000..9dafdd26a
--- /dev/null
+++ b/2024/CVE-2024-2257.md
@@ -0,0 +1,17 @@
+### [CVE-2024-2257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2257)
+
+
+
+
+### Description
+
+This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to improper implementation of password policies. An attacker with physical access could exploit this by creating password that do not adhere to the defined security standards/policy on the vulnerable system.Successful exploitation of this vulnerability could allow the attacker to expose the router to potential security threats.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-22640.md b/2024/CVE-2024-22640.md
index 71a910679..1621d88b2 100644
--- a/2024/CVE-2024-22640.md
+++ b/2024/CVE-2024-22640.md
@@ -15,4 +15,5 @@ TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Servi
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/zunak/CVE-2024-22640
diff --git a/2024/CVE-2024-22641.md b/2024/CVE-2024-22641.md
index 3d33413d0..f28241a95 100644
--- a/2024/CVE-2024-22641.md
+++ b/2024/CVE-2024-22641.md
@@ -14,4 +14,5 @@ TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/zunak/CVE-2024-22641
diff --git a/2024/CVE-2024-22663.md b/2024/CVE-2024-22663.md
index 9fd1e5b85..67bb5aa7d 100644
--- a/2024/CVE-2024-22663.md
+++ b/2024/CVE-2024-22663.md
@@ -13,5 +13,5 @@ TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via s
- https://github.com/Covteam/iot_vuln/tree/main/setOpModeCfg2
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/Joe1sn/Joe1sn
diff --git a/2024/CVE-2024-22752.md b/2024/CVE-2024-22752.md
index c0ffdbe0f..983439705 100644
--- a/2024/CVE-2024-22752.md
+++ b/2024/CVE-2024-22752.md
@@ -13,5 +13,6 @@ Insecure permissions issue in EaseUS MobiMover 6.0.5 Build 21620 allows attacker
- https://github.com/hacker625/CVE-2024-22752
#### Github
+- https://github.com/hacker625/CVE-2024-22752
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-22795.md b/2024/CVE-2024-22795.md
index 8ec44f9ee..6c48f2aed 100644
--- a/2024/CVE-2024-22795.md
+++ b/2024/CVE-2024-22795.md
@@ -13,4 +13,5 @@ Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 a
- https://github.com/Hagrid29/ForeScout-SecureConnector-EoP
#### Github
+- https://github.com/Hagrid29/ForeScout-SecureConnector-EoP
diff --git a/2024/CVE-2024-22855.md b/2024/CVE-2024-22855.md
new file mode 100644
index 000000000..502c3dda6
--- /dev/null
+++ b/2024/CVE-2024-22855.md
@@ -0,0 +1,17 @@
+### [CVE-2024-22855](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22855)
+
+
+
+
+### Description
+
+A cross-site scripting (XSS) vulnerability in the User Maintenance section of ITSS iMLog v1.307 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter.
+
+### POC
+
+#### Reference
+- https://www.exploit-db.com/exploits/52025
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-22889.md b/2024/CVE-2024-22889.md
index f29435462..31d6a41fa 100644
--- a/2024/CVE-2024-22889.md
+++ b/2024/CVE-2024-22889.md
@@ -15,4 +15,5 @@ Due to incorrect access control in Plone version v6.0.9, remote attackers can vi
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9
diff --git a/2024/CVE-2024-22939.md b/2024/CVE-2024-22939.md
index 6e0aec1dd..ebef31f9a 100644
--- a/2024/CVE-2024-22939.md
+++ b/2024/CVE-2024-22939.md
@@ -14,5 +14,6 @@ Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacke
- https://github.com/NUDTTAN91/CVE20240109/blob/master/README.md
#### Github
+- https://github.com/NUDTTAN91/CVE-2024-22939
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-23120.md b/2024/CVE-2024-23120.md
index bf54d29ff..1c9706cf5 100644
--- a/2024/CVE-2024-23120.md
+++ b/2024/CVE-2024-23120.md
@@ -1,11 +1,11 @@
### [CVE-2024-23120](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23120)
-
+
### Description
-A maliciously crafted STP file in ASMIMPORT228A.dll when parsed throughAutodesk AutoCAD can force an Out-of-Bound Write. A malicious actor canleverage this vulnerability to cause a crash, write sensitive data, or executearbitrary code in the context of the current process.
+A maliciously crafted STP and STEP file when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll and through Autodesk applications can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
### POC
diff --git a/2024/CVE-2024-23121.md b/2024/CVE-2024-23121.md
index 90180675d..41deb28ce 100644
--- a/2024/CVE-2024-23121.md
+++ b/2024/CVE-2024-23121.md
@@ -1,11 +1,11 @@
### [CVE-2024-23121](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23121)
-
+
### Description
-A maliciously crafted MODEL file in libodxdll.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
+A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk applications can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
### POC
diff --git a/2024/CVE-2024-23134.md b/2024/CVE-2024-23134.md
index f4847550d..7e5dfc20f 100644
--- a/2024/CVE-2024-23134.md
+++ b/2024/CVE-2024-23134.md
@@ -1,5 +1,5 @@
### [CVE-2024-23134](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23134)
-
+
diff --git a/2024/CVE-2024-23282.md b/2024/CVE-2024-23282.md
new file mode 100644
index 000000000..fd7295925
--- /dev/null
+++ b/2024/CVE-2024-23282.md
@@ -0,0 +1,21 @@
+### [CVE-2024-23282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23282)
+
+
+
+
+
+
+
+
+### Description
+
+The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. A maliciously crafted email may be able to initiate FaceTime calls without user authorization.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/dlehgus1023/dlehgus1023
+
diff --git a/2024/CVE-2024-23524.md b/2024/CVE-2024-23524.md
new file mode 100644
index 000000000..6c1ff8f70
--- /dev/null
+++ b/2024/CVE-2024-23524.md
@@ -0,0 +1,17 @@
+### [CVE-2024-23524](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23524)
+
+
+
+
+### Description
+
+Missing Authorization vulnerability in ONTRAPORT Inc. PilotPress.This issue affects PilotPress: from n/a through 2.0.30.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-23656.md b/2024/CVE-2024-23656.md
index ae2510dec..021bf720f 100644
--- a/2024/CVE-2024-23656.md
+++ b/2024/CVE-2024-23656.md
@@ -11,6 +11,7 @@ Dex is an identity service that uses OpenID Connect to drive authentication for
### POC
#### Reference
+- https://github.com/dexidp/dex/pull/2964
- https://github.com/dexidp/dex/security/advisories/GHSA-gr79-9v6v-gc9r
#### Github
diff --git a/2024/CVE-2024-2369.md b/2024/CVE-2024-2369.md
index 98fb64afc..8d1a29b02 100644
--- a/2024/CVE-2024-2369.md
+++ b/2024/CVE-2024-2369.md
@@ -14,4 +14,5 @@ The Page Builder Gutenberg Blocks WordPress plugin before 3.1.7 does not validat
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/tanjiti/sec_profile
diff --git a/2024/CVE-2024-23692.md b/2024/CVE-2024-23692.md
index 92c1abff9..2b16f998e 100644
--- a/2024/CVE-2024-23692.md
+++ b/2024/CVE-2024-23692.md
@@ -14,5 +14,9 @@
- https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/Threekiii/CVE
+- https://github.com/enomothem/PenTestNote
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/tanjiti/sec_profile
+- https://github.com/wy876/POC
diff --git a/2024/CVE-2024-23745.md b/2024/CVE-2024-23745.md
index 27782d61b..65419c0ce 100644
--- a/2024/CVE-2024-23745.md
+++ b/2024/CVE-2024-23745.md
@@ -16,6 +16,7 @@
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/louiselalanne/CVE-2024-23745
- https://github.com/louiselalanne/louiselalanne
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-23746.md b/2024/CVE-2024-23746.md
index 8636a7f46..d930edb92 100644
--- a/2024/CVE-2024-23746.md
+++ b/2024/CVE-2024-23746.md
@@ -14,6 +14,7 @@ Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/louiselalanne/CVE-2024-23746
- https://github.com/louiselalanne/louiselalanne
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-23747.md b/2024/CVE-2024-23747.md
index f8bd2f719..e96a383fd 100644
--- a/2024/CVE-2024-23747.md
+++ b/2024/CVE-2024-23747.md
@@ -13,6 +13,7 @@ The Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible t
- https://github.com/louiselalanne/CVE-2024-23747
#### Github
+- https://github.com/louiselalanne/CVE-2024-23747
- https://github.com/louiselalanne/louiselalanne
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-2389.md b/2024/CVE-2024-2389.md
index 2ce9377b0..a005a5bed 100644
--- a/2024/CVE-2024-2389.md
+++ b/2024/CVE-2024-2389.md
@@ -17,6 +17,7 @@ No PoCs from references.
- https://github.com/RhinoSecurityLabs/CVEs
- https://github.com/YN1337/exploit
- https://github.com/adhikara13/CVE-2024-2389
+- https://github.com/enomothem/PenTestNote
- https://github.com/getdrive/PoC
- https://github.com/mayur-esh/vuln-liners
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-23910.md b/2024/CVE-2024-23910.md
index 2f8674dd6..cbc63c796 100644
--- a/2024/CVE-2024-23910.md
+++ b/2024/CVE-2024-23910.md
@@ -1,4 +1,5 @@
### [CVE-2024-23910](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23910)
+
@@ -6,15 +7,17 @@
+
+
&color=brighgreen)
### Description
-Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Affected products and versions are as follows: WRC-1167GS2-B v1.67 and earlier, WRC-1167GS2H-B v1.67 and earlier, WRC-2533GS2-B v1.62 and earlier, WRC-2533GS2-W v1.62 and earlier, WRC-2533GS2V-B v1.62 and earlier, WRC-X3200GST3-B v1.25 and earlier, and WRC-G01-W v1.24 and earlier.
+Cross-site request forgery (CSRF) vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B are also included in e-Mesh Starter Kit "WMC-2LX-B".
### POC
diff --git a/2024/CVE-2024-24051.md b/2024/CVE-2024-24051.md
new file mode 100644
index 000000000..8569dd046
--- /dev/null
+++ b/2024/CVE-2024-24051.md
@@ -0,0 +1,17 @@
+### [CVE-2024-24051](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24051)
+
+
+
+
+### Description
+
+Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file.
+
+### POC
+
+#### Reference
+- https://github.com/tkruppert/Reported_Vulnerabilities/blob/main/CVE-2024-24051.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-24320.md b/2024/CVE-2024-24320.md
new file mode 100644
index 000000000..a64b51533
--- /dev/null
+++ b/2024/CVE-2024-24320.md
@@ -0,0 +1,17 @@
+### [CVE-2024-24320](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24320)
+
+
+
+
+### Description
+
+Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function.
+
+### POC
+
+#### Reference
+- https://datack.my/cloudpanel-v2-0-0-v2-4-0-authenticated-user-session-hijacking-cve-2024-24320/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-24590.md b/2024/CVE-2024-24590.md
index 74f3412a8..2588ad8b9 100644
--- a/2024/CVE-2024-24590.md
+++ b/2024/CVE-2024-24590.md
@@ -14,4 +14,5 @@ No PoCs from references.
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-24919.md b/2024/CVE-2024-24919.md
index c8476995b..c71029943 100644
--- a/2024/CVE-2024-24919.md
+++ b/2024/CVE-2024-24919.md
@@ -32,6 +32,7 @@ No PoCs from references.
- https://github.com/Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN
- https://github.com/RevoltSecurities/CVE-2024-24919
- https://github.com/Rug4lo/CVE-2024-24919-Exploit
+- https://github.com/Threekiii/CVE
- https://github.com/Tim-Hoekstra/CVE-2024-24919
- https://github.com/Vulnpire/CVE-2024-24919
- https://github.com/YN1337/CVE-2024-24919
@@ -39,7 +40,9 @@ No PoCs from references.
- https://github.com/bigb0x/CVE-2024-24919-Sniper
- https://github.com/birdlex/cve-2024-24919-checker
- https://github.com/c3rrberu5/CVE-2024-24919
+- https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap
- https://github.com/emanueldosreis/CVE-2024-24919
+- https://github.com/enomothem/PenTestNote
- https://github.com/eoslvs/CVE-2024-24919
- https://github.com/fernandobortotti/CVE-2024-24919
- https://github.com/gurudattch/CVE-2024-24919
diff --git a/2024/CVE-2024-2511.md b/2024/CVE-2024-2511.md
index 246220209..1f2372537 100644
--- a/2024/CVE-2024-2511.md
+++ b/2024/CVE-2024-2511.md
@@ -14,6 +14,7 @@ No PoCs from references.
#### Github
- https://github.com/GrigGM/05-virt-04-docker-hw
+- https://github.com/bcgov/jag-cdds
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-25111.md b/2024/CVE-2024-25111.md
new file mode 100644
index 000000000..99fd4755f
--- /dev/null
+++ b/2024/CVE-2024-25111.md
@@ -0,0 +1,17 @@
+### [CVE-2024-25111](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25111)
+
+
+
+
+### Description
+
+Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunked, encoded HTTP Message. This bug is fixed in Squid version 6.8. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. There is no workaround for this issue.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/MegaManSec/Squid-Security-Audit
+
diff --git a/2024/CVE-2024-25169.md b/2024/CVE-2024-25169.md
index fa099d42d..930687bc3 100644
--- a/2024/CVE-2024-25169.md
+++ b/2024/CVE-2024-25169.md
@@ -16,4 +16,5 @@ An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanism
- https://github.com/AppThreat/vulnerability-db
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/shenhav12/CVE-2024-25169-Mezzanine-v6.0.0
diff --git a/2024/CVE-2024-25170.md b/2024/CVE-2024-25170.md
index 2a8c6315d..52c945eeb 100644
--- a/2024/CVE-2024-25170.md
+++ b/2024/CVE-2024-25170.md
@@ -15,4 +15,5 @@ An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via mani
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/shenhav12/CVE-2024-25170-Mezzanine-v6.0.0
diff --git a/2024/CVE-2024-25202.md b/2024/CVE-2024-25202.md
index 77cb3e514..67c30ef05 100644
--- a/2024/CVE-2024-25202.md
+++ b/2024/CVE-2024-25202.md
@@ -14,6 +14,7 @@ Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and U
- https://medium.com/@agampreetsingh_93704/cve-2024-25202-discover-by-agampreet-singh-cyber-security-expert-ff8e32f5cf52
#### Github
+- https://github.com/Agampreet-Singh/CVE-2024-25202
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-25359.md b/2024/CVE-2024-25359.md
new file mode 100644
index 000000000..b8837e728
--- /dev/null
+++ b/2024/CVE-2024-25359.md
@@ -0,0 +1,17 @@
+### [CVE-2024-25359](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25359)
+
+
+
+
+### Description
+
+An issue in zuoxingdong lagom v.0.1.2 allows a local attacker to execute arbitrary code via the pickle_load function of the serialize.py file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/bayuncao/bayuncao
+
diff --git a/2024/CVE-2024-25400.md b/2024/CVE-2024-25400.md
index 330c523a0..543beecb3 100644
--- a/2024/CVE-2024-25400.md
+++ b/2024/CVE-2024-25400.md
@@ -5,7 +5,7 @@
### Description
-Subrion CMS 4.2.1 is vulnerable to SQL Injection via ia.core.mysqli.php.
+** DISPUTED ** Subrion CMS 4.2.1 is vulnerable to SQL Injection via ia.core.mysqli.php. NOTE: this is disputed by multiple third parties because it refers to an HTTP request to a PHP file that only contains a class, without any mechanism for accepting external input, and the reportedly vulnerable method is not present in the file.
### POC
diff --git a/2024/CVE-2024-25423.md b/2024/CVE-2024-25423.md
index 1d7dcee6a..566ce2f82 100644
--- a/2024/CVE-2024-25423.md
+++ b/2024/CVE-2024-25423.md
@@ -13,6 +13,7 @@ An issue in MAXON CINEMA 4D R2024.2.0 allows a local attacker to execute arbitra
- https://github.com/DriverUnload/cve-2024-25423
#### Github
+- https://github.com/DriverUnload/cve-2024-25423
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-25579.md b/2024/CVE-2024-25579.md
index 9a614f765..2b661504f 100644
--- a/2024/CVE-2024-25579.md
+++ b/2024/CVE-2024-25579.md
@@ -1,4 +1,5 @@
### [CVE-2024-25579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25579)
+
@@ -8,13 +9,14 @@
+
### Description
-OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Affected products and versions are as follows: WRC-1167GS2-B v1.67 and earlier, WRC-1167GS2H-B v1.67 and earlier, WRC-2533GS2-B v1.62 and earlier, WRC-2533GS2-W v1.62 and earlier, WRC-2533GS2V-B v1.62 and earlier, WRC-X3200GST3-B v1.25 and earlier, and WRC-G01-W v1.24 and earlier.
+OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Note that WMC-X1800GST-B is also included in e-Mesh Starter Kit "WMC-2LX-B".
### POC
diff --git a/2024/CVE-2024-25600.md b/2024/CVE-2024-25600.md
index f48cd93ab..7dc70c8bf 100644
--- a/2024/CVE-2024-25600.md
+++ b/2024/CVE-2024-25600.md
@@ -17,8 +17,10 @@ Improper Control of Generation of Code ('Code Injection') vulnerability in Codee
#### Github
- https://github.com/0bl1v10nf0rg0773n/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress
- https://github.com/0xMarcio/cve
+- https://github.com/Chocapikk/CVE-2024-25600
- https://github.com/Christbowel/CVE-2024-25600_Nuclei-Template
- https://github.com/GhostTroops/TOP
+- https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT
- https://github.com/K3ysTr0K3R/K3ysTr0K3R
- https://github.com/RHYru9/CVE-2024-25600-mass
- https://github.com/Threekiii/CVE
diff --git a/2024/CVE-2024-25617.md b/2024/CVE-2024-25617.md
index ce7ef094c..2e0f5d30b 100644
--- a/2024/CVE-2024-25617.md
+++ b/2024/CVE-2024-25617.md
@@ -14,5 +14,6 @@ Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, a
No PoCs from references.
#### Github
+- https://github.com/MegaManSec/Squid-Security-Audit
- https://github.com/NaInSec/CVE-LIST
diff --git a/2024/CVE-2024-25975.md b/2024/CVE-2024-25975.md
index bc0ce3ff9..07250f0e6 100644
--- a/2024/CVE-2024-25975.md
+++ b/2024/CVE-2024-25975.md
@@ -10,6 +10,7 @@ The application implements an up- and downvote function which alters a value wit
### POC
#### Reference
+- http://seclists.org/fulldisclosure/2024/May/34
- https://r.sec-consult.com/hawki
#### Github
diff --git a/2024/CVE-2024-25976.md b/2024/CVE-2024-25976.md
index dadbe2f17..27ce008fe 100644
--- a/2024/CVE-2024-25976.md
+++ b/2024/CVE-2024-25976.md
@@ -10,6 +10,7 @@ When LDAP authentication is activated in the configuration it is possible to obt
### POC
#### Reference
+- http://seclists.org/fulldisclosure/2024/May/34
- https://r.sec-consult.com/hawki
#### Github
diff --git a/2024/CVE-2024-25977.md b/2024/CVE-2024-25977.md
index 56a9aa5c5..d3f950c53 100644
--- a/2024/CVE-2024-25977.md
+++ b/2024/CVE-2024-25977.md
@@ -10,6 +10,7 @@ The application does not change the session token when using the login or logout
### POC
#### Reference
+- http://seclists.org/fulldisclosure/2024/May/34
- https://r.sec-consult.com/hawki
#### Github
diff --git a/2024/CVE-2024-26026.md b/2024/CVE-2024-26026.md
index 27715328f..aa33f672e 100644
--- a/2024/CVE-2024-26026.md
+++ b/2024/CVE-2024-26026.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/GRTMALDET/Big-IP-Next-CVE-2024-26026
- https://github.com/Threekiii/CVE
+- https://github.com/enomothem/PenTestNote
- https://github.com/netlas-io/netlas-dorks
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/passwa11/CVE-2024-26026
diff --git a/2024/CVE-2024-26163.md b/2024/CVE-2024-26163.md
index 229d8ce28..3ffc5d17c 100644
--- a/2024/CVE-2024-26163.md
+++ b/2024/CVE-2024-26163.md
@@ -1,7 +1,8 @@
### [CVE-2024-26163](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26163)
+%20Extended%20Stable&color=blue)
&color=blue)
-
+
### Description
diff --git a/2024/CVE-2024-26165.md b/2024/CVE-2024-26165.md
index 6a8141c28..9545de08a 100644
--- a/2024/CVE-2024-26165.md
+++ b/2024/CVE-2024-26165.md
@@ -1,7 +1,7 @@
### [CVE-2024-26165](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26165)
-
+
### Description
diff --git a/2024/CVE-2024-26167.md b/2024/CVE-2024-26167.md
index a2ff21ab0..c24dbba1a 100644
--- a/2024/CVE-2024-26167.md
+++ b/2024/CVE-2024-26167.md
@@ -1,7 +1,7 @@
### [CVE-2024-26167](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26167)
-
+
### Description
diff --git a/2024/CVE-2024-26173.md b/2024/CVE-2024-26173.md
index d4b7cb835..53e56574b 100644
--- a/2024/CVE-2024-26173.md
+++ b/2024/CVE-2024-26173.md
@@ -38,7 +38,7 @@
-
+
### Description
diff --git a/2024/CVE-2024-26181.md b/2024/CVE-2024-26181.md
index 0b03052bf..a5bb84a28 100644
--- a/2024/CVE-2024-26181.md
+++ b/2024/CVE-2024-26181.md
@@ -38,7 +38,7 @@
-
+
### Description
diff --git a/2024/CVE-2024-26188.md b/2024/CVE-2024-26188.md
index 3cf7084d9..df9ce8e9e 100644
--- a/2024/CVE-2024-26188.md
+++ b/2024/CVE-2024-26188.md
@@ -1,7 +1,7 @@
### [CVE-2024-26188](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26188)
-
+
### Description
diff --git a/2024/CVE-2024-26192.md b/2024/CVE-2024-26192.md
index f25c7a6bf..7983c2af7 100644
--- a/2024/CVE-2024-26192.md
+++ b/2024/CVE-2024-26192.md
@@ -1,7 +1,7 @@
### [CVE-2024-26192](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26192)
&color=blue)
-
+
### Description
diff --git a/2024/CVE-2024-26196.md b/2024/CVE-2024-26196.md
index 28979f14a..87827f229 100644
--- a/2024/CVE-2024-26196.md
+++ b/2024/CVE-2024-26196.md
@@ -1,7 +1,7 @@
### [CVE-2024-26196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26196)
-
+
### Description
diff --git a/2024/CVE-2024-26229.md b/2024/CVE-2024-26229.md
new file mode 100644
index 000000000..40a040571
--- /dev/null
+++ b/2024/CVE-2024-26229.md
@@ -0,0 +1,58 @@
+### [CVE-2024-26229](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26229)
+
+
+
+
+
+
+
+
+
+
+&color=blue)
+
+&color=blue)
+
+&color=blue)
+&color=blue)
+
+
+&color=blue)
+
+&color=blue)
+
+&color=blue)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+### Description
+
+Windows CSC Service Elevation of Privilege Vulnerability
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/0xMarcio/cve
+- https://github.com/GhostTroops/TOP
+- https://github.com/michredteam/PoC-26229
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/tanjiti/sec_profile
+
diff --git a/2024/CVE-2024-26246.md b/2024/CVE-2024-26246.md
index f619db997..96d2a1fd7 100644
--- a/2024/CVE-2024-26246.md
+++ b/2024/CVE-2024-26246.md
@@ -1,7 +1,7 @@
### [CVE-2024-26246](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26246)
-
+
### Description
diff --git a/2024/CVE-2024-26247.md b/2024/CVE-2024-26247.md
index 4ed501188..87106ea4f 100644
--- a/2024/CVE-2024-26247.md
+++ b/2024/CVE-2024-26247.md
@@ -1,7 +1,7 @@
### [CVE-2024-26247](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26247)
&color=blue)
-
+
### Description
diff --git a/2024/CVE-2024-26256.md b/2024/CVE-2024-26256.md
index 760fd6bbc..c639cef55 100644
--- a/2024/CVE-2024-26256.md
+++ b/2024/CVE-2024-26256.md
@@ -10,7 +10,7 @@
### Description
-libarchive Remote Code Execution Vulnerability
+Libarchive Remote Code Execution Vulnerability
### POC
diff --git a/2024/CVE-2024-26507.md b/2024/CVE-2024-26507.md
new file mode 100644
index 000000000..9751dfc7f
--- /dev/null
+++ b/2024/CVE-2024-26507.md
@@ -0,0 +1,17 @@
+### [CVE-2024-26507](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26507)
+
+
+
+
+### Description
+
+An issue in FinalWire AIRDA Extreme, AIDA64 Engineer, AIDA64 Business, AIDA64 Network Audit v.7.00.6700 and before allows a local attacker to escalate privileges via the DeviceIoControl call associated with MmMapIoSpace, IoAllocateMdl, MmBuildMdlForNonPagedPool, or MmMapLockedPages components.
+
+### POC
+
+#### Reference
+- https://belong2yourself.github.io/vulnerabilities/docs/AIDA/Elevation-of-Privileges/readme/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-26521.md b/2024/CVE-2024-26521.md
index f735c1798..0eec55856 100644
--- a/2024/CVE-2024-26521.md
+++ b/2024/CVE-2024-26521.md
@@ -14,5 +14,6 @@ HTML Injection vulnerability in CE Phoenix v1.0.8.20 and before allows a remote
- https://github.com/hackervegas001/CVE-2024-26521
#### Github
+- https://github.com/hackervegas001/CVE-2024-26521
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-26581.md b/2024/CVE-2024-26581.md
index e63f997b5..5ae252d73 100644
--- a/2024/CVE-2024-26581.md
+++ b/2024/CVE-2024-26581.md
@@ -1,6 +1,6 @@
### [CVE-2024-26581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26581)
-
+
### Description
diff --git a/2024/CVE-2024-26602.md b/2024/CVE-2024-26602.md
index f91e9bd9d..0057f7ca6 100644
--- a/2024/CVE-2024-26602.md
+++ b/2024/CVE-2024-26602.md
@@ -13,5 +13,6 @@ In the Linux kernel, the following vulnerability has been resolved:sched/membarr
No PoCs from references.
#### Github
+- https://github.com/codexlynx/hardware-attacks-state-of-the-art
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-26629.md b/2024/CVE-2024-26629.md
index 8a78326cf..8fe5d546e 100644
--- a/2024/CVE-2024-26629.md
+++ b/2024/CVE-2024-26629.md
@@ -1,6 +1,6 @@
### [CVE-2024-26629](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26629)
-
+
### Description
diff --git a/2024/CVE-2024-26639.md b/2024/CVE-2024-26639.md
index aebaab5ad..3cf04be80 100644
--- a/2024/CVE-2024-26639.md
+++ b/2024/CVE-2024-26639.md
@@ -1,11 +1,11 @@
### [CVE-2024-26639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26639)
-
-
-
+
+
+
### Description
-In the Linux kernel, the following vulnerability has been resolved:mm, kmsan: fix infinite recursion due to RCU critical sectionAlexander Potapenko writes in [1]: "For every memory access in the codeinstrumented by KMSAN we call kmsan_get_metadata() to obtain the metadatafor the memory being accessed. For virtual memory the metadata pointersare stored in the corresponding `struct page`, therefore we need to callvirt_to_page() to get them.According to the comment in arch/x86/include/asm/page.h,virt_to_page(kaddr) returns a valid pointer iff virt_addr_valid(kaddr) istrue, so KMSAN needs to call virt_addr_valid() as well.To avoid recursion, kmsan_get_metadata() must not call instrumented code,therefore ./arch/x86/include/asm/kmsan.h forks parts ofarch/x86/mm/physaddr.c to check whether a virtual address is valid or not.But the introduction of rcu_read_lock() to pfn_valid() added instrumentedRCU API calls to virt_to_page_or_null(), which is called bykmsan_get_metadata(), so there is an infinite recursion now. I do notthink it is correct to stop that recursion by doingkmsan_enter_runtime()/kmsan_exit_runtime() in kmsan_get_metadata(): thatwould prevent instrumented functions called from within the runtime fromtracking the shadow values, which might introduce false positives."Fix the issue by switching pfn_valid() to the _sched() variant ofrcu_read_lock/unlock(), which does not require calling into RCU. Giventhe critical section in pfn_valid() is very small, this is a reasonabletrade-off (with preemptible RCU).KMSAN further needs to be careful to suppress calls into the scheduler,which would be another source of recursion. This can be done by wrappingthe call to pfn_valid() into preempt_disable/enable_no_resched(). Thedownside is that this sacrifices breaking scheduling guarantees; however,a kernel compiled with KMSAN has already given up any performanceguarantees due to being heavily instrumented.Note, KMSAN code already disables tracing via Makefile, and since mmzone.his included, it is not necessary to use the notrace variant, which isgenerally preferred in all other cases.
+** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
### POC
diff --git a/2024/CVE-2024-26643.md b/2024/CVE-2024-26643.md
index a9eedd759..87ecb5967 100644
--- a/2024/CVE-2024-26643.md
+++ b/2024/CVE-2024-26643.md
@@ -1,6 +1,6 @@
### [CVE-2024-26643](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26643)
-
+
### Description
diff --git a/2024/CVE-2024-26979.md b/2024/CVE-2024-26979.md
index 27a364e41..bf7121289 100644
--- a/2024/CVE-2024-26979.md
+++ b/2024/CVE-2024-26979.md
@@ -1,11 +1,11 @@
### [CVE-2024-26979](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26979)
-
-
-
+
+
+
### Description
-In the Linux kernel, the following vulnerability has been resolved:drm/vmwgfx: Fix possible null pointer derefence with invalid contextsvmw_context_cotable can return either an error or a null pointer and itsusage sometimes went unchecked. Subsequent code would then try to accesseither a null pointer or an error value.The invalid dereferences were only possible with malformed userspaceapps which never properly initialized the rendering contexts.Check the results of vmw_context_cotable to fix the invalid derefs.Thanks:ziming zhang(@ezrak1e) from Ant Group Light-Year Security Labwho was the first person to discover it.Niels De Graef who reported it and helped to track down the poc.
+** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
### POC
diff --git a/2024/CVE-2024-2700.md b/2024/CVE-2024-2700.md
index d4bd7ad51..ab23f3e1e 100644
--- a/2024/CVE-2024-2700.md
+++ b/2024/CVE-2024-2700.md
@@ -1,5 +1,5 @@
### [CVE-2024-2700](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2700)
-
+
diff --git a/2024/CVE-2024-27019.md b/2024/CVE-2024-27019.md
index cf2d59400..27b2e6b9b 100644
--- a/2024/CVE-2024-27019.md
+++ b/2024/CVE-2024-27019.md
@@ -1,6 +1,6 @@
### [CVE-2024-27019](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27019)
-
+
### Description
diff --git a/2024/CVE-2024-27173.md b/2024/CVE-2024-27173.md
new file mode 100644
index 000000000..e68d773e0
--- /dev/null
+++ b/2024/CVE-2024-27173.md
@@ -0,0 +1,17 @@
+### [CVE-2024-27173](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27173)
+&color=blue)
+
+&color=brighgreen)
+
+### Description
+
+Remote Command program allows an attacker to get Remote Code Execution by overwriting existing Python files containing executable code. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point. https://www.toshibatec.com/contacts/products/ As for the affected products/models/versions, see the reference URL.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-27282.md b/2024/CVE-2024-27282.md
index 301289e3b..c148cb25f 100644
--- a/2024/CVE-2024-27282.md
+++ b/2024/CVE-2024-27282.md
@@ -14,4 +14,5 @@ No PoCs from references.
#### Github
- https://github.com/lifeparticle/Ruby-Cheatsheet
+- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-27316.md b/2024/CVE-2024-27316.md
index daca5afc4..6df5454f7 100644
--- a/2024/CVE-2024-27316.md
+++ b/2024/CVE-2024-27316.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/Ampferl/poc_http2-continuation-flood
- https://github.com/DrewskyDev/H2Flood
+- https://github.com/EzeTauil/Maquina-Upload
- https://github.com/Vos68/HTTP2-Continuation-Flood-PoC
- https://github.com/aeyesec/CVE-2024-27316_poc
- https://github.com/lockness-Ko/CVE-2024-27316
diff --git a/2024/CVE-2024-27518.md b/2024/CVE-2024-27518.md
index f0f02651b..83b94aa3a 100644
--- a/2024/CVE-2024-27518.md
+++ b/2024/CVE-2024-27518.md
@@ -15,4 +15,5 @@ An issue in SUPERAntiSyware Professional X 10.0.1262 and 10.0.1264 allows unpriv
#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/secunnix/CVE-2024-27518
diff --git a/2024/CVE-2024-27619.md b/2024/CVE-2024-27619.md
index cd7654d3d..7942d2e66 100644
--- a/2024/CVE-2024-27619.md
+++ b/2024/CVE-2024-27619.md
@@ -14,5 +14,6 @@ Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow. Any user h
- https://www.dlink.com/en/security-bulletin/
#### Github
+- https://github.com/ioprojecton/dir-3040_dos
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-2762.md b/2024/CVE-2024-2762.md
new file mode 100644
index 000000000..8a20a2c3b
--- /dev/null
+++ b/2024/CVE-2024-2762.md
@@ -0,0 +1,18 @@
+### [CVE-2024-2762](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2762)
+
+
+
+&color=brighgreen)
+
+### Description
+
+The FooGallery WordPress plugin before 2.4.15, foogallery-premium WordPress plugin before 2.4.15 does not validate and escape some of its Gallery settings before outputting them back in the page, which could allow users with a role as low as Author to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/92e0f5ca-0184-4e9c-b01a-7656e05dce69/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-27622.md b/2024/CVE-2024-27622.md
index e6b63308f..814bd515d 100644
--- a/2024/CVE-2024-27622.md
+++ b/2024/CVE-2024-27622.md
@@ -5,7 +5,7 @@
### Description
-A remote code execution vulnerability has been identified in the User Defined Tags module of CMS Made Simple version 2.2.19. This vulnerability arises from inadequate sanitization of user-supplied input in the 'Code' section of the module. As a result, authenticated users with administrative privileges can inject and execute arbitrary PHP code.
+A remote code execution vulnerability has been identified in the User Defined Tags module of CMS Made Simple version 2.2.19 / 2.2.21. This vulnerability arises from inadequate sanitization of user-supplied input in the 'Code' section of the module. As a result, authenticated users with administrative privileges can inject and execute arbitrary PHP code.
### POC
diff --git a/2024/CVE-2024-27631.md b/2024/CVE-2024-27631.md
index df7345166..8c7339889 100644
--- a/2024/CVE-2024-27631.md
+++ b/2024/CVE-2024-27631.md
@@ -14,5 +14,6 @@ Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows
- https://medium.com/@allypetitt/how-i-found-3-cves-in-2-days-8a135eb924d3
#### Github
+- https://github.com/ally-petitt/CVE-2024-27631
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-27815.md b/2024/CVE-2024-27815.md
new file mode 100644
index 000000000..7756fe184
--- /dev/null
+++ b/2024/CVE-2024-27815.md
@@ -0,0 +1,24 @@
+### [CVE-2024-27815](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27815)
+
+
+
+
+
+
+
+
+
+
+
+### Description
+
+An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-27830.md b/2024/CVE-2024-27830.md
new file mode 100644
index 000000000..13b9755d9
--- /dev/null
+++ b/2024/CVE-2024-27830.md
@@ -0,0 +1,26 @@
+### [CVE-2024-27830](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27830)
+
+
+
+
+
+
+
+
+
+
+
+
+### Description
+
+This issue was addressed through improved state management. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Joe12387/Joe12387
+- https://github.com/Joe12387/safari-canvas-fingerprinting-exploit
+
diff --git a/2024/CVE-2024-27834.md b/2024/CVE-2024-27834.md
new file mode 100644
index 000000000..e7ff4e19c
--- /dev/null
+++ b/2024/CVE-2024-27834.md
@@ -0,0 +1,23 @@
+### [CVE-2024-27834](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27834)
+
+
+
+
+
+
+
+
+
+
+### Description
+
+The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-27936.md b/2024/CVE-2024-27936.md
index a8483230e..9ff5f0178 100644
--- a/2024/CVE-2024-27936.md
+++ b/2024/CVE-2024-27936.md
@@ -1,11 +1,11 @@
### [CVE-2024-27936](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27936)
-
+
### Description
-Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41 of the deno_runtime library, maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request contents. Deno is stripping any ANSI escape sequences from the permission prompt, but permissions given to the program are based on the contents that contain the ANSI escape sequences. Any Deno program can spoof the content of the interactive permission prompt by inserting a broken ANSI code, which allows a malicious Deno program to display the wrong file path or program name to the user. Version 1.41 of the deno_runtime library contains a patch for the issue.
+Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41.0 of the deno library, maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request contents. Deno is stripping any ANSI escape sequences from the permission prompt, but permissions given to the program are based on the contents that contain the ANSI escape sequences. Any Deno program can spoof the content of the interactive permission prompt by inserting a broken ANSI code, which allows a malicious Deno program to display the wrong file path or program name to the user. Version 1.41.0 of the deno library contains a patch for the issue.
### POC
diff --git a/2024/CVE-2024-28085.md b/2024/CVE-2024-28085.md
index 2f160360b..344a6b651 100644
--- a/2024/CVE-2024-28085.md
+++ b/2024/CVE-2024-28085.md
@@ -10,6 +10,7 @@ wall in util-linux through 2.40, often installed with setgid tty permissions, al
### POC
#### Reference
+- http://www.openwall.com/lists/oss-security/2024/03/27/5
- https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt
- https://www.openwall.com/lists/oss-security/2024/03/27/5
diff --git a/2024/CVE-2024-28147.md b/2024/CVE-2024-28147.md
new file mode 100644
index 000000000..c1ac4d855
--- /dev/null
+++ b/2024/CVE-2024-28147.md
@@ -0,0 +1,17 @@
+### [CVE-2024-28147](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28147)
+
+
+
+
+### Description
+
+An authenticated user can upload arbitrary files in the upload function for collection preview images. An attacker may upload an HTML file that includes malicious JavaScript code which will be executed if a user visits the direct URL of the collection preview image (Stored Cross Site Scripting). It is also possible to upload SVG files that include nested XML entities. Those are parsed when a user visits the direct URL of the collection preview image, which may be utilized for a Denial of Service attack.This issue affects edu-sharing: <8.0.8-RC2, <8.1.4-RC0, <9.0.0-RC19.
+
+### POC
+
+#### Reference
+- https://r.sec-consult.com/metaventis
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-28397.md b/2024/CVE-2024-28397.md
new file mode 100644
index 000000000..da386528e
--- /dev/null
+++ b/2024/CVE-2024-28397.md
@@ -0,0 +1,18 @@
+### [CVE-2024-28397](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28397)
+
+
+
+
+### Description
+
+An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Marven11/CVE-2024-28397
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-28423.md b/2024/CVE-2024-28423.md
new file mode 100644
index 000000000..e18587da6
--- /dev/null
+++ b/2024/CVE-2024-28423.md
@@ -0,0 +1,17 @@
+### [CVE-2024-28423](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28423)
+
+
+
+
+### Description
+
+Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafe_load function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/bayuncao/bayuncao
+
diff --git a/2024/CVE-2024-28424.md b/2024/CVE-2024-28424.md
new file mode 100644
index 000000000..9007fd8c0
--- /dev/null
+++ b/2024/CVE-2024-28424.md
@@ -0,0 +1,17 @@
+### [CVE-2024-28424](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28424)
+
+
+
+
+### Description
+
+zenml v0.55.4 was discovered to contain an arbitrary file upload vulnerability in the load function at /materializers/cloudpickle_materializer.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/bayuncao/bayuncao
+
diff --git a/2024/CVE-2024-28425.md b/2024/CVE-2024-28425.md
new file mode 100644
index 000000000..e47a23d93
--- /dev/null
+++ b/2024/CVE-2024-28425.md
@@ -0,0 +1,17 @@
+### [CVE-2024-28425](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28425)
+
+
+
+
+### Description
+
+greykite v1.0.0 was discovered to contain an arbitrary file upload vulnerability in the load_obj function at /templates/pickle_utils.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/bayuncao/bayuncao
+
diff --git a/2024/CVE-2024-28515.md b/2024/CVE-2024-28515.md
index 40d6ea8fc..d2afb3fb1 100644
--- a/2024/CVE-2024-28515.md
+++ b/2024/CVE-2024-28515.md
@@ -13,5 +13,6 @@ Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a
- https://github.com/heshi906/CVE-2024-28515
#### Github
+- https://github.com/heshi906/CVE-2024-28515
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-28623.md b/2024/CVE-2024-28623.md
index 09fee81e1..9498c1dda 100644
--- a/2024/CVE-2024-28623.md
+++ b/2024/CVE-2024-28623.md
@@ -13,4 +13,5 @@ RiteCMS v3.0.0 was discovered to contain a cross-site scripting (XSS) vulnerabil
- https://github.com/GURJOTEXPERT/ritecms
#### Github
+- https://github.com/GURJOTEXPERT/ritecms
diff --git a/2024/CVE-2024-28715.md b/2024/CVE-2024-28715.md
index 9a847cf71..680a4ffc5 100644
--- a/2024/CVE-2024-28715.md
+++ b/2024/CVE-2024-28715.md
@@ -13,6 +13,7 @@ Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote
- https://github.com/Lq0ne/CVE-2024-28715
#### Github
+- https://github.com/Lq0ne/CVE-2024-28715
- https://github.com/NaInSec/CVE-LIST
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-28833.md b/2024/CVE-2024-28833.md
new file mode 100644
index 000000000..b498b9fdd
--- /dev/null
+++ b/2024/CVE-2024-28833.md
@@ -0,0 +1,17 @@
+### [CVE-2024-28833](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28833)
+
+
+
+
+### Description
+
+Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-28834.md b/2024/CVE-2024-28834.md
index 1440d0f74..03a7885ee 100644
--- a/2024/CVE-2024-28834.md
+++ b/2024/CVE-2024-28834.md
@@ -23,4 +23,5 @@ A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability
- https://github.com/GrigGM/05-virt-04-docker-hw
- https://github.com/NaInSec/CVE-LIST
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/m-pasima/CI-CD-Security-image-scan
diff --git a/2024/CVE-2024-28995.md b/2024/CVE-2024-28995.md
new file mode 100644
index 000000000..94e400fad
--- /dev/null
+++ b/2024/CVE-2024-28995.md
@@ -0,0 +1,20 @@
+### [CVE-2024-28995](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28995)
+
+
+&color=brighgreen)
+
+### Description
+
+SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/enomothem/PenTestNote
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/tanjiti/sec_profile
+- https://github.com/wy876/POC
+
diff --git a/2024/CVE-2024-29057.md b/2024/CVE-2024-29057.md
index e7fd72490..634d425c8 100644
--- a/2024/CVE-2024-29057.md
+++ b/2024/CVE-2024-29057.md
@@ -1,7 +1,7 @@
### [CVE-2024-29057](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29057)
&color=blue)
-
+
### Description
diff --git a/2024/CVE-2024-29201.md b/2024/CVE-2024-29201.md
index bbd2c69a4..80e904fd0 100644
--- a/2024/CVE-2024-29201.md
+++ b/2024/CVE-2024-29201.md
@@ -13,6 +13,7 @@ JumpServer is an open source bastion host and an operation and maintenance secur
No PoCs from references.
#### Github
+- https://github.com/Threekiii/Awesome-POC
- https://github.com/enomothem/PenTestNote
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/tanjiti/sec_profile
diff --git a/2024/CVE-2024-29202.md b/2024/CVE-2024-29202.md
index 6f36b0265..2c0d97ff9 100644
--- a/2024/CVE-2024-29202.md
+++ b/2024/CVE-2024-29202.md
@@ -13,6 +13,7 @@ JumpServer is an open source bastion host and an operation and maintenance secur
No PoCs from references.
#### Github
+- https://github.com/Threekiii/Awesome-POC
- https://github.com/enomothem/PenTestNote
- https://github.com/tanjiti/sec_profile
- https://github.com/wjlin0/poc-doc
diff --git a/2024/CVE-2024-29275.md b/2024/CVE-2024-29275.md
index 92a993b89..de03bbe97 100644
--- a/2024/CVE-2024-29275.md
+++ b/2024/CVE-2024-29275.md
@@ -14,4 +14,5 @@ SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticate
#### Github
- https://github.com/NaInSec/CVE-LIST
+- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-29296.md b/2024/CVE-2024-29296.md
index 6964b7a78..784d53b99 100644
--- a/2024/CVE-2024-29296.md
+++ b/2024/CVE-2024-29296.md
@@ -14,5 +14,6 @@ A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue oc
#### Github
- https://github.com/Lavender-exe/CVE-2024-29296-PoC
+- https://github.com/ThaySolis/CVE-2024-29296
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-29368.md b/2024/CVE-2024-29368.md
index 11845ddce..999c7e3af 100644
--- a/2024/CVE-2024-29368.md
+++ b/2024/CVE-2024-29368.md
@@ -13,5 +13,6 @@ An arbitrary file upload vulnerability in the file handling module of moziloCMS
- https://github.com/becpn/mozilocms
#### Github
+- https://github.com/becpn/mozilocms
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-29375.md b/2024/CVE-2024-29375.md
index ad31f3ba7..0013885b0 100644
--- a/2024/CVE-2024-29375.md
+++ b/2024/CVE-2024-29375.md
@@ -14,5 +14,6 @@ CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attac
#### Github
- https://github.com/c0rvane/CVE-2024-29375
+- https://github.com/ismailcemunver/CVE-2024-29375
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-29399.md b/2024/CVE-2024-29399.md
index 77fbe1ace..66e31125f 100644
--- a/2024/CVE-2024-29399.md
+++ b/2024/CVE-2024-29399.md
@@ -13,5 +13,6 @@ An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacke
- https://github.com/ally-petitt/CVE-2024-29399
#### Github
+- https://github.com/ally-petitt/CVE-2024-29399
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-29513.md b/2024/CVE-2024-29513.md
index 49250a227..fe2cb2ad1 100644
--- a/2024/CVE-2024-29513.md
+++ b/2024/CVE-2024-29513.md
@@ -13,4 +13,5 @@ An issue in briscKernelDriver.sys in BlueRiSC WindowsSCOPE Cyber Forensics befor
- https://github.com/dru1d-foofus/briscKernelDriver
#### Github
+- https://github.com/dru1d-foofus/briscKernelDriver
diff --git a/2024/CVE-2024-29824.md b/2024/CVE-2024-29824.md
new file mode 100644
index 000000000..adba7a63b
--- /dev/null
+++ b/2024/CVE-2024-29824.md
@@ -0,0 +1,19 @@
+### [CVE-2024-29824](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29824)
+
+
+
+
+### Description
+
+An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/enomothem/PenTestNote
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/wy876/POC
+
diff --git a/2024/CVE-2024-29855.md b/2024/CVE-2024-29855.md
new file mode 100644
index 000000000..80f7d1b21
--- /dev/null
+++ b/2024/CVE-2024-29855.md
@@ -0,0 +1,17 @@
+### [CVE-2024-29855](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29855)
+
+
+
+
+### Description
+
+Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-29972.md b/2024/CVE-2024-29972.md
index 12484517a..97ff65341 100644
--- a/2024/CVE-2024-29972.md
+++ b/2024/CVE-2024-29972.md
@@ -15,5 +15,5 @@
- https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-29973.md b/2024/CVE-2024-29973.md
index fa272948b..d6f545139 100644
--- a/2024/CVE-2024-29973.md
+++ b/2024/CVE-2024-29973.md
@@ -15,5 +15,6 @@
- https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/wy876/POC
diff --git a/2024/CVE-2024-3000.md b/2024/CVE-2024-3000.md
index 4e5f89637..f724c46f7 100644
--- a/2024/CVE-2024-3000.md
+++ b/2024/CVE-2024-3000.md
@@ -11,6 +11,7 @@ A vulnerability classified as critical was found in code-projects Online Book Sy
#### Reference
- https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Book%20System%20-%20Authentication%20Bypass.md
+- https://vuldb.com/?id.258202
#### Github
- https://github.com/FoxyProxys/CVE-2024-3000
diff --git a/2024/CVE-2024-3003.md b/2024/CVE-2024-3003.md
index bcb03c96c..419e0d9b1 100644
--- a/2024/CVE-2024-3003.md
+++ b/2024/CVE-2024-3003.md
@@ -11,6 +11,7 @@ A vulnerability has been found in code-projects Online Book System 1.0 and class
#### Reference
- https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Book%20System-%20SQL%20Injection%20-%205.md
+- https://vuldb.com/?id.258205
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-30050.md b/2024/CVE-2024-30050.md
index 8b1f44234..c411c0af8 100644
--- a/2024/CVE-2024-30050.md
+++ b/2024/CVE-2024-30050.md
@@ -38,7 +38,7 @@
-
+
### Description
diff --git a/2024/CVE-2024-30078.md b/2024/CVE-2024-30078.md
new file mode 100644
index 000000000..39ea2e060
--- /dev/null
+++ b/2024/CVE-2024-30078.md
@@ -0,0 +1,58 @@
+### [CVE-2024-30078](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30078)
+
+
+
+
+
+
+
+
+
+
+&color=blue)
+
+&color=blue)
+
+&color=blue)
+&color=blue)
+
+
+&color=blue)
+
+&color=blue)
+
+&color=blue)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+### Description
+
+Windows Wi-Fi Driver Remote Code Execution Vulnerability
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/0xMarcio/cve
+- https://github.com/GhostTroops/TOP
+- https://github.com/enomothem/PenTestNote
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/stryngs/edgedressing
+
diff --git a/2024/CVE-2024-30080.md b/2024/CVE-2024-30080.md
new file mode 100644
index 000000000..f53260361
--- /dev/null
+++ b/2024/CVE-2024-30080.md
@@ -0,0 +1,54 @@
+### [CVE-2024-30080](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30080)
+
+
+
+
+
+
+
+
+
+
+&color=blue)
+
+&color=blue)
+
+&color=blue)
+&color=blue)
+
+
+&color=blue)
+
+&color=blue)
+
+&color=blue)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+### Description
+
+Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/tanjiti/sec_profile
+
diff --git a/2024/CVE-2024-30212.md b/2024/CVE-2024-30212.md
new file mode 100644
index 000000000..4bb476295
--- /dev/null
+++ b/2024/CVE-2024-30212.md
@@ -0,0 +1,17 @@
+### [CVE-2024-30212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30212)
+
+
+
+
+### Description
+
+If a SCSI READ(10) command is initiated via USB using the largest LBA (0xFFFFFFFF) with it's default block size of 512 and a count of 1,the first 512 byte of the 0x80000000 memory area is returned to the user. If the block count is increased, the full RAM can be exposed.The same method works to write to this memory area. If RAM contains pointers, those can be - depending on the application - overwritten toreturn data from any other offset including Progam and Boot Flash.
+
+### POC
+
+#### Reference
+- https://github.com/Fehr-GmbH/blackleak
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-30256.md b/2024/CVE-2024-30256.md
new file mode 100644
index 000000000..1b4f52819
--- /dev/null
+++ b/2024/CVE-2024-30256.md
@@ -0,0 +1,17 @@
+### [CVE-2024-30256](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30256)
+
+
+&color=brighgreen)
+
+### Description
+
+Open WebUI is a user-friendly WebUI for LLMs. Open-webui is vulnerable to authenticated blind server-side request forgery. This vulnerability is fixed in 0.1.117.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/OrenGitHub/dhscanner
+
diff --git a/2024/CVE-2024-30270.md b/2024/CVE-2024-30270.md
new file mode 100644
index 000000000..818c1a20b
--- /dev/null
+++ b/2024/CVE-2024-30270.md
@@ -0,0 +1,17 @@
+### [CVE-2024-30270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30270)
+
+
+&color=brighgreen)
+
+### Description
+
+mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability is a combination of path traversal and arbitrary code execution, specifically targeting the `rspamd_maps()` function. It allows authenticated admin users to overwrite any file writable by the www-data user by exploiting improper path validation. The exploit chain can lead to the execution of arbitrary commands on the server. Version 2024-04 contains a patch for the issue.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-30311.md b/2024/CVE-2024-30311.md
new file mode 100644
index 000000000..ed160cbff
--- /dev/null
+++ b/2024/CVE-2024-30311.md
@@ -0,0 +1,17 @@
+### [CVE-2024-30311](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30311)
+
+
+&color=brighgreen)
+
+### Description
+
+Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
+
+### POC
+
+#### Reference
+- https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1946
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3032.md b/2024/CVE-2024-3032.md
new file mode 100644
index 000000000..da1ff2c88
--- /dev/null
+++ b/2024/CVE-2024-3032.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3032](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3032)
+
+
+&color=brighgreen)
+
+### Description
+
+Themify Builder WordPress plugin before 7.5.8 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/d130a60c-c36b-4994-9b0e-e52cd7f99387/
+
+#### Github
+- https://github.com/Chocapikk/My-CVEs
+
diff --git a/2024/CVE-2024-30848.md b/2024/CVE-2024-30848.md
new file mode 100644
index 000000000..2c75411d4
--- /dev/null
+++ b/2024/CVE-2024-30848.md
@@ -0,0 +1,17 @@
+### [CVE-2024-30848](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30848)
+
+
+
+
+### Description
+
+Cross-site scripting (XSS) vulnerability in SilverSky E-mail service version 5.0.3126 allows remote attackers to inject arbitrary web script or HTML via the version parameter.
+
+### POC
+
+#### Reference
+- https://github.com/Excis3/CVE-Disclosure/blob/main/CVE-2024-30848.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-30851.md b/2024/CVE-2024-30851.md
index 7dab4f05d..7c66116c4 100644
--- a/2024/CVE-2024-30851.md
+++ b/2024/CVE-2024-30851.md
@@ -13,6 +13,7 @@ Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v.1.0.1 allo
- https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc
#### Github
+- https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-3094.md b/2024/CVE-2024-3094.md
index 7350f152b..7401d6199 100644
--- a/2024/CVE-2024-3094.md
+++ b/2024/CVE-2024-3094.md
@@ -9,8 +9,7 @@
### Description
-Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0.
-Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
+Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0.
Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
### POC
@@ -83,6 +82,7 @@ Through a series of complex obfuscations, the liblzma build process extracts a p
- https://github.com/drdry2/CVE-2024-3094-EXPLOIT
- https://github.com/duytruongpham/duytruongpham
- https://github.com/emirkmo/xz-backdoor-github
+- https://github.com/enomothem/PenTestNote
- https://github.com/felipecosta09/cve-2024-3094
- https://github.com/fevar54/Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-3116.md b/2024/CVE-2024-3116.md
index 7cb821953..d08d3bb1c 100644
--- a/2024/CVE-2024-3116.md
+++ b/2024/CVE-2024-3116.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/FoxyProxys/CVE-2024-3116
- https://github.com/TechieNeurons/CVE-2024-3116_RCE_in_pgadmin_8.4
+- https://github.com/enomothem/PenTestNote
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/tanjiti/sec_profile
diff --git a/2024/CVE-2024-31210.md b/2024/CVE-2024-31210.md
new file mode 100644
index 000000000..2dc4116fc
--- /dev/null
+++ b/2024/CVE-2024-31210.md
@@ -0,0 +1,17 @@
+### [CVE-2024-31210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31210)
+
+
+
+
+### Description
+
+WordPress is an open publishing platform for the Web. It's possible for a file of a type other than a zip file to be submitted as a new plugin by an administrative user on the Plugins -> Add New -> Upload Plugin screen in WordPress. If FTP credentials are requested for installation (in order to move the file into place outside of the `uploads` directory) then the uploaded file remains temporary available in the Media Library despite it not being allowed. If the `DISALLOW_FILE_EDIT` constant is set to `true` on the site _and_ FTP credentials are required when uploading a new theme or plugin, then this technically allows an RCE when the user would otherwise have no means of executing arbitrary PHP code. This issue _only_ affects Administrator level users on single site installations, and Super Admin level users on Multisite installations where it's otherwise expected that the user does not have permission to upload or execute arbitrary PHP code. Lower level users are not affected. Sites where the `DISALLOW_FILE_MODS` constant is set to `true` are not affected. Sites where an administrative user either does not need to enter FTP credentials or they have access to the valid FTP credentials, are not affected. The issue was fixed in WordPress 6.4.3 on January 30, 2024 and backported to versions 6.3.3, 6.2.4, 6.1.5, 6.0.7, 5.9.9, 5.8.9, 5.7.11, 5.6.13, 5.5.14, 5.4.15, 5.3.17, 5.2.20, 5.1.18, 5.0.21, 4.9.25, 2.8.24, 4.7.28, 4.6.28, 4.5.31, 4.4.32, 4.3.33, 4.2.37, and 4.1.40. A workaround is available. If the `DISALLOW_FILE_MODS` constant is defined as `true` then it will not be possible for any user to upload a plugin and therefore this issue will not be exploitable.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-31217.md b/2024/CVE-2024-31217.md
new file mode 100644
index 000000000..921bcb315
--- /dev/null
+++ b/2024/CVE-2024-31217.md
@@ -0,0 +1,17 @@
+### [CVE-2024-31217](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31217)
+
+
+
+
+### Description
+
+Strapi is an open-source content management system. Prior to version 4.22.0, a denial-of-service vulnerability is present in the media upload process causing the server to crash without restarting, affecting either development and production environments. Usually, errors in the application cause it to log the error and keep it running for other clients. This behavior, in contrast, stops the server execution, making it unavailable for any clients until it's manually restarted. Any user with access to the file upload functionality is able to exploit this vulnerability, affecting applications running in both development mode and production mode as well. Users should upgrade @strapi/plugin-upload to version 4.22.0 to receive a patch.
+
+### POC
+
+#### Reference
+- https://github.com/strapi/strapi/security/advisories/GHSA-pm9q-xj9p-96pm
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3148.md b/2024/CVE-2024-3148.md
index feb3f8b11..230c60764 100644
--- a/2024/CVE-2024-3148.md
+++ b/2024/CVE-2024-3148.md
@@ -10,7 +10,7 @@ A vulnerability, which was classified as critical, has been found in DedeCMS 5.7
### POC
#### Reference
-No PoCs from references.
+- https://vuldb.com/?id.258923
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-31497.md b/2024/CVE-2024-31497.md
index fd614a554..dba8897ec 100644
--- a/2024/CVE-2024-31497.md
+++ b/2024/CVE-2024-31497.md
@@ -10,6 +10,7 @@ In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an
### POC
#### Reference
+- https://github.com/daedalus/BreakingECDSAwithLLL
- https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/
- https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/
@@ -17,6 +18,7 @@ In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an
- https://github.com/HugoBond/CVE-2024-31497-POC
- https://github.com/PazDak/LoonSecurity
- https://github.com/ViktorNaum/CVE-2024-31497-POC
+- https://github.com/daedalus/BreakingECDSAwithLLL
- https://github.com/edutko/cve-2024-31497
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-31510.md b/2024/CVE-2024-31510.md
index 42afbc513..647d65c1c 100644
--- a/2024/CVE-2024-31510.md
+++ b/2024/CVE-2024-31510.md
@@ -14,4 +14,5 @@ An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/liang-junkai/Fault-injection-of-ML-DSA
diff --git a/2024/CVE-2024-31586.md b/2024/CVE-2024-31586.md
new file mode 100644
index 000000000..c8dca6e95
--- /dev/null
+++ b/2024/CVE-2024-31586.md
@@ -0,0 +1,17 @@
+### [CVE-2024-31586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31586)
+
+
+
+
+### Description
+
+A Cross Site Scripting (XSS) vulnerability exists in Computer Laboratory Management System version 1.0. This vulnerability allows a remote attacker to execute arbitrary code via the Borrower Name, Department, and Remarks parameters.
+
+### POC
+
+#### Reference
+- https://github.com/CyberSentryX/CVE_Hunting/tree/main/CVE-2024-31586
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-31612.md b/2024/CVE-2024-31612.md
new file mode 100644
index 000000000..ea80bd727
--- /dev/null
+++ b/2024/CVE-2024-31612.md
@@ -0,0 +1,17 @@
+### [CVE-2024-31612](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31612)
+
+
+
+
+### Description
+
+Emlog pro2.3 is vulnerable to Cross Site Request Forgery (CSRF) via twitter.php which can be used with a XSS vulnerability to access administrator information.
+
+### POC
+
+#### Reference
+- https://github.com/ss122-0ss/cms/blob/main/emlog-csrf.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-31613.md b/2024/CVE-2024-31613.md
new file mode 100644
index 000000000..437ca8107
--- /dev/null
+++ b/2024/CVE-2024-31613.md
@@ -0,0 +1,17 @@
+### [CVE-2024-31613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31613)
+
+
+
+
+### Description
+
+BOSSCMS v3.10 is vulnerable to Cross Site Request Forgery (CSRF) in name="head_code" or name="foot_code."
+
+### POC
+
+#### Reference
+- https://github.com/ss122-0ss/BOSSCMS/blob/main/bosscms%20csrf.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-31777.md b/2024/CVE-2024-31777.md
new file mode 100644
index 000000000..b6467fef3
--- /dev/null
+++ b/2024/CVE-2024-31777.md
@@ -0,0 +1,18 @@
+### [CVE-2024-31777](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31777)
+
+
+
+
+### Description
+
+File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint.
+
+### POC
+
+#### Reference
+- https://github.com/FreySolarEye/Exploit-CVE-2024-31777
+
+#### Github
+- https://github.com/FreySolarEye/Exploit-CVE-2024-31777
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-31819.md b/2024/CVE-2024-31819.md
index c6d86c637..85d046479 100644
--- a/2024/CVE-2024-31819.md
+++ b/2024/CVE-2024-31819.md
@@ -14,6 +14,7 @@ An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execut
- https://github.com/Chocapikk/CVE-2024-31819
#### Github
+- https://github.com/Chocapikk/CVE-2024-31819
- https://github.com/Chocapikk/My-CVEs
- https://github.com/Jhonsonwannaa/CVE-2024-31819
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-31861.md b/2024/CVE-2024-31861.md
index 6d5b6905b..a442273d3 100644
--- a/2024/CVE-2024-31861.md
+++ b/2024/CVE-2024-31861.md
@@ -1,11 +1,11 @@
### [CVE-2024-31861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31861)
-
-
-&color=brighgreen)
+
+
+
### Description
-Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Zeppelin.The attackers can use Shell interpreter as a code generation gateway, and execute the generated code as a normal way.This issue affects Apache Zeppelin: from 0.10.1 before 0.11.1.Users are recommended to upgrade to version 0.11.1, which doesn't have Shell interpreter by default.
+** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
### POC
@@ -13,5 +13,6 @@ Improper Control of Generation of Code ('Code Injection') vulnerability in Apach
No PoCs from references.
#### Github
+- https://github.com/enomothem/PenTestNote
- https://github.com/tanjiti/sec_profile
diff --git a/2024/CVE-2024-31982.md b/2024/CVE-2024-31982.md
new file mode 100644
index 000000000..b3999cbe3
--- /dev/null
+++ b/2024/CVE-2024-31982.md
@@ -0,0 +1,17 @@
+### [CVE-2024-31982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31982)
+
+
+&color=brighgreen)
+
+### Description
+
+XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/tanjiti/sec_profile
+
diff --git a/2024/CVE-2024-32002.md b/2024/CVE-2024-32002.md
index 5f3e301fc..79d53df57 100644
--- a/2024/CVE-2024-32002.md
+++ b/2024/CVE-2024-32002.md
@@ -14,6 +14,7 @@ Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42
No PoCs from references.
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/10cks/CVE-2024-32002-EXP
- https://github.com/10cks/CVE-2024-32002-POC
- https://github.com/10cks/CVE-2024-32002-hulk
@@ -73,6 +74,7 @@ No PoCs from references.
- https://github.com/markuta/CVE-2024-32002
- https://github.com/markuta/hooky
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/p1tsi/misc
- https://github.com/pkjmesra/PKScreener
- https://github.com/safebuffer/CVE-2024-32002
- https://github.com/sampsonv/github-trending
diff --git a/2024/CVE-2024-32022.md b/2024/CVE-2024-32022.md
index e9f63d392..339af3d26 100644
--- a/2024/CVE-2024-32022.md
+++ b/2024/CVE-2024-32022.md
@@ -13,5 +13,5 @@ Kohya_ss is a GUI for Kohya's Stable Diffusion trainers. Kohya_ss is vulnerable
- https://securitylab.github.com/advisories/GHSL-2024-019_GHSL-2024-024_kohya_ss
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/OrenGitHub/dhscanner
diff --git a/2024/CVE-2024-32113.md b/2024/CVE-2024-32113.md
index 2abd76d02..c104b1697 100644
--- a/2024/CVE-2024-32113.md
+++ b/2024/CVE-2024-32113.md
@@ -17,6 +17,7 @@ No PoCs from references.
- https://github.com/Ostorlab/KEV
- https://github.com/Threekiii/CVE
- https://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit
+- https://github.com/enomothem/PenTestNote
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/tanjiti/sec_profile
diff --git a/2024/CVE-2024-32114.md b/2024/CVE-2024-32114.md
index 6024bd153..a2af05da1 100644
--- a/2024/CVE-2024-32114.md
+++ b/2024/CVE-2024-32114.md
@@ -14,5 +14,6 @@ No PoCs from references.
#### Github
- https://github.com/Threekiii/CVE
+- https://github.com/enomothem/PenTestNote
- https://github.com/tanjiti/sec_profile
diff --git a/2024/CVE-2024-32167.md b/2024/CVE-2024-32167.md
new file mode 100644
index 000000000..d839bc8df
--- /dev/null
+++ b/2024/CVE-2024-32167.md
@@ -0,0 +1,17 @@
+### [CVE-2024-32167](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32167)
+
+
+
+
+### Description
+
+Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion vulnerability as the backend settings have the function of deleting pictures to delete any files.
+
+### POC
+
+#### Reference
+- https://github.com/ss122-0ss/cms/blob/main/omos.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3221.md b/2024/CVE-2024-3221.md
new file mode 100644
index 000000000..1986ed84d
--- /dev/null
+++ b/2024/CVE-2024-3221.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3221)
+
+
+
+
+### Description
+
+A vulnerability classified as critical was found in SourceCodester PHP Task Management System 1.0. This vulnerability affects unknown code of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259066 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.259066
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-32258.md b/2024/CVE-2024-32258.md
index 367dce831..22b52d51c 100644
--- a/2024/CVE-2024-32258.md
+++ b/2024/CVE-2024-32258.md
@@ -15,5 +15,6 @@ The network server of fceux 2.7.0 has a path traversal vulnerability, allowing a
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/liyansong2018/CVE-2024-32258
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-32337.md b/2024/CVE-2024-32337.md
index 836efe9e8..1b0fa19f7 100644
--- a/2024/CVE-2024-32337.md
+++ b/2024/CVE-2024-32337.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS
- https://github.com/adiapera/xss_security_wondercms_3.4.3
#### Github
+- https://github.com/adiapera/xss_security_wondercms_3.4.3
diff --git a/2024/CVE-2024-32338.md b/2024/CVE-2024-32338.md
index 3817a9c8b..215cf522f 100644
--- a/2024/CVE-2024-32338.md
+++ b/2024/CVE-2024-32338.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS
- https://github.com/adiapera/xss_current_page_wondercms_3.4.3
#### Github
+- https://github.com/adiapera/xss_current_page_wondercms_3.4.3
diff --git a/2024/CVE-2024-32339.md b/2024/CVE-2024-32339.md
index 2957d6a8c..a60152db5 100644
--- a/2024/CVE-2024-32339.md
+++ b/2024/CVE-2024-32339.md
@@ -13,4 +13,5 @@ Multiple cross-site scripting (XSS) vulnerabilities in the HOW TO page of Wonder
- https://github.com/adiapera/xss_how_to_page_wondercms_3.4.3
#### Github
+- https://github.com/adiapera/xss_how_to_page_wondercms_3.4.3
diff --git a/2024/CVE-2024-32340.md b/2024/CVE-2024-32340.md
index 6e997b977..244bd6a9f 100644
--- a/2024/CVE-2024-32340.md
+++ b/2024/CVE-2024-32340.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS
- https://github.com/adiapera/xss_menu_page_wondercms_3.4.3
#### Github
+- https://github.com/adiapera/xss_menu_page_wondercms_3.4.3
diff --git a/2024/CVE-2024-32341.md b/2024/CVE-2024-32341.md
index 01f3714ec..91417b588 100644
--- a/2024/CVE-2024-32341.md
+++ b/2024/CVE-2024-32341.md
@@ -13,4 +13,5 @@ Multiple cross-site scripting (XSS) vulnerabilities in the Home page of WonderCM
- https://github.com/adiapera/xss_home_page_wondercms_3.4.3
#### Github
+- https://github.com/adiapera/xss_home_page_wondercms_3.4.3
diff --git a/2024/CVE-2024-32342.md b/2024/CVE-2024-32342.md
index f3d810031..77f3c9492 100644
--- a/2024/CVE-2024-32342.md
+++ b/2024/CVE-2024-32342.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0
- https://github.com/adiapera/xss_create_boidcms_2.1.0
#### Github
+- https://github.com/adiapera/xss_create_boidcms_2.1.0
diff --git a/2024/CVE-2024-32343.md b/2024/CVE-2024-32343.md
index a0f139578..86df11ea9 100644
--- a/2024/CVE-2024-32343.md
+++ b/2024/CVE-2024-32343.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0
- https://github.com/adiapera/xss_create2_boidcms_2.1.0
#### Github
+- https://github.com/adiapera/xss_create2_boidcms_2.1.0
diff --git a/2024/CVE-2024-32345.md b/2024/CVE-2024-32345.md
index bec70fa7c..f59311b7d 100644
--- a/2024/CVE-2024-32345.md
+++ b/2024/CVE-2024-32345.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.1
- https://github.com/adiapera/xss_language_cmsimple_5.15
#### Github
+- https://github.com/adiapera/xss_language_cmsimple_5.15
diff --git a/2024/CVE-2024-3236.md b/2024/CVE-2024-3236.md
new file mode 100644
index 000000000..0ffe92f48
--- /dev/null
+++ b/2024/CVE-2024-3236.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3236](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3236)
+
+
+&color=brighgreen)
+
+### Description
+
+The Popup Builder WordPress plugin before 1.1.33 does not sanitise and escape some of its Notification fields, which could allow users such as contributor and above to perform Stored Cross-Site Scripting attacks.
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/a6c2da28-dc03-4bcc-a6c3-ee55a73861db/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-32369.md b/2024/CVE-2024-32369.md
index b794565ee..b59778457 100644
--- a/2024/CVE-2024-32369.md
+++ b/2024/CVE-2024-32369.md
@@ -13,6 +13,7 @@ SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 throu
- https://github.com/chucrutis/CVE-2024-32369
#### Github
+- https://github.com/chucrutis/CVE-2024-32369
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-3244.md b/2024/CVE-2024-3244.md
index a0e6b8ecf..428582255 100644
--- a/2024/CVE-2024-3244.md
+++ b/2024/CVE-2024-3244.md
@@ -5,8 +5,7 @@
### Description
-The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's
-'embedpress_calendar' shortcode in all versions up to, and including, 3.9.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's
'embedpress_calendar' shortcode in all versions up to, and including, 3.9.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
### POC
diff --git a/2024/CVE-2024-3273.md b/2024/CVE-2024-3273.md
index 943d790a2..398491e33 100644
--- a/2024/CVE-2024-3273.md
+++ b/2024/CVE-2024-3273.md
@@ -16,6 +16,7 @@
No PoCs from references.
#### Github
+- https://github.com/0xMarcio/cve
- https://github.com/Chocapikk/CVE-2024-3273
- https://github.com/GhostTroops/TOP
- https://github.com/K3ysTr0K3R/CVE-2024-3273-EXPLOIT
diff --git a/2024/CVE-2024-32743.md b/2024/CVE-2024-32743.md
index c18f22112..5254e093d 100644
--- a/2024/CVE-2024-32743.md
+++ b/2024/CVE-2024-32743.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS
- https://github.com/adiapera/xss_security_wondercms_3.4.3
#### Github
+- https://github.com/adiapera/xss_security_wondercms_3.4.3
diff --git a/2024/CVE-2024-32744.md b/2024/CVE-2024-32744.md
index c1f3ae47a..6ec620123 100644
--- a/2024/CVE-2024-32744.md
+++ b/2024/CVE-2024-32744.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS
- https://github.com/adiapera/xss_current_page_wondercms_3.4.3
#### Github
+- https://github.com/adiapera/xss_current_page_wondercms_3.4.3
diff --git a/2024/CVE-2024-32745.md b/2024/CVE-2024-32745.md
index 23e9e4b7d..a39c30197 100644
--- a/2024/CVE-2024-32745.md
+++ b/2024/CVE-2024-32745.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS
- https://github.com/adiapera/xss_current_page_wondercms_3.4.3
#### Github
+- https://github.com/adiapera/xss_current_page_wondercms_3.4.3
diff --git a/2024/CVE-2024-32746.md b/2024/CVE-2024-32746.md
index ebd7a8061..9eb55c74a 100644
--- a/2024/CVE-2024-32746.md
+++ b/2024/CVE-2024-32746.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS
- https://github.com/adiapera/xss_menu_page_wondercms_3.4.3
#### Github
+- https://github.com/adiapera/xss_menu_page_wondercms_3.4.3
diff --git a/2024/CVE-2024-3276.md b/2024/CVE-2024-3276.md
new file mode 100644
index 000000000..f8336d1f5
--- /dev/null
+++ b/2024/CVE-2024-3276.md
@@ -0,0 +1,18 @@
+### [CVE-2024-3276](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3276)
+
+
+
+&color=brighgreen)
+
+### Description
+
+The Lightbox & Modal Popup WordPress Plugin WordPress plugin before 2.7.28, foobox-image-lightbox-premium WordPress plugin before 2.7.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/996d3247-ebdd-49d1-a1a3-ceedcf9f2f95/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-33253.md b/2024/CVE-2024-33253.md
new file mode 100644
index 000000000..c31388401
--- /dev/null
+++ b/2024/CVE-2024-33253.md
@@ -0,0 +1,17 @@
+### [CVE-2024-33253](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33253)
+
+
+
+
+### Description
+
+Cross-site scripting (XSS) vulnerability in GUnet OpenEclass E-learning Platform version 3.15 and before allows a authenticated privileged attacker to execute arbitrary code via the title and description fields of the badge template editing function.
+
+### POC
+
+#### Reference
+- https://github.com/FreySolarEye/CVE/blob/master/GUnet%20OpenEclass%20E-learning%20platform%203.15%20-%20'certbadge.php'%20Stored%20Cross%20Site%20Scripting
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-33373.md b/2024/CVE-2024-33373.md
new file mode 100644
index 000000000..67b07c5cb
--- /dev/null
+++ b/2024/CVE-2024-33373.md
@@ -0,0 +1,17 @@
+### [CVE-2024-33373](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33373)
+
+
+
+
+### Description
+
+An issue in the LB-LINK BL-W1210M v2.0 router allows attackers to bypass password complexity requirements and set single digit passwords for authentication. This vulnerability can allow attackers to access the router via a brute-force attack.
+
+### POC
+
+#### Reference
+- https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Password-Policy-Bypass--%7C--Inconsistent-Password-Policy-(CVE%E2%80%902024%E2%80%9033373)
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-33374.md b/2024/CVE-2024-33374.md
new file mode 100644
index 000000000..fbfcd43cb
--- /dev/null
+++ b/2024/CVE-2024-33374.md
@@ -0,0 +1,17 @@
+### [CVE-2024-33374](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33374)
+
+
+
+
+### Description
+
+Incorrect access control in the UART/Serial interface on the LB-LINK BL-W1210M v2.0 router allows attackers to access the root terminal without authentication.
+
+### POC
+
+#### Reference
+- https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Incorrect-Access-Control-(CVE%E2%80%902024%E2%80%9033374)
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-33377.md b/2024/CVE-2024-33377.md
new file mode 100644
index 000000000..7c0d171ff
--- /dev/null
+++ b/2024/CVE-2024-33377.md
@@ -0,0 +1,17 @@
+### [CVE-2024-33377](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33377)
+
+
+
+
+### Description
+
+LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the Administrator login page. Attackers can cause victim users to perform arbitrary operations via interaction with crafted elements on the web page.
+
+### POC
+
+#### Reference
+- https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Clickjacking-(CVE%E2%80%902024%E2%80%9033377)
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-33423.md b/2024/CVE-2024-33423.md
index e9c5dcb97..0af6b81ad 100644
--- a/2024/CVE-2024-33423.md
+++ b/2024/CVE-2024-33423.md
@@ -13,4 +13,5 @@ Cross-Site Scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15
- https://github.com/adiapera/xss_language_cmsimple_5.15
#### Github
+- https://github.com/adiapera/xss_language_cmsimple_5.15
diff --git a/2024/CVE-2024-33424.md b/2024/CVE-2024-33424.md
index 2830422e6..8cc2942f8 100644
--- a/2024/CVE-2024-33424.md
+++ b/2024/CVE-2024-33424.md
@@ -13,4 +13,5 @@ A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.1
- https://github.com/adiapera/xss_language_cmsimple_5.15
#### Github
+- https://github.com/adiapera/xss_language_cmsimple_5.15
diff --git a/2024/CVE-2024-33438.md b/2024/CVE-2024-33438.md
index b2d194ddc..bf6e4905e 100644
--- a/2024/CVE-2024-33438.md
+++ b/2024/CVE-2024-33438.md
@@ -13,5 +13,6 @@ File Upload vulnerability in CubeCart before 6.5.5 allows an authenticated user
- https://github.com/julio-cfa/CVE-2024-33438
#### Github
+- https://github.com/julio-cfa/CVE-2024-33438
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-3400.md b/2024/CVE-2024-3400.md
index db88513dd..0bdf7f2a6 100644
--- a/2024/CVE-2024-3400.md
+++ b/2024/CVE-2024-3400.md
@@ -18,6 +18,7 @@ A command injection as a result of arbitrary file creation vulnerability in the
#### Github
- https://github.com/0x0d3ad/CVE-2024-3400
+- https://github.com/0xMarcio/cve
- https://github.com/0xr2r/CVE-2024-3400-Palo-Alto-OS-Command-Injection
- https://github.com/AdaniKamal/CVE-2024-3400
- https://github.com/CONDITIONBLACK/CVE-2024-3400-POC
@@ -43,6 +44,7 @@ A command injection as a result of arbitrary file creation vulnerability in the
- https://github.com/andrelia-hacks/CVE-2024-3400
- https://github.com/aneasystone/github-trending
- https://github.com/codeblueprint/CVE-2024-3400
+- https://github.com/enomothem/PenTestNote
- https://github.com/fatguru/dorks
- https://github.com/fireinrain/github-trending
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-34058.md b/2024/CVE-2024-34058.md
index 8057b5a60..166eb7b59 100644
--- a/2024/CVE-2024-34058.md
+++ b/2024/CVE-2024-34058.md
@@ -10,6 +10,7 @@ The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via th
### POC
#### Reference
+- http://www.openwall.com/lists/oss-security/2024/05/16/3
- https://www.openwall.com/lists/oss-security/2024/05/16/3
#### Github
diff --git a/2024/CVE-2024-34220.md b/2024/CVE-2024-34220.md
index 222a4d66a..736bb98a7 100644
--- a/2024/CVE-2024-34220.md
+++ b/2024/CVE-2024-34220.md
@@ -13,6 +13,7 @@ Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injecti
- https://github.com/dovankha/CVE-2024-34220
#### Github
+- https://github.com/dovankha/CVE-2024-34220
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/tanjiti/sec_profile
diff --git a/2024/CVE-2024-34221.md b/2024/CVE-2024-34221.md
index 7932ad328..1b5e69472 100644
--- a/2024/CVE-2024-34221.md
+++ b/2024/CVE-2024-34221.md
@@ -13,5 +13,6 @@ Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Pe
- https://github.com/dovankha/CVE-2024-34221
#### Github
+- https://github.com/dovankha/CVE-2024-34221
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-34222.md b/2024/CVE-2024-34222.md
index 28f80721e..a2bc20704 100644
--- a/2024/CVE-2024-34222.md
+++ b/2024/CVE-2024-34222.md
@@ -13,5 +13,6 @@ Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injecti
- https://github.com/dovankha/CVE-2024-34222
#### Github
+- https://github.com/dovankha/CVE-2024-34222
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-34223.md b/2024/CVE-2024-34223.md
index eeee69d81..916afe6f2 100644
--- a/2024/CVE-2024-34223.md
+++ b/2024/CVE-2024-34223.md
@@ -13,5 +13,6 @@ Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Hum
- https://github.com/dovankha/CVE-2024-34223
#### Github
+- https://github.com/dovankha/CVE-2024-34223
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-34224.md b/2024/CVE-2024-34224.md
index 703d079e4..a22e5799b 100644
--- a/2024/CVE-2024-34224.md
+++ b/2024/CVE-2024-34224.md
@@ -13,5 +13,6 @@ Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Compu
- https://github.com/dovankha/CVE-2024-34224
#### Github
+- https://github.com/dovankha/CVE-2024-34224
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-34225.md b/2024/CVE-2024-34225.md
index 44d06bf0d..cd5ccebfc 100644
--- a/2024/CVE-2024-34225.md
+++ b/2024/CVE-2024-34225.md
@@ -13,5 +13,6 @@ Cross Site Scripting vulnerability in php-lms/admin/?page=system_info in Compute
- https://github.com/dovankha/CVE-2024-34225
#### Github
+- https://github.com/dovankha/CVE-2024-34225
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-34226.md b/2024/CVE-2024-34226.md
index 1d977926f..8dcdca229 100644
--- a/2024/CVE-2024-34226.md
+++ b/2024/CVE-2024-34226.md
@@ -13,5 +13,6 @@ SQL injection vulnerability in /php-sqlite-vms/?page=manage_visitor&id=1 in Sour
- https://github.com/dovankha/CVE-2024-34226
#### Github
+- https://github.com/dovankha/CVE-2024-34226
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-34332.md b/2024/CVE-2024-34332.md
new file mode 100644
index 000000000..bb8a99116
--- /dev/null
+++ b/2024/CVE-2024-34332.md
@@ -0,0 +1,17 @@
+### [CVE-2024-34332](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34332)
+
+
+
+
+### Description
+
+An issue in SiSoftware SANDRA v31.66 (SANDRA.sys 15.18.1.1) and before allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API.
+
+### POC
+
+#### Reference
+- https://belong2yourself.github.io/vulnerabilities/docs/SANDRA/Elevation-of-Privileges/readme/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-34452.md b/2024/CVE-2024-34452.md
new file mode 100644
index 000000000..a20ff1e7f
--- /dev/null
+++ b/2024/CVE-2024-34452.md
@@ -0,0 +1,18 @@
+### [CVE-2024-34452](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34452)
+
+
+
+
+### Description
+
+CMSimple_XH 1.7.6 allows XSS by uploading a crafted SVG document.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/surajhacx/CVE-2024-34452
+
diff --git a/2024/CVE-2024-34467.md b/2024/CVE-2024-34467.md
index 39d0cd3ec..7c6e79758 100644
--- a/2024/CVE-2024-34467.md
+++ b/2024/CVE-2024-34467.md
@@ -5,7 +5,7 @@
### Description
-ThinkPHP 8.0.3 allows remote attackers to discover the PHPSESSION cookie because think_exception.tpl (aka the debug error output source code) provides this in an error message for a crafted URI in a GET request.
+ThinkPHP 8.0.3 allows remote attackers to exploit XSS due to inadequate filtering of function argument values in think_exception.tpl.
### POC
diff --git a/2024/CVE-2024-34470.md b/2024/CVE-2024-34470.md
index cda6d4a48..6c2b3ce74 100644
--- a/2024/CVE-2024-34470.md
+++ b/2024/CVE-2024-34470.md
@@ -15,6 +15,7 @@ An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unaut
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/osvaldotenorio/CVE-2024-34470
- https://github.com/wy876/POC
- https://github.com/wy876/wiki
diff --git a/2024/CVE-2024-34471.md b/2024/CVE-2024-34471.md
index 675720faf..c5d0c3296 100644
--- a/2024/CVE-2024-34471.md
+++ b/2024/CVE-2024-34471.md
@@ -15,4 +15,5 @@ An issue was discovered in HSC Mailinspector 5.2.17-3. A Path Traversal vulnerab
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/osvaldotenorio/CVE-2024-34471
diff --git a/2024/CVE-2024-34472.md b/2024/CVE-2024-34472.md
index c43bd56ff..a48b661d3 100644
--- a/2024/CVE-2024-34472.md
+++ b/2024/CVE-2024-34472.md
@@ -15,4 +15,5 @@ An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An authe
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/osvaldotenorio/CVE-2024-34472
diff --git a/2024/CVE-2024-34582.md b/2024/CVE-2024-34582.md
index dff0b4bc0..30edffc30 100644
--- a/2024/CVE-2024-34582.md
+++ b/2024/CVE-2024-34582.md
@@ -15,4 +15,5 @@ Sunhillo SureLine through 8.10.0 on RICI 5000 devices allows cgi/usrPasswd.cgi u
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/silent6trinity/CVE-2024-34582
diff --git a/2024/CVE-2024-34694.md b/2024/CVE-2024-34694.md
new file mode 100644
index 000000000..9bc5f6bdf
--- /dev/null
+++ b/2024/CVE-2024-34694.md
@@ -0,0 +1,17 @@
+### [CVE-2024-34694](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34694)
+
+
+
+
+### Description
+
+LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout (about 30s) lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. This vulnerability is fixed in 0.12.6.
+
+### POC
+
+#### Reference
+- https://github.com/lnbits/lnbits/security/advisories/GHSA-3j4h-h3fp-vwww
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-34833.md b/2024/CVE-2024-34833.md
new file mode 100644
index 000000000..7804a7e18
--- /dev/null
+++ b/2024/CVE-2024-34833.md
@@ -0,0 +1,18 @@
+### [CVE-2024-34833](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34833)
+
+
+
+
+### Description
+
+Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server.
+
+### POC
+
+#### Reference
+- https://github.com/ShellUnease/payroll-management-system-rce
+- https://packetstormsecurity.com/files/179106/Payroll-Management-System-1.0-Remote-Code-Execution.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-34987.md b/2024/CVE-2024-34987.md
index 784c5aea7..092edbb93 100644
--- a/2024/CVE-2024-34987.md
+++ b/2024/CVE-2024-34987.md
@@ -11,6 +11,7 @@ A SQL Injection vulnerability exists in the `ofrs/admin/index.php` script of PHP
#### Reference
- https://github.com/MarkLee131/PoCs/blob/main/CVE-2024-34987.md
+- https://www.exploit-db.com/exploits/51989
#### Github
- https://github.com/MarkLee131/PoCs
diff --git a/2024/CVE-2024-34989.md b/2024/CVE-2024-34989.md
new file mode 100644
index 000000000..f0b61ac26
--- /dev/null
+++ b/2024/CVE-2024-34989.md
@@ -0,0 +1,17 @@
+### [CVE-2024-34989](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34989)
+
+
+
+
+### Description
+
+In the module RSI PDF/HTML catalog evolution (prestapdf) <= 7.0.0 from RSI for PrestaShop, a guest can perform SQL injection via `PrestaPDFProductListModuleFrontController::queryDb().'
+
+### POC
+
+#### Reference
+- https://security.friendsofpresta.org/modules/2024/06/20/prestapdf.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-34997.md b/2024/CVE-2024-34997.md
index c93f2e05a..8dfa8fbcc 100644
--- a/2024/CVE-2024-34997.md
+++ b/2024/CVE-2024-34997.md
@@ -5,7 +5,7 @@
### Description
-joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpy_pickle::NumpyArrayWrapper().read_array().
+** DISPUTED ** joblib v1.4.2 was discovered to contain a deserialization vulnerability via the component joblib.numpy_pickle::NumpyArrayWrapper().read_array(). NOTE: this is disputed by the supplier because NumpyArrayWrapper is only used during caching of trusted content.
### POC
diff --git a/2024/CVE-2024-35235.md b/2024/CVE-2024-35235.md
new file mode 100644
index 000000000..c479e8ca1
--- /dev/null
+++ b/2024/CVE-2024-35235.md
@@ -0,0 +1,19 @@
+### [CVE-2024-35235](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35235)
+
+
+
+&color=brighgreen)
+
+### Description
+
+OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue.
+
+### POC
+
+#### Reference
+- http://www.openwall.com/lists/oss-security/2024/06/11/1
+- https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-35326.md b/2024/CVE-2024-35326.md
new file mode 100644
index 000000000..5df82f6ba
--- /dev/null
+++ b/2024/CVE-2024-35326.md
@@ -0,0 +1,17 @@
+### [CVE-2024-35326](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35326)
+
+
+
+
+### Description
+
+libyaml v0.2.5 is vulnerable to Buffer Overflow. Affected by this issue is the function yaml_emitter_emit of the file /src/libyaml/src/emitter.c. The manipulation leads to a double-free.
+
+### POC
+
+#### Reference
+- https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35326.c
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-35328.md b/2024/CVE-2024-35328.md
new file mode 100644
index 000000000..5cb78c671
--- /dev/null
+++ b/2024/CVE-2024-35328.md
@@ -0,0 +1,17 @@
+### [CVE-2024-35328](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35328)
+
+
+
+
+### Description
+
+libyaml v0.2.5 is vulnerable to DDOS. Affected by this issue is the function yaml_parser_parse of the file /src/libyaml/src/parser.c.
+
+### POC
+
+#### Reference
+- https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35328.c
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-35333.md b/2024/CVE-2024-35333.md
index 797f9ca4e..2dd3921ec 100644
--- a/2024/CVE-2024-35333.md
+++ b/2024/CVE-2024-35333.md
@@ -13,5 +13,6 @@ A stack-buffer-overflow vulnerability exists in the read_charset_decl function o
- https://github.com/momo1239/CVE-2024-35333
#### Github
+- https://github.com/momo1239/CVE-2024-35333
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-3537.md b/2024/CVE-2024-3537.md
index af5a9a931..1d931708c 100644
--- a/2024/CVE-2024-3537.md
+++ b/2024/CVE-2024-3537.md
@@ -10,7 +10,7 @@ A vulnerability was found in Campcodes Church Management System 1.0 and classifi
### POC
#### Reference
-No PoCs from references.
+- https://vuldb.com/?id.259907
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-35468.md b/2024/CVE-2024-35468.md
index b4ca6455d..1f80ffbf6 100644
--- a/2024/CVE-2024-35468.md
+++ b/2024/CVE-2024-35468.md
@@ -13,5 +13,6 @@ A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource
- https://github.com/dovankha/CVE-2024-35468
#### Github
+- https://github.com/dovankha/CVE-2024-35468
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-35469.md b/2024/CVE-2024-35469.md
index 09e5560fd..3bdde5338 100644
--- a/2024/CVE-2024-35469.md
+++ b/2024/CVE-2024-35469.md
@@ -13,5 +13,6 @@ A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Man
- https://github.com/dovankha/CVE-2024-35469
#### Github
+- https://github.com/dovankha/CVE-2024-35469
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-35475.md b/2024/CVE-2024-35475.md
index b86076e3a..1407e432e 100644
--- a/2024/CVE-2024-35475.md
+++ b/2024/CVE-2024-35475.md
@@ -14,5 +14,6 @@ A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Commu
- https://github.com/carsonchan12345/OpenKM-CSRF-PoC
#### Github
+- https://github.com/carsonchan12345/CVE-2024-35475
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-3552.md b/2024/CVE-2024-3552.md
new file mode 100644
index 000000000..6f3b9b2a2
--- /dev/null
+++ b/2024/CVE-2024-3552.md
@@ -0,0 +1,21 @@
+### [CVE-2024-3552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3552)
+
+
+
+
+### Description
+
+The Web Directory Free WordPress plugin before 1.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based.
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/34b03ee4-de81-4fec-9f3d-e1bd5b94d136/
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/truonghuuphuc/CVE-2024-3552-Poc
+- https://github.com/wjlin0/poc-doc
+- https://github.com/wy876/POC
+- https://github.com/wy876/wiki
+
diff --git a/2024/CVE-2024-35717.md b/2024/CVE-2024-35717.md
new file mode 100644
index 000000000..50f840714
--- /dev/null
+++ b/2024/CVE-2024-35717.md
@@ -0,0 +1,17 @@
+### [CVE-2024-35717](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35717)
+
+
+
+
+### Description
+
+Missing Authorization vulnerability in A WP Life Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal Slideshow.This issue affects Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal Slideshow: from n/a through 1.3.9.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-36104.md b/2024/CVE-2024-36104.md
index 126bb3d8f..11fca9c3b 100644
--- a/2024/CVE-2024-36104.md
+++ b/2024/CVE-2024-36104.md
@@ -15,6 +15,10 @@ No PoCs from references.
#### Github
- https://github.com/Co5mos/nuclei-tps
- https://github.com/Mr-xn/CVE-2024-32113
+- https://github.com/Threekiii/Awesome-POC
+- https://github.com/Threekiii/CVE
+- https://github.com/enomothem/PenTestNote
+- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/tanjiti/sec_profile
- https://github.com/wy876/POC
- https://github.com/wy876/wiki
diff --git a/2024/CVE-2024-36405.md b/2024/CVE-2024-36405.md
new file mode 100644
index 000000000..14e9e8c29
--- /dev/null
+++ b/2024/CVE-2024-36405.md
@@ -0,0 +1,18 @@
+### [CVE-2024-36405](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36405)
+
+
+
+
+
+### Description
+
+liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for `-Os`, `-O1`, and other compilation options. A proof-of-concept local attack on the reference implementation leaks the entire ML-KEM 512 secret key in ~10 minutes using end-to-end decapsulation timing measurements. The issue has been fixed in version 0.10.1. As a possible workaround, some compiler options may produce vectorized code that does not leak secret information, however relying on these compiler options as a workaround may not be reliable.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-36416.md b/2024/CVE-2024-36416.md
new file mode 100644
index 000000000..316aabdff
--- /dev/null
+++ b/2024/CVE-2024-36416.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36416](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36416)
+
+
+
+
+### Description
+
+SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-36527.md b/2024/CVE-2024-36527.md
new file mode 100644
index 000000000..319974c01
--- /dev/null
+++ b/2024/CVE-2024-36527.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36527](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36527)
+
+
+
+
+### Description
+
+puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-36586.md b/2024/CVE-2024-36586.md
new file mode 100644
index 000000000..9b6fdb602
--- /dev/null
+++ b/2024/CVE-2024-36586.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36586)
+
+
+
+
+### Description
+
+An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/go-compile/security-advisories
+
diff --git a/2024/CVE-2024-36587.md b/2024/CVE-2024-36587.md
new file mode 100644
index 000000000..8a77e4804
--- /dev/null
+++ b/2024/CVE-2024-36587.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36587)
+
+
+
+
+### Description
+
+Insecure permissions in DNSCrypt-proxy v2.0.0alpha9 to v2.1.5 allows non-privileged attackers to escalate privileges to root via overwriting the binary dnscrypt-proxy.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/go-compile/security-advisories
+
diff --git a/2024/CVE-2024-36588.md b/2024/CVE-2024-36588.md
new file mode 100644
index 000000000..328f96f21
--- /dev/null
+++ b/2024/CVE-2024-36588.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36588)
+
+
+
+
+### Description
+
+An issue in Annonshop.app DecentralizeJustice/ anonymousLocker commit 2b2b4 allows attackers to send messages erroneously attributed to arbitrary users via a crafted HTTP request.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/go-compile/security-advisories
+
diff --git a/2024/CVE-2024-36589.md b/2024/CVE-2024-36589.md
new file mode 100644
index 000000000..d0ad505c7
--- /dev/null
+++ b/2024/CVE-2024-36589.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36589)
+
+
+
+
+### Description
+
+An issue in Annonshop.app DecentralizeJustice/anonymousLocker commit 2b2b4 to ba9fd and DecentralizeJustice/anonBackend commit 57837 to cd815 was discovered to store credentials in plaintext.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/go-compile/security-advisories
+
diff --git a/2024/CVE-2024-36597.md b/2024/CVE-2024-36597.md
new file mode 100644
index 000000000..b70cf6c83
--- /dev/null
+++ b/2024/CVE-2024-36597.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36597)
+
+
+
+
+### Description
+
+Aegon Life v1.0 was discovered to contain a SQL injection vulnerability via the client_id parameter at clientStatus.php.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/wy876/POC
+
diff --git a/2024/CVE-2024-36598.md b/2024/CVE-2024-36598.md
new file mode 100644
index 000000000..ac257b1f1
--- /dev/null
+++ b/2024/CVE-2024-36598.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36598)
+
+
+
+
+### Description
+
+An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary code via uploading a crafted image file.
+
+### POC
+
+#### Reference
+- https://github.com/kaliankhe/CVE-Aslam-mahi/blob/9ec0572c68bfd3708a7d6e089181024131f4e927/vendors/projectworlds.in/AEGON%20LIFE%20v1.0%20Life%20Insurance%20Management%20System/CVE-2024-36598
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-36678.md b/2024/CVE-2024-36678.md
new file mode 100644
index 000000000..a10c5d4eb
--- /dev/null
+++ b/2024/CVE-2024-36678.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36678)
+
+
+
+
+### Description
+
+In the module "Theme settings" (pk_themesettings) <= 1.8.8 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection.
+
+### POC
+
+#### Reference
+- https://security.friendsofpresta.org/modules/2024/06/18/pk_themesettings.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-36679.md b/2024/CVE-2024-36679.md
new file mode 100644
index 000000000..693dac07e
--- /dev/null
+++ b/2024/CVE-2024-36679.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36679)
+
+
+
+
+### Description
+
+In the module "Module Live Chat Pro (All in One Messaging)" (livechatpro) <=8.4.0, a guest can perform PHP Code injection. Due to a predictable token, the method `Lcp::saveTranslations()` suffer of a white writer that can inject PHP code into a PHP file.
+
+### POC
+
+#### Reference
+- https://security.friendsofpresta.org/modules/2024/06/18/livechatpro.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-36680.md b/2024/CVE-2024-36680.md
new file mode 100644
index 000000000..718edb8e7
--- /dev/null
+++ b/2024/CVE-2024-36680.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36680](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36680)
+
+
+
+
+### Description
+
+In the module "Facebook" (pkfacebook) <=1.0.1 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The ajax script facebookConnect.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection.
+
+### POC
+
+#### Reference
+- https://security.friendsofpresta.org/modules/2024/06/18/pkfacebook.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-36821.md b/2024/CVE-2024-36821.md
new file mode 100644
index 000000000..13c1ce324
--- /dev/null
+++ b/2024/CVE-2024-36821.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36821](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36821)
+
+
+
+
+### Description
+
+Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root.
+
+### POC
+
+#### Reference
+- https://github.com/IvanGlinkin/CVE-2024-36821
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-36837.md b/2024/CVE-2024-36837.md
new file mode 100644
index 000000000..c86ec8e35
--- /dev/null
+++ b/2024/CVE-2024-36837.md
@@ -0,0 +1,18 @@
+### [CVE-2024-36837](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36837)
+
+
+
+
+### Description
+
+SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getProductList function in the ProductController.php file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/tanjiti/sec_profile
+
diff --git a/2024/CVE-2024-36840.md b/2024/CVE-2024-36840.md
new file mode 100644
index 000000000..64c118d2a
--- /dev/null
+++ b/2024/CVE-2024-36840.md
@@ -0,0 +1,19 @@
+### [CVE-2024-36840](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36840)
+
+
+
+
+### Description
+
+SQL Injection vulnerability in Boelter Blue System Management v.1.3 allows a remote attacker to execute arbitrary code and obtain sensitive information via the id parameter to news_details.php and location_details.php; and the section parameter to services.php.
+
+### POC
+
+#### Reference
+- https://infosec-db.github.io/CyberDepot/vuln_boelter_blue/
+- https://packetstormsecurity.com/files/178978/Boelter-Blue-System-Management-1.3-SQL-Injection.html
+- https://sploitus.com/exploit?id=PACKETSTORM:178978
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3690.md b/2024/CVE-2024-3690.md
index 965bb578e..838dbd231 100644
--- a/2024/CVE-2024-3690.md
+++ b/2024/CVE-2024-3690.md
@@ -14,4 +14,5 @@ A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Af
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/psudo-bugboy/CVE-2024
diff --git a/2024/CVE-2024-3691.md b/2024/CVE-2024-3691.md
index 251d4801a..f5819c1d9 100644
--- a/2024/CVE-2024-3691.md
+++ b/2024/CVE-2024-3691.md
@@ -15,4 +15,5 @@ A vulnerability, which was classified as critical, has been found in PHPGurukul
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nikhil-aniill/Small-CRM-CVE
diff --git a/2024/CVE-2024-36966.md b/2024/CVE-2024-36966.md
index e1baddca9..28e3f1127 100644
--- a/2024/CVE-2024-36966.md
+++ b/2024/CVE-2024-36966.md
@@ -1,6 +1,6 @@
### [CVE-2024-36966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36966)
-
+
### Description
diff --git a/2024/CVE-2024-36971.md b/2024/CVE-2024-36971.md
new file mode 100644
index 000000000..eb497f902
--- /dev/null
+++ b/2024/CVE-2024-36971.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36971)
+
+
+
+
+### Description
+
+In the Linux kernel, the following vulnerability has been resolved:net: fix __dst_negative_advice() race__dst_negative_advice() does not enforce proper RCU rules whensk->dst_cache must be cleared, leading to possible UAF.RCU rules are that we must first clear sk->sk_dst_cache,then call dst_release(old_dst).Note that sk_dst_reset(sk) is implementing this protocol correctly,while __dst_negative_advice() uses the wrong order.Given that ip6_negative_advice() has special logicagainst RTF_CACHE, this means each of the three ->negative_advice()existing methods must perform the sk_dst_reset() themselves.Note the check against NULL dst is centralized in__dst_negative_advice(), there is no need to duplicateit in various callbacks.Many thanks to Clement Lecigne for tracking this issue.This old bug became visible after the blamed commit, using UDP sockets.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-3699.md b/2024/CVE-2024-3699.md
new file mode 100644
index 000000000..47a8428d6
--- /dev/null
+++ b/2024/CVE-2024-3699.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3699](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3699)
+
+
+
+
+### Description
+
+Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. The password is the same among all drEryk Gabinet installations.This issue affects drEryk Gabinet software versions from 7.0.0.0 through 9.17.0.0.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-3700.md b/2024/CVE-2024-3700.md
new file mode 100644
index 000000000..92d84c7f9
--- /dev/null
+++ b/2024/CVE-2024-3700.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3700](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3700)
+
+
+
+
+### Description
+
+Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. The password is the same among all Simple Care software installations.This issue affects Estomed Sp. z o.o. Simple Care software in all versions. The software is no longer supported.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-37051.md b/2024/CVE-2024-37051.md
new file mode 100644
index 000000000..91829c27b
--- /dev/null
+++ b/2024/CVE-2024-37051.md
@@ -0,0 +1,34 @@
+### [CVE-2024-37051](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37051)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+### Description
+
+GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-37079.md b/2024/CVE-2024-37079.md
new file mode 100644
index 000000000..3b3a8875f
--- /dev/null
+++ b/2024/CVE-2024-37079.md
@@ -0,0 +1,20 @@
+### [CVE-2024-37079](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37079)
+
+
+
+
+
+
+### Description
+
+vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/tanjiti/sec_profile
+
diff --git a/2024/CVE-2024-37080.md b/2024/CVE-2024-37080.md
new file mode 100644
index 000000000..c00a0f38e
--- /dev/null
+++ b/2024/CVE-2024-37080.md
@@ -0,0 +1,19 @@
+### [CVE-2024-37080](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37080)
+
+
+
+
+
+
+### Description
+
+vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/tanjiti/sec_profile
+
diff --git a/2024/CVE-2024-37301.md b/2024/CVE-2024-37301.md
new file mode 100644
index 000000000..8cd6d94da
--- /dev/null
+++ b/2024/CVE-2024-37301.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37301](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37301)
+
+
+
+
+### Description
+
+Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the affected system. As of time of publication, no patched version exists, nor have any known workarounds been disclosed.
+
+### POC
+
+#### Reference
+- https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37305.md b/2024/CVE-2024-37305.md
new file mode 100644
index 000000000..5d6996eba
--- /dev/null
+++ b/2024/CVE-2024-37305.md
@@ -0,0 +1,21 @@
+### [CVE-2024-37305](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37305)
+
+
+&color=brighgreen)
+
+
+
+
+
+### Description
+
+oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-hybrid PQ key operation is not affected. This issue has been patched in in v0.6.1. All users are advised to upgrade. There are no workarounds for this issue.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/chnzzh/OpenSSL-CVE-lib
+
diff --git a/2024/CVE-2024-37308.md b/2024/CVE-2024-37308.md
new file mode 100644
index 000000000..13c9e877a
--- /dev/null
+++ b/2024/CVE-2024-37308.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37308](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37308)
+
+
+&color=brighgreen)
+
+### Description
+
+The Cooked Pro recipe plugin for WordPress is vulnerable to Persistent Cross-Site Scripting (XSS) via the `_recipe_settings[post_title]` parameter in versions up to, and including, 1.7.15.4 due to insufficient input sanitization and output escaping. This vulnerability allows authenticated attackers with contributor-level access and above to inject arbitrary web scripts in pages that will execute whenever a user accesses a compromised page. A patch is available at commit 8cf88f334ccbf11134080bbb655c66f1cfe77026 and will be part of version 1.8.0.
+
+### POC
+
+#### Reference
+- https://github.com/XjSv/Cooked/security/advisories/GHSA-9vfv-c966-jwrv
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37309.md b/2024/CVE-2024-37309.md
new file mode 100644
index 000000000..ed3f6f0df
--- /dev/null
+++ b/2024/CVE-2024-37309.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37309](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37309)
+
+
+
+
+### Description
+
+CrateDB is a distributed SQL database. A high-risk vulnerability has been identified in versions prior to 5.7.2 where the TLS endpoint (port 4200) permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly request renegotiation of security parameters during an ongoing TLS session. This flaw could lead to excessive consumption of CPU resources, resulting in potential server overload and service disruption. The vulnerability was confirmed using an openssl client where the command `R` initiates renegotiation, followed by the server confirming with `RENEGOTIATING`. This vulnerability allows an attacker to perform a denial of service attack by exhausting server CPU resources through repeated TLS renegotiations. This impacts the availability of services running on the affected server, posing a significant risk to operational stability and security. TLS 1.3 explicitly forbids renegotiation, since it closes a window of opportunity for an attack. Version 5.7.2 of CrateDB contains the fix for the issue.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/chnzzh/OpenSSL-CVE-lib
+
diff --git a/2024/CVE-2024-37393.md b/2024/CVE-2024-37393.md
new file mode 100644
index 000000000..f3fcbd630
--- /dev/null
+++ b/2024/CVE-2024-37393.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37393](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37393)
+
+
+
+
+### Description
+
+Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the /secserver HTTP endpoint. This may include ms-Mcs-AdmPwd, which has a cleartext password for the Local Administrator Password Solution (LAPS) feature.
+
+### POC
+
+#### Reference
+- https://www.optistream.io/blogs/tech/securenvoy-cve-2024-37393
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-3754.md b/2024/CVE-2024-3754.md
new file mode 100644
index 000000000..f8d5e5242
--- /dev/null
+++ b/2024/CVE-2024-3754.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3754](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3754)
+
+
+&color=brighgreen)
+
+### Description
+
+The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/8c6f3e3e-3047-4446-a190-750a60c29fa3/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37568.md b/2024/CVE-2024-37568.md
index 5457a2cb4..dbbb8064e 100644
--- a/2024/CVE-2024-37568.md
+++ b/2024/CVE-2024-37568.md
@@ -10,7 +10,7 @@ lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys
### POC
#### Reference
-No PoCs from references.
+- https://github.com/lepture/authlib/issues/654
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-37619.md b/2024/CVE-2024-37619.md
new file mode 100644
index 000000000..c4fd5279c
--- /dev/null
+++ b/2024/CVE-2024-37619.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37619](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37619)
+
+
+
+
+### Description
+
+StrongShop v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the spec_group_id parameter at /spec/index.blade.php.
+
+### POC
+
+#### Reference
+- https://github.com/Hebing123/cve/issues/45
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37620.md b/2024/CVE-2024-37620.md
new file mode 100644
index 000000000..3f8df4fee
--- /dev/null
+++ b/2024/CVE-2024-37620.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37620](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37620)
+
+
+
+
+### Description
+
+PHPVOD v4.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the id parameter at /view/admin/view.php.
+
+### POC
+
+#### Reference
+- https://github.com/Hebing123/cve/issues/46
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37622.md b/2024/CVE-2024-37622.md
new file mode 100644
index 000000000..bba05b21c
--- /dev/null
+++ b/2024/CVE-2024-37622.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37622](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37622)
+
+
+
+
+### Description
+
+Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the num parameter at /flow/flow.php.
+
+### POC
+
+#### Reference
+- https://github.com/rainrocka/xinhu/issues/4
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37623.md b/2024/CVE-2024-37623.md
new file mode 100644
index 000000000..5fad94d13
--- /dev/null
+++ b/2024/CVE-2024-37623.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37623](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37623)
+
+
+
+
+### Description
+
+Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /kaoqin/tpl_kaoqin_locationchange.html component.
+
+### POC
+
+#### Reference
+- https://github.com/rainrocka/xinhu/issues/5
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37624.md b/2024/CVE-2024-37624.md
new file mode 100644
index 000000000..f6813752b
--- /dev/null
+++ b/2024/CVE-2024-37624.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37624](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37624)
+
+
+
+
+### Description
+
+Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /chajian/inputChajian.php. component.
+
+### POC
+
+#### Reference
+- https://github.com/rainrocka/xinhu/issues/6
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37625.md b/2024/CVE-2024-37625.md
new file mode 100644
index 000000000..7ea391302
--- /dev/null
+++ b/2024/CVE-2024-37625.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37625)
+
+
+
+
+### Description
+
+zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the $search parameter at /index.php.
+
+### POC
+
+#### Reference
+- https://github.com/zhimengzhe/iBarn/issues/20
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37629.md b/2024/CVE-2024-37629.md
new file mode 100644
index 000000000..a54131898
--- /dev/null
+++ b/2024/CVE-2024-37629.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37629](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37629)
+
+
+
+
+### Description
+
+SummerNote 0.8.18 is vulnerable to Cross Site Scripting (XSS) via the Code View Function.
+
+### POC
+
+#### Reference
+- https://github.com/summernote/summernote/issues/4642
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37632.md b/2024/CVE-2024-37632.md
new file mode 100644
index 000000000..985cb8415
--- /dev/null
+++ b/2024/CVE-2024-37632.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37632](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37632)
+
+
+
+
+### Description
+
+TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
+
+### POC
+
+#### Reference
+- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK/A3700R/loginAuth/README.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37633.md b/2024/CVE-2024-37633.md
new file mode 100644
index 000000000..51356dc7c
--- /dev/null
+++ b/2024/CVE-2024-37633.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37633](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37633)
+
+
+
+
+### Description
+
+TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg
+
+### POC
+
+#### Reference
+- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK/A3700R/setWiFiGuestCfg/README.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37634.md b/2024/CVE-2024-37634.md
new file mode 100644
index 000000000..8824ff6d3
--- /dev/null
+++ b/2024/CVE-2024-37634.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37634](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37634)
+
+
+
+
+### Description
+
+TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg.
+
+### POC
+
+#### Reference
+- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK/A3700R/setWiFiEasyCfg/README.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37637.md b/2024/CVE-2024-37637.md
new file mode 100644
index 000000000..6c0f8c682
--- /dev/null
+++ b/2024/CVE-2024-37637.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37637](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37637)
+
+
+
+
+### Description
+
+TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg.
+
+### POC
+
+#### Reference
+- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK/A3700R/setWizardCfg/README.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37642.md b/2024/CVE-2024-37642.md
new file mode 100644
index 000000000..884453c13
--- /dev/null
+++ b/2024/CVE-2024-37642.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37642](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37642)
+
+
+
+
+### Description
+
+TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck .
+
+### POC
+
+#### Reference
+- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TRENDnet/TEW-814DAP/formSystemCheck/README.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37643.md b/2024/CVE-2024-37643.md
new file mode 100644
index 000000000..90862d117
--- /dev/null
+++ b/2024/CVE-2024-37643.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37643](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37643)
+
+
+
+
+### Description
+
+TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth .
+
+### POC
+
+#### Reference
+- https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TRENDnet/TEW-814DAP/formPasswordAuth/README.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37661.md b/2024/CVE-2024-37661.md
new file mode 100644
index 000000000..72358a252
--- /dev/null
+++ b/2024/CVE-2024-37661.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37661](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37661)
+
+
+
+
+### Description
+
+TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages.
+
+### POC
+
+#### Reference
+- https://github.com/ouuan/router-vuln-report/blob/master/icmp-redirect/tl-7dr5130-redirect.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37662.md b/2024/CVE-2024-37662.md
new file mode 100644
index 000000000..8b9d3deb0
--- /dev/null
+++ b/2024/CVE-2024-37662.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37662](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37662)
+
+
+
+
+### Description
+
+TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router.
+
+### POC
+
+#### Reference
+- https://github.com/ouuan/router-vuln-report/blob/master/nat-rst/tl-7dr5130-nat-rst.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37671.md b/2024/CVE-2024-37671.md
new file mode 100644
index 000000000..b79ebf2d7
--- /dev/null
+++ b/2024/CVE-2024-37671.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37671](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37671)
+
+
+
+
+### Description
+
+Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the page parameter.
+
+### POC
+
+#### Reference
+- https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37671.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37672.md b/2024/CVE-2024-37672.md
new file mode 100644
index 000000000..af3ba811d
--- /dev/null
+++ b/2024/CVE-2024-37672.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37672)
+
+
+
+
+### Description
+
+Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the idactivity parameter.
+
+### POC
+
+#### Reference
+- https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37672.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37673.md b/2024/CVE-2024-37673.md
new file mode 100644
index 000000000..4106103b9
--- /dev/null
+++ b/2024/CVE-2024-37673.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37673](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37673)
+
+
+
+
+### Description
+
+Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the filename parameter.
+
+### POC
+
+#### Reference
+- https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37673.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37674.md b/2024/CVE-2024-37674.md
new file mode 100644
index 000000000..a02799505
--- /dev/null
+++ b/2024/CVE-2024-37674.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37674)
+
+
+
+
+### Description
+
+Cross Site Scripting vulnerability in Moodle CMS v3.10 allows a remote attacker to execute arbitrary code via the Field Name (name parameter) of a new activity.
+
+### POC
+
+#### Reference
+- https://github.com/MohamedAzizMSALLEMI/Moodle_Security/blob/main/CVE-2024-37674.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37675.md b/2024/CVE-2024-37675.md
new file mode 100644
index 000000000..99000e1a4
--- /dev/null
+++ b/2024/CVE-2024-37675.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37675)
+
+
+
+
+### Description
+
+Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the parameter "sectionContent" related to the functionality of adding notes to an uploaded file.
+
+### POC
+
+#### Reference
+- https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37675.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3768.md b/2024/CVE-2024-3768.md
index 1d722afc8..72c0f8339 100644
--- a/2024/CVE-2024-3768.md
+++ b/2024/CVE-2024-3768.md
@@ -11,6 +11,7 @@ A vulnerability, which was classified as critical, has been found in PHPGurukul
#### Reference
- https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%204.md
+- https://vuldb.com/?id.260615
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-37791.md b/2024/CVE-2024-37791.md
new file mode 100644
index 000000000..646b51c7c
--- /dev/null
+++ b/2024/CVE-2024-37791.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37791](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37791)
+
+
+
+
+### Description
+
+DuxCMS3 v3.1.3 was discovered to contain a SQL injection vulnerability via the keyword parameter at /article/Content/index?class_id.
+
+### POC
+
+#### Reference
+- https://github.com/duxphp/DuxCMS3/issues/5
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-37799.md b/2024/CVE-2024-37799.md
new file mode 100644
index 000000000..9d974a2fd
--- /dev/null
+++ b/2024/CVE-2024-37799.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37799](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37799)
+
+
+
+
+### Description
+
+CodeProjects Restaurant Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the reserv_id parameter at view_reservations.php.
+
+### POC
+
+#### Reference
+- https://github.com/himanshubindra/CVEs/blob/main/CVE-2024-37799
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37803.md b/2024/CVE-2024-37803.md
new file mode 100644
index 000000000..f05add75e
--- /dev/null
+++ b/2024/CVE-2024-37803.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37803](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37803)
+
+
+
+
+### Description
+
+Multiple stored cross-site scripting (XSS) vulnerabilities in CodeProjects Health Care hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname and lname parameters under the Staff Info page.
+
+### POC
+
+#### Reference
+- https://github.com/himanshubindra/CVEs/blob/main/CVE-2024-37803
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37840.md b/2024/CVE-2024-37840.md
new file mode 100644
index 000000000..3488e5f43
--- /dev/null
+++ b/2024/CVE-2024-37840.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37840](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37840)
+
+
+
+
+### Description
+
+SQL injection vulnerability in processscore.php in Itsourcecode Learning Management System Project In PHP With Source Code v1.0 allows remote attackers to execute arbitrary SQL commands via the LessonID parameter.
+
+### POC
+
+#### Reference
+- https://github.com/ganzhi-qcy/cve/issues/4
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37848.md b/2024/CVE-2024-37848.md
new file mode 100644
index 000000000..59c6a448f
--- /dev/null
+++ b/2024/CVE-2024-37848.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37848](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37848)
+
+
+
+
+### Description
+
+SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php component.
+
+### POC
+
+#### Reference
+- https://github.com/Lanxiy7th/lx_CVE_report-/issues/13
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37849.md b/2024/CVE-2024-37849.md
new file mode 100644
index 000000000..2e93bee59
--- /dev/null
+++ b/2024/CVE-2024-37849.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37849](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37849)
+
+
+
+
+### Description
+
+A SQL Injection vulnerability in itsourcecode Billing System 1.0 allows a local attacker to execute arbitrary code in process.php via the username parameter.
+
+### POC
+
+#### Reference
+- https://github.com/ganzhi-qcy/cve/issues/3
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37877.md b/2024/CVE-2024-37877.md
new file mode 100644
index 000000000..77a798c49
--- /dev/null
+++ b/2024/CVE-2024-37877.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37877](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37877)
+
+
+
+
+### Description
+
+UERANSIM before 3.2.6 allows out-of-bounds read when a RLS packet is sent to gNodeB with malformed PDU length. This occurs in function readOctetString in src/utils/octet_view.cpp and in function DecodeRlsMessage in src/lib/rls/rls_pdu.cpp
+
+### POC
+
+#### Reference
+- https://github.com/f4rs1ght/vuln-research/tree/main/CVE-2024-37877
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37885.md b/2024/CVE-2024-37885.md
new file mode 100644
index 000000000..fa7d1ba30
--- /dev/null
+++ b/2024/CVE-2024-37885.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37885](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37885)
+
+
+&color=brighgreen)
+
+### Description
+
+The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/LOURC0D3/LOURC0D3
+
diff --git a/2024/CVE-2024-37888.md b/2024/CVE-2024-37888.md
new file mode 100644
index 000000000..8226a78f5
--- /dev/null
+++ b/2024/CVE-2024-37888.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37888](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37888)
+
+
+&color=brighgreen)
+
+### Description
+
+The Open Link is a CKEditor plugin, extending context menu with a possibility to open link in a new tab. The vulnerability allowed to execute JavaScript code by abusing link href attribute. It affects all users using the Open Link plugin at version < **1.0.5**.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-37889.md b/2024/CVE-2024-37889.md
new file mode 100644
index 000000000..6aaca38af
--- /dev/null
+++ b/2024/CVE-2024-37889.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37889](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37889)
+
+
+
+
+### Description
+
+MyFinances is a web application for managing finances. MyFinances has a way to access other customer invoices while signed in as a user. This method allows an actor to access PII and financial information from another account. The vulnerability is fixed in 0.4.6.
+
+### POC
+
+#### Reference
+- https://github.com/TreyWW/MyFinances/security/advisories/GHSA-4884-3gvp-3wj2
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-37890.md b/2024/CVE-2024-37890.md
new file mode 100644
index 000000000..0087c3f96
--- /dev/null
+++ b/2024/CVE-2024-37890.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37890](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37890)
+
+
+
+
+### Description
+
+ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in ws@8.17.1 (e55e510) and backported to ws@7.5.10 (22c2876), ws@6.2.3 (eeb76d3), and ws@5.2.4 (4abd8f6). In vulnerable versions of ws, the issue can be mitigated in the following ways: 1. Reduce the maximum allowed length of the request headers using the --max-http-header-size=size and/or the maxHeaderSize options so that no more headers than the server.maxHeadersCount limit can be sent. 2. Set server.maxHeadersCount to 0 so that no limit is applied.
+
+### POC
+
+#### Reference
+- https://github.com/websockets/ws/security/advisories/GHSA-3h5v-q93c-6h6q
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37891.md b/2024/CVE-2024-37891.md
new file mode 100644
index 000000000..c0113f608
--- /dev/null
+++ b/2024/CVE-2024-37891.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37891](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37891)
+
+
+
+
+### Description
+
+ urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* using urllib3's proxy support, it's possible to accidentally configure the `Proxy-Authorization` header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the `Proxy-Authorization` HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the `Proxy-Authorization` header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the `Proxy-Authorization` header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. We believe the number of usages affected by this advisory is low. It requires all of the following to be true to be exploited: 1. Setting the `Proxy-Authorization` header without using urllib3's built-in proxy support. 2. Not disabling HTTP redirects. 3. Either not using an HTTPS origin server or for the proxy or target origin to redirect to a malicious origin. Users are advised to update to either version 1.26.19 or version 2.2.2. Users unable to upgrade may use the `Proxy-Authorization` header with urllib3's `ProxyManager`, disable HTTP redirects using `redirects=False` when sending requests, or not user the `Proxy-Authorization` header as mitigations.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/PBorocz/raindrop-io-py
+
diff --git a/2024/CVE-2024-37896.md b/2024/CVE-2024-37896.md
new file mode 100644
index 000000000..ca642ed37
--- /dev/null
+++ b/2024/CVE-2024-37896.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37896](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37896)
+
+
+&color=brighgreen)
+
+### Description
+
+Gin-vue-admin is a backstage management system based on vue and gin. Gin-vue-admin <= v2.6.5 has SQL injection vulnerability. The SQL injection vulnerabilities occur when a web application allows users to input data into SQL queries without sufficiently validating or sanitizing the input. Failing to properly enforce restrictions on user input could mean that even a basic form input field can be used to inject arbitrary and potentially dangerous SQL commands. This could lead to unauthorized access to the database, data leakage, data manipulation, or even complete compromise of the database server. This vulnerability has been addressed in commit `53d033821` which has been included in release version 2.6.6. Users are advised to upgrade. There are no known workarounds for this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-gf3r-h744-mqgp
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-37904.md b/2024/CVE-2024-37904.md
new file mode 100644
index 000000000..8a81ab0e0
--- /dev/null
+++ b/2024/CVE-2024-37904.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37904](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37904)
+
+
+
+
+### Description
+
+Minder is an open source Software Supply Chain Security Platform. Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the `github.com/go-git/go-git/v5` library on lines `L55-L89`. The Git provider does the following on the lines `L56-L62`. First, it sets the `CloneOptions`, specifying the url, the depth etc. It then validates the options. It then sets up an in-memory filesystem, to which it clones and Finally, it clones the repository. The `(g *Git) Clone()` method is vulnerable to a DoS attack: A Minder user can instruct Minder to clone a large repository which will exhaust memory and crash the Minder server. The root cause of this vulnerability is a combination of the following conditions: 1. Users can control the Git URL which Minder clones, 2. Minder does not enforce a size limit to the repository, 3. Minder clones the entire repository into memory. This issue has been addressed in commit `7979b43` which has been included in release version v0.0.52. Users are advised to upgrade. There are no known workarounds for this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/stacklok/minder/security/advisories/GHSA-hpcg-xjq5-g666
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-38276.md b/2024/CVE-2024-38276.md
new file mode 100644
index 000000000..cffb3c065
--- /dev/null
+++ b/2024/CVE-2024-38276.md
@@ -0,0 +1,17 @@
+### [CVE-2024-38276](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38276)
+
+
+
+
+### Description
+
+Incorrect CSRF token checks resulted in multiple CSRF risks.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/cli-ish/cli-ish
+
diff --git a/2024/CVE-2024-38347.md b/2024/CVE-2024-38347.md
new file mode 100644
index 000000000..d9bfeb5df
--- /dev/null
+++ b/2024/CVE-2024-38347.md
@@ -0,0 +1,17 @@
+### [CVE-2024-38347](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38347)
+
+
+
+
+### Description
+
+CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Room Information module via the id parameter.
+
+### POC
+
+#### Reference
+- https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-38347
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-38348.md b/2024/CVE-2024-38348.md
new file mode 100644
index 000000000..ea6018f7f
--- /dev/null
+++ b/2024/CVE-2024-38348.md
@@ -0,0 +1,17 @@
+### [CVE-2024-38348](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38348)
+
+
+
+
+### Description
+
+CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Staff Info module via the searvalu parameter.
+
+### POC
+
+#### Reference
+- https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-38348
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-38355.md b/2024/CVE-2024-38355.md
new file mode 100644
index 000000000..ce79d0aad
--- /dev/null
+++ b/2024/CVE-2024-38355.md
@@ -0,0 +1,18 @@
+### [CVE-2024-38355](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38355)
+
+
+
+
+
+### Description
+
+Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit `15af22fc22` which has been included in `socket.io@4.6.2` (released in May 2023). The fix was backported in the 2.x branch as well with commit `d30630ba10`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the "error" event to catch these errors.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Y0ursTruly/Y0ursTruly
+
diff --git a/2024/CVE-2024-38358.md b/2024/CVE-2024-38358.md
new file mode 100644
index 000000000..234e436d1
--- /dev/null
+++ b/2024/CVE-2024-38358.md
@@ -0,0 +1,17 @@
+### [CVE-2024-38358](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38358)
+
+
+&color=brighgreen)
+
+### Description
+
+Wasmer is a web assembly (wasm) Runtime supporting WASIX, WASI and Emscripten. If the preopened directory has a symlink pointing outside, WASI programs can traverse the symlink and access host filesystem if the caller sets both `oflags::creat` and `rights::fd_write`. Programs can also crash the runtime by creating a symlink pointing outside with `path_symlink` and `path_open`ing the link. This issue has been addressed in commit `b9483d022` which has been included in release version 4.3.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/wasmerio/wasmer/security/advisories/GHSA-55f3-3qvg-8pv5
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-38394.md b/2024/CVE-2024-38394.md
new file mode 100644
index 000000000..328bfeb9f
--- /dev/null
+++ b/2024/CVE-2024-38394.md
@@ -0,0 +1,19 @@
+### [CVE-2024-38394](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38394)
+
+
+
+
+### Description
+
+** DISPUTED ** Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules and filesystem implementations. NOTE: the GSD supplier indicates that consideration of a mitigation for this within GSD would be in the context of "a new feature, not a CVE."
+
+### POC
+
+#### Reference
+- https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/issues/780
+- https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/issues/780#note_2047914
+- https://pulsesecurity.co.nz/advisories/usbguard-bypass
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-38395.md b/2024/CVE-2024-38395.md
new file mode 100644
index 000000000..b256ea901
--- /dev/null
+++ b/2024/CVE-2024-38395.md
@@ -0,0 +1,17 @@
+### [CVE-2024-38395](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38395)
+
+
+
+
+### Description
+
+In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially exploitable."
+
+### POC
+
+#### Reference
+- http://www.openwall.com/lists/oss-security/2024/06/17/1
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-38396.md b/2024/CVE-2024-38396.md
new file mode 100644
index 000000000..9d7b85946
--- /dev/null
+++ b/2024/CVE-2024-38396.md
@@ -0,0 +1,18 @@
+### [CVE-2024-38396](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38396)
+
+
+
+
+### Description
+
+An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature (enabled by default), allows an attacker to inject arbitrary code into the terminal, a different vulnerability than CVE-2024-38395.
+
+### POC
+
+#### Reference
+- http://www.openwall.com/lists/oss-security/2024/06/17/1
+- https://vin01.github.io/piptagole/escape-sequences/iterm2/rce/2024/06/16/iterm2-rce-window-title-tmux-integration.html
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-3840.md b/2024/CVE-2024-3840.md
index f2cb9781f..49a680dd3 100644
--- a/2024/CVE-2024-3840.md
+++ b/2024/CVE-2024-3840.md
@@ -10,7 +10,7 @@ Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.
### POC
#### Reference
-No PoCs from references.
+- https://issues.chromium.org/issues/41493458
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-38427.md b/2024/CVE-2024-38427.md
new file mode 100644
index 000000000..60dd2b432
--- /dev/null
+++ b/2024/CVE-2024-38427.md
@@ -0,0 +1,18 @@
+### [CVE-2024-38427](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38427)
+
+
+
+
+### Description
+
+In International Color Consortium DemoIccMAX before 85ce74e, a logic flaw in CIccTagXmlProfileSequenceId::ParseXml in IccXML/IccLibXML/IccTagXml.cpp results in unconditionally returning false.
+
+### POC
+
+#### Reference
+- https://github.com/InternationalColorConsortium/DemoIccMAX/pull/66
+- https://github.com/InternationalColorConsortium/DemoIccMAX/pull/66/commits/85ce74ef19fb0751c7e188b06daed22fe74c332c
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-38449.md b/2024/CVE-2024-38449.md
new file mode 100644
index 000000000..7c760801e
--- /dev/null
+++ b/2024/CVE-2024-38449.md
@@ -0,0 +1,17 @@
+### [CVE-2024-38449](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38449)
+
+
+
+
+### Description
+
+A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and possibly earlier versions allows remote authenticated attackers to browse parent directories and read the content of files outside the scope of the application.
+
+### POC
+
+#### Reference
+- https://kasmweb.atlassian.net/servicedesk/customer/portal/3/topic/30ffee7f-4b85-4783-b118-6ae4fd8b0c52
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-38460.md b/2024/CVE-2024-38460.md
new file mode 100644
index 000000000..f895efc94
--- /dev/null
+++ b/2024/CVE-2024-38460.md
@@ -0,0 +1,17 @@
+### [CVE-2024-38460](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38460)
+
+
+
+
+### Description
+
+In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs, etc).
+
+### POC
+
+#### Reference
+- https://sonarsource.atlassian.net/browse/SONAR-21559
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-38469.md b/2024/CVE-2024-38469.md
new file mode 100644
index 000000000..e28a4a4dc
--- /dev/null
+++ b/2024/CVE-2024-38469.md
@@ -0,0 +1,17 @@
+### [CVE-2024-38469](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38469)
+
+
+
+
+### Description
+
+zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the $search parameter at /pay.php.
+
+### POC
+
+#### Reference
+- https://github.com/zhimengzhe/iBarn/issues/20
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-38470.md b/2024/CVE-2024-38470.md
new file mode 100644
index 000000000..409a35788
--- /dev/null
+++ b/2024/CVE-2024-38470.md
@@ -0,0 +1,17 @@
+### [CVE-2024-38470](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38470)
+
+
+
+
+### Description
+
+zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the $search parameter at /own.php.
+
+### POC
+
+#### Reference
+- https://github.com/zhimengzhe/iBarn/issues/20
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3882.md b/2024/CVE-2024-3882.md
index bc5db5c91..8c8a74660 100644
--- a/2024/CVE-2024-3882.md
+++ b/2024/CVE-2024-3882.md
@@ -11,6 +11,7 @@ A vulnerability was found in Tenda W30E 1.0.1.25(633). It has been classified as
#### Reference
- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromRouteStatic.md
+- https://vuldb.com/?id.260916
#### Github
No PoCs found on GitHub currently.
diff --git a/2024/CVE-2024-3922.md b/2024/CVE-2024-3922.md
new file mode 100644
index 000000000..c07dfc1e0
--- /dev/null
+++ b/2024/CVE-2024-3922.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3922](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3922)
+
+
+&color=brighgreen)
+
+### Description
+
+The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-3965.md b/2024/CVE-2024-3965.md
new file mode 100644
index 000000000..8a86491aa
--- /dev/null
+++ b/2024/CVE-2024-3965.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3965)
+
+
+&color=brighgreen)
+
+### Description
+
+The Pray For Me WordPress plugin through 1.0.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/0e1ba2b3-5849-42f6-b503-8b3b520e4a79/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3966.md b/2024/CVE-2024-3966.md
new file mode 100644
index 000000000..523f32c50
--- /dev/null
+++ b/2024/CVE-2024-3966.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3966)
+
+
+&color=brighgreen)
+
+### Description
+
+The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP Admin
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/9f0a575f-862d-4f2e-8d25-82c6f58dd11a/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3971.md b/2024/CVE-2024-3971.md
new file mode 100644
index 000000000..96322cd4f
--- /dev/null
+++ b/2024/CVE-2024-3971.md
@@ -0,0 +1,18 @@
+### [CVE-2024-3971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3971)
+
+
+&color=brighgreen)
+&color=brighgreen)
+
+### Description
+
+The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/5dec5719-105d-4989-a97f-bda04d223322/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3972.md b/2024/CVE-2024-3972.md
new file mode 100644
index 000000000..e5e349249
--- /dev/null
+++ b/2024/CVE-2024-3972.md
@@ -0,0 +1,18 @@
+### [CVE-2024-3972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3972)
+
+
+&color=brighgreen)
+&color=brighgreen)
+
+### Description
+
+The Similarity WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/55dfb9b5-d590-478b-bd1f-d420b79037fa/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3977.md b/2024/CVE-2024-3977.md
new file mode 100644
index 000000000..bed80a804
--- /dev/null
+++ b/2024/CVE-2024-3977.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3977](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3977)
+
+
+&color=brighgreen)
+
+### Description
+
+The WordPress Jitsi Shortcode WordPress plugin through 0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/25851386-eccf-49cb-afbf-c25286c9b19e/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3978.md b/2024/CVE-2024-3978.md
new file mode 100644
index 000000000..87a2bbca6
--- /dev/null
+++ b/2024/CVE-2024-3978.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3978](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3978)
+
+
+&color=brighgreen)
+
+### Description
+
+The WordPress Jitsi Shortcode WordPress plugin through 0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/a9f47d11-47ac-4998-a82a-dc2f3b0decdf/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3992.md b/2024/CVE-2024-3992.md
new file mode 100644
index 000000000..551277c8e
--- /dev/null
+++ b/2024/CVE-2024-3992.md
@@ -0,0 +1,17 @@
+### [CVE-2024-3992](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3992)
+
+
+&color=brighgreen)
+
+### Description
+
+The Amen WordPress plugin through 3.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/e9fe3101-8033-4eee-8b37-06856872e9ef/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-3993.md b/2024/CVE-2024-3993.md
new file mode 100644
index 000000000..4cfead994
--- /dev/null
+++ b/2024/CVE-2024-3993.md
@@ -0,0 +1,18 @@
+### [CVE-2024-3993](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3993)
+
+
+&color=brighgreen)
+&color=brighgreen)
+
+### Description
+
+The AZAN Plugin WordPress plugin through 0.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/19cd60dd-8599-4af3-99db-c42de504606c/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4005.md b/2024/CVE-2024-4005.md
new file mode 100644
index 000000000..e16c93814
--- /dev/null
+++ b/2024/CVE-2024-4005.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4005](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4005)
+
+
+&color=brighgreen)
+
+### Description
+
+The Social Pixel WordPress plugin through 2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/02ca09f8-4080-4969-992d-0e6afb29bc62/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4040.md b/2024/CVE-2024-4040.md
index da624de53..28e550381 100644
--- a/2024/CVE-2024-4040.md
+++ b/2024/CVE-2024-4040.md
@@ -24,6 +24,7 @@ A server side template injection vulnerability in CrushFTP in all versions befor
- https://github.com/Y4tacker/JavaSec
- https://github.com/absholi7ly/absholi7ly
- https://github.com/airbus-cert/CVE-2024-4040
+- https://github.com/enomothem/PenTestNote
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/getdrive/PoC
- https://github.com/gotr00t0day/CVE-2024-4040
diff --git a/2024/CVE-2024-4068.md b/2024/CVE-2024-4068.md
index 20c4c39c6..86f3d52f1 100644
--- a/2024/CVE-2024-4068.md
+++ b/2024/CVE-2024-4068.md
@@ -14,5 +14,5 @@ The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of
- https://github.com/micromatch/braces/pull/37
#### Github
-No PoCs found on GitHub currently.
+- https://github.com/seal-community/patches
diff --git a/2024/CVE-2024-4094.md b/2024/CVE-2024-4094.md
new file mode 100644
index 000000000..79e5e3838
--- /dev/null
+++ b/2024/CVE-2024-4094.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4094](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4094)
+
+
+&color=brighgreen)
+
+### Description
+
+The Simple Share Buttons Adder WordPress plugin before 8.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/04b2feba-e009-4fce-8539-5dfdb4300433/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4145.md b/2024/CVE-2024-4145.md
new file mode 100644
index 000000000..496b16a68
--- /dev/null
+++ b/2024/CVE-2024-4145.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4145](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4145)
+
+
+
+
+### Description
+
+The Search & Replace WordPress plugin before 3.2.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks (such as within a multi-site network).
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/7d5b8764-c82d-4969-a707-f38b63bcadca/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4149.md b/2024/CVE-2024-4149.md
new file mode 100644
index 000000000..a947fa79a
--- /dev/null
+++ b/2024/CVE-2024-4149.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4149](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4149)
+
+
+&color=brighgreen)
+
+### Description
+
+The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button WordPress plugin before 3.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/0256ec2a-f1a9-4110-9978-ee88f9e24237/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4231.md b/2024/CVE-2024-4231.md
new file mode 100644
index 000000000..241ba219d
--- /dev/null
+++ b/2024/CVE-2024-4231.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4231](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4231)
+
+
+
+
+### Description
+
+This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.Successful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-4232.md b/2024/CVE-2024-4232.md
new file mode 100644
index 000000000..3f850a092
--- /dev/null
+++ b/2024/CVE-2024-4232.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4232](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4232)
+
+
+
+
+### Description
+
+This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to lack of encryption or hashing in storing of passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext passwords on the vulnerable system.Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-4270.md b/2024/CVE-2024-4270.md
new file mode 100644
index 000000000..a05bb686b
--- /dev/null
+++ b/2024/CVE-2024-4270.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4270)
+
+
+&color=brighgreen)
+
+### Description
+
+The SVGMagic WordPress plugin through 1.1 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks.
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/7a3b89cc-7a81-448a-94fc-36a7033609d5/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4271.md b/2024/CVE-2024-4271.md
new file mode 100644
index 000000000..a4aaead59
--- /dev/null
+++ b/2024/CVE-2024-4271.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4271)
+
+
+&color=brighgreen)
+
+### Description
+
+The SVGator WordPress plugin through 1.2.6 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks.
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/c1fe0bc7-a340-428e-a549-1e37291bea1c/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4305.md b/2024/CVE-2024-4305.md
new file mode 100644
index 000000000..babcdb1e1
--- /dev/null
+++ b/2024/CVE-2024-4305.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4305](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4305)
+
+
+&color=brighgreen)
+
+### Description
+
+The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.1.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/635be98d-4c17-4e75-871f-9794d85a2eb1/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4358.md b/2024/CVE-2024-4358.md
index 6efcb4826..07d5af395 100644
--- a/2024/CVE-2024-4358.md
+++ b/2024/CVE-2024-4358.md
@@ -15,6 +15,7 @@ No PoCs from references.
#### Github
- https://github.com/GhostTroops/TOP
- https://github.com/Harydhk7/CVE-2024-4358
+- https://github.com/Ostorlab/KEV
- https://github.com/RevoltSecurities/CVE-2024-4358
- https://github.com/Sk1dr0wz/CVE-2024-4358_Mass_Exploit
- https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-4369.md b/2024/CVE-2024-4369.md
index e40ffd015..6975e52d8 100644
--- a/2024/CVE-2024-4369.md
+++ b/2024/CVE-2024-4369.md
@@ -1,5 +1,6 @@
### [CVE-2024-4369](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4369)
-
+
+
diff --git a/2024/CVE-2024-4377.md b/2024/CVE-2024-4377.md
new file mode 100644
index 000000000..27bc435fb
--- /dev/null
+++ b/2024/CVE-2024-4377.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4377](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4377)
+
+
+&color=brighgreen)
+
+### Description
+
+The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/778cebec-bdbb-4538-9518-c5bd50f76961/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4381.md b/2024/CVE-2024-4381.md
new file mode 100644
index 000000000..87714db34
--- /dev/null
+++ b/2024/CVE-2024-4381.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4381](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4381)
+&color=blue)
+
+&color=brighgreen)
+
+### Description
+
+The CB (legacy) WordPress plugin through 0.9.4.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/9b3cda9a-17a7-4173-93a2-d552a874fae9/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4382.md b/2024/CVE-2024-4382.md
new file mode 100644
index 000000000..ed3edc7c4
--- /dev/null
+++ b/2024/CVE-2024-4382.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4382](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4382)
+&color=blue)
+
+&color=brighgreen)
+
+### Description
+
+The CB (legacy) WordPress plugin through 0.9.4.18 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting codes, timeframes, and bookings via CSRF attacks
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/1a67aeab-8145-4c8a-9c18-e6436fa39b63/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4384.md b/2024/CVE-2024-4384.md
new file mode 100644
index 000000000..19bb12fae
--- /dev/null
+++ b/2024/CVE-2024-4384.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4384](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4384)
+
+
+&color=brighgreen)
+
+### Description
+
+The CSSable Countdown WordPress plugin through 1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/ad714196-2590-4dc9-b5b9-50808e9e0d26/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4474.md b/2024/CVE-2024-4474.md
new file mode 100644
index 000000000..638b1539e
--- /dev/null
+++ b/2024/CVE-2024-4474.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4474](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4474)
+
+
+&color=brighgreen)
+
+### Description
+
+The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/71954c60-6a5b-4cac-9920-6d9b787ead9c/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4475.md b/2024/CVE-2024-4475.md
new file mode 100644
index 000000000..cf8d8111a
--- /dev/null
+++ b/2024/CVE-2024-4475.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4475](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4475)
+
+
+&color=brighgreen)
+
+### Description
+
+The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check when clearing logs, which could allow attackers to make a logged in admin clear the logs them via a CSRF attack
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/f0c7fa00-da6e-4f07-875f-7b85759a54b3/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4477.md b/2024/CVE-2024-4477.md
new file mode 100644
index 000000000..644487245
--- /dev/null
+++ b/2024/CVE-2024-4477.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4477)
+
+
+&color=brighgreen)
+
+### Description
+
+The WP Logs Book WordPress plugin through 1.0.1 does not sanitise and escape some of its log data before outputting them back in an admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/ab551552-944c-4e2a-9355-7011cbe553b0/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4480.md b/2024/CVE-2024-4480.md
new file mode 100644
index 000000000..ce3761950
--- /dev/null
+++ b/2024/CVE-2024-4480.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4480](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4480)
+
+
+&color=brighgreen)
+
+### Description
+
+The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/c1e5dee9-c540-4cc1-8b94-c6d1650b52d3/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4484.md b/2024/CVE-2024-4484.md
new file mode 100644
index 000000000..fef819e8f
--- /dev/null
+++ b/2024/CVE-2024-4484.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4484](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4484)
+
+
+&color=brighgreen)
+
+### Description
+
+The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘xai_username’ parameter in versions up to, and including, 5.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-4565.md b/2024/CVE-2024-4565.md
new file mode 100644
index 000000000..2ae39ed6d
--- /dev/null
+++ b/2024/CVE-2024-4565.md
@@ -0,0 +1,18 @@
+### [CVE-2024-4565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4565)
+&color=blue)
+
+
+
+
+### Description
+
+The Advanced Custom Fields (ACF) WordPress plugin before 6.3, Advanced Custom Fields Pro WordPress plugin before 6.3 allows you to display custom field values for any post via shortcode without checking for the correct access
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/430224c4-d6e3-4ca8-b1bc-b2229a9bcf12/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4577.md b/2024/CVE-2024-4577.md
index a22482274..8a5e2075e 100644
--- a/2024/CVE-2024-4577.md
+++ b/2024/CVE-2024-4577.md
@@ -11,6 +11,7 @@ In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, w
#### Reference
- https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/
+- https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately
- https://github.com/11whoami99/CVE-2024-4577
- https://github.com/watchtowrlabs/CVE-2024-4577
- https://github.com/xcanwin/CVE-2024-4577-PHP-RCE
@@ -18,19 +19,27 @@ In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, w
#### Github
- https://github.com/0x20c/CVE-2024-4577-nuclei
+- https://github.com/0xMarcio/cve
- https://github.com/0xsyr0/OSCP
+- https://github.com/11whoami99/CVE-2024-4577
- https://github.com/Chocapikk/CVE-2024-4577
- https://github.com/GhostTroops/TOP
- https://github.com/Junp0/CVE-2024-4577
- https://github.com/K3ysTr0K3R/CVE-2024-4577-EXPLOIT
- https://github.com/K3ysTr0K3R/K3ysTr0K3R
+- https://github.com/Ostorlab/KEV
- https://github.com/Sysc4ll3r/CVE-2024-4577
- https://github.com/TAM-K592/CVE-2024-4577
+- https://github.com/Threekiii/Awesome-POC
+- https://github.com/Threekiii/CVE
- https://github.com/WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP
- https://github.com/Wh02m1/CVE-2024-4577
+- https://github.com/XiangDongCJC/CVE-2024-4577-PHP-CGI-RCE
- https://github.com/Yukiioz/CVE-2024-4577
- https://github.com/ZephrFish/CVE-2024-4577-PHP-RCE
+- https://github.com/bl4cksku11/CVE-2024-4577
- https://github.com/dbyMelina/CVE-2024-4577
+- https://github.com/enomothem/PenTestNote
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template
- https://github.com/it-t4mpan/check_cve_2024_4577.sh
@@ -41,7 +50,9 @@ In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, w
- https://github.com/taida957789/CVE-2024-4577
- https://github.com/tanjiti/sec_profile
- https://github.com/vwilzz/PHP-RCE-4577
+- https://github.com/watchtowrlabs/CVE-2024-4577
- https://github.com/wy876/POC
- https://github.com/wy876/wiki
+- https://github.com/xcanwin/CVE-2024-4577-PHP-RCE
- https://github.com/zomasec/CVE-2024-4577
diff --git a/2024/CVE-2024-4603.md b/2024/CVE-2024-4603.md
index 19c14d27d..309629ce5 100644
--- a/2024/CVE-2024-4603.md
+++ b/2024/CVE-2024-4603.md
@@ -13,6 +13,7 @@ Issue summary: Checking excessively long DSA keys or parameters may be veryslow.
No PoCs from references.
#### Github
+- https://github.com/bcgov/jag-cdds
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-4616.md b/2024/CVE-2024-4616.md
new file mode 100644
index 000000000..57c652aa8
--- /dev/null
+++ b/2024/CVE-2024-4616.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4616](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4616)
+
+
+&color=brighgreen)
+
+### Description
+
+The Widget Bundle WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/d203bf3b-aee9-4755-b429-d6bbdd940890/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4744.md b/2024/CVE-2024-4744.md
new file mode 100644
index 000000000..426a685f6
--- /dev/null
+++ b/2024/CVE-2024-4744.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4744](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4744)
+
+
+
+
+### Description
+
+Missing Authorization vulnerability in Avirtum iPages Flipbook.This issue affects iPages Flipbook: from n/a through 1.5.1.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-4745.md b/2024/CVE-2024-4745.md
new file mode 100644
index 000000000..aa532fa9b
--- /dev/null
+++ b/2024/CVE-2024-4745.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4745)
+
+
+
+
+### Description
+
+Missing Authorization vulnerability in RafflePress Giveaways and Contests by RafflePress.This issue affects Giveaways and Contests by RafflePress: from n/a through 1.12.4.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-4746.md b/2024/CVE-2024-4746.md
new file mode 100644
index 000000000..4d9c455c9
--- /dev/null
+++ b/2024/CVE-2024-4746.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4746](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4746)
+
+
+
+
+### Description
+
+Missing Authorization vulnerability in Netgsm.This issue affects Netgsm: from n/a through 2.9.16.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-4751.md b/2024/CVE-2024-4751.md
new file mode 100644
index 000000000..1fcaf87ad
--- /dev/null
+++ b/2024/CVE-2024-4751.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4751](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4751)
+
+
+&color=brighgreen)
+
+### Description
+
+The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/94f4cc45-4c55-43d4-8ad2-a20c118b589f/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4755.md b/2024/CVE-2024-4755.md
new file mode 100644
index 000000000..b30b99f14
--- /dev/null
+++ b/2024/CVE-2024-4755.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4755](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4755)
+
+
+&color=brighgreen)
+
+### Description
+
+The Google CSE WordPress plugin through 1.0.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/adc6ea6d-29d8-4ad0-b0db-2540e8b3f9a9/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4859.md b/2024/CVE-2024-4859.md
index 38874d0a7..1647d9606 100644
--- a/2024/CVE-2024-4859.md
+++ b/2024/CVE-2024-4859.md
@@ -13,5 +13,6 @@ Solidus <= 4.3.4 is affected by a Stored Cross-Site Scripting vulnerability in
No PoCs from references.
#### Github
+- https://github.com/JoshuaMart/JoshuaMart
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-4860.md b/2024/CVE-2024-4860.md
index 1dabcbe1d..700cf2c67 100644
--- a/2024/CVE-2024-4860.md
+++ b/2024/CVE-2024-4860.md
@@ -13,5 +13,6 @@ The 'WordPress RSS Aggregator' WordPress Plugin, versions < 4.23.9 are affected
- https://www.tenable.com/security/research/tra-2024-16
#### Github
+- https://github.com/JoshuaMart/JoshuaMart
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-4898.md b/2024/CVE-2024-4898.md
new file mode 100644
index 000000000..9da9406ed
--- /dev/null
+++ b/2024/CVE-2024-4898.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4898](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4898)
+
+
+
+
+### Description
+
+The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all versions up to, and including, 0.1.0.38. This makes it possible for unauthenticated attackers to connect the site to InstaWP API, edit arbitrary site options and create administrator accounts.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-4924.md b/2024/CVE-2024-4924.md
new file mode 100644
index 000000000..551090421
--- /dev/null
+++ b/2024/CVE-2024-4924.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4924)
+
+
+&color=brighgreen)
+
+### Description
+
+The Social Sharing Plugin WordPress plugin before 3.3.63 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/1867505f-d112-4919-9fd5-01745aa0433e/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4956.md b/2024/CVE-2024-4956.md
index 79534f46a..961290368 100644
--- a/2024/CVE-2024-4956.md
+++ b/2024/CVE-2024-4956.md
@@ -23,6 +23,7 @@ No PoCs from references.
- https://github.com/X1r0z/JettyFuzz
- https://github.com/banditzCyber0x/CVE-2024-4956
- https://github.com/codeb0ss/CVE-2024-4956-PoC
+- https://github.com/enomothem/PenTestNote
- https://github.com/erickfernandox/CVE-2024-4956
- https://github.com/fin3ss3g0d/CVE-2024-4956
- https://github.com/fin3ss3g0d/Shiro1Extractor
diff --git a/2024/CVE-2024-4960.md b/2024/CVE-2024-4960.md
new file mode 100644
index 000000000..1d647af79
--- /dev/null
+++ b/2024/CVE-2024-4960.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4960](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4960)
+
+
+
+
+### Description
+
+** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000-40 V31R02B1413C. Affected is an unknown function of the file interface/sysmanage/licenseauthorization.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264528. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/JoshuaMart/JoshuaMart
+
diff --git a/2024/CVE-2024-4969.md b/2024/CVE-2024-4969.md
new file mode 100644
index 000000000..9b53e62ab
--- /dev/null
+++ b/2024/CVE-2024-4969.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4969](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4969)
+
+
+&color=brighgreen)
+
+### Description
+
+The Widget Bundle WordPress plugin through 2.0.0 does not have CSRF checks when logging Widgets, which could allow attackers to make logged in admin enable/disable widgets via a CSRF attack
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/1a7ec5dc-eda4-4fed-9df9-f41d2b937fed/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-4970.md b/2024/CVE-2024-4970.md
new file mode 100644
index 000000000..40c77d663
--- /dev/null
+++ b/2024/CVE-2024-4970.md
@@ -0,0 +1,17 @@
+### [CVE-2024-4970](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4970)
+
+
+&color=brighgreen)
+
+### Description
+
+The Widget Bundle WordPress plugin through 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/4a9fc352-7ec2-4992-9cda-7bdca4f42788/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5102.md b/2024/CVE-2024-5102.md
new file mode 100644
index 000000000..b99926787
--- /dev/null
+++ b/2024/CVE-2024-5102.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5102](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5102)
+
+
+
+
+### Description
+
+A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (settings -> troubleshooting -> repair) feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the system. This can provide a low-privileged user an Elevation of Privilege to win a race-condition which will re-create the system files and make Windows callback to a specially-crafted file which could be used to launch a privileged shell instance.This issue affects Avast Antivirus prior to 24.2.
+
+### POC
+
+#### Reference
+- https://support.norton.com/sp/static/external/tools/security-advisories.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5155.md b/2024/CVE-2024-5155.md
new file mode 100644
index 000000000..3d9b069c0
--- /dev/null
+++ b/2024/CVE-2024-5155.md
@@ -0,0 +1,18 @@
+### [CVE-2024-5155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5155)
+
+
+&color=brighgreen)
+&color=brighgreen)
+
+### Description
+
+The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/f1e90a8a-d959-4316-a5d4-e183854944bd/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5172.md b/2024/CVE-2024-5172.md
new file mode 100644
index 000000000..b2b421fda
--- /dev/null
+++ b/2024/CVE-2024-5172.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5172](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5172)
+
+
+&color=brighgreen)
+
+### Description
+
+The Expert Invoice WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/65d84e69-0548-4c7d-bcde-5777d72da555/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5208.md b/2024/CVE-2024-5208.md
new file mode 100644
index 000000000..013bc865e
--- /dev/null
+++ b/2024/CVE-2024-5208.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5208)
+
+
+
+
+### Description
+
+An uncontrolled resource consumption vulnerability exists in the `upload-link` endpoint of mintplex-labs/anything-llm. This vulnerability allows attackers to cause a denial of service (DOS) by shutting down the server through sending invalid upload requests. Specifically, the server can be made to shut down by sending an empty body with a 'Content-Length: 0' header or by sending a body with arbitrary content, such as 'asdasdasd', with a 'Content-Length: 9' header. The vulnerability is reproducible by users with at least a 'Manager' role, sending a crafted request to any workspace. This issue indicates that a previous fix was not effective in mitigating the vulnerability.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/sev-hack/sev-hack
+
diff --git a/2024/CVE-2024-5410.md b/2024/CVE-2024-5410.md
index 660bcd8d7..95a282da7 100644
--- a/2024/CVE-2024-5410.md
+++ b/2024/CVE-2024-5410.md
@@ -10,6 +10,7 @@ Missing input validation in the ORing IAP-420 web-interface allows stored Cross-
### POC
#### Reference
+- http://seclists.org/fulldisclosure/2024/May/36
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/
#### Github
diff --git a/2024/CVE-2024-5411.md b/2024/CVE-2024-5411.md
index e3ad2cda6..3f1326218 100644
--- a/2024/CVE-2024-5411.md
+++ b/2024/CVE-2024-5411.md
@@ -10,6 +10,7 @@ Missing input validation and OS command integration of the input in the ORing IA
### POC
#### Reference
+- http://seclists.org/fulldisclosure/2024/May/36
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/
#### Github
diff --git a/2024/CVE-2024-5420.md b/2024/CVE-2024-5420.md
index 62e1243a0..0ccceebcb 100644
--- a/2024/CVE-2024-5420.md
+++ b/2024/CVE-2024-5420.md
@@ -12,6 +12,7 @@ Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computer
### POC
#### Reference
+- http://seclists.org/fulldisclosure/2024/Jun/4
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/index.html
#### Github
diff --git a/2024/CVE-2024-5421.md b/2024/CVE-2024-5421.md
index 768a58ff0..031822847 100644
--- a/2024/CVE-2024-5421.md
+++ b/2024/CVE-2024-5421.md
@@ -12,6 +12,7 @@ Missing input validation and OS command integration of the input in the utnserve
### POC
#### Reference
+- http://seclists.org/fulldisclosure/2024/Jun/4
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html
#### Github
diff --git a/2024/CVE-2024-5422.md b/2024/CVE-2024-5422.md
index c983739f8..88fa4164c 100644
--- a/2024/CVE-2024-5422.md
+++ b/2024/CVE-2024-5422.md
@@ -12,6 +12,7 @@ An uncontrolled resource consumption of file descriptors in SEH Computertechnik
### POC
#### Reference
+- http://seclists.org/fulldisclosure/2024/Jun/4
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html
#### Github
diff --git a/2024/CVE-2024-5447.md b/2024/CVE-2024-5447.md
new file mode 100644
index 000000000..eb1507dbf
--- /dev/null
+++ b/2024/CVE-2024-5447.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5447](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5447)
+
+
+&color=brighgreen)
+
+### Description
+
+The PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/a692b869-1666-42d1-b56d-dfcccd68ab67/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5448.md b/2024/CVE-2024-5448.md
new file mode 100644
index 000000000..c352f042e
--- /dev/null
+++ b/2024/CVE-2024-5448.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5448](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5448)
+
+
+&color=brighgreen)
+
+### Description
+
+The PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode WordPress plugin through 1.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/c482fe19-b643-41ea-8194-22776b388290/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5475.md b/2024/CVE-2024-5475.md
new file mode 100644
index 000000000..e0f2fe41a
--- /dev/null
+++ b/2024/CVE-2024-5475.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5475](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5475)
+
+
+&color=brighgreen)
+
+### Description
+
+The Responsive video embed WordPress plugin before 0.5.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/cee66543-b5d6-4205-8f9b-0febd7fee445/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5522.md b/2024/CVE-2024-5522.md
new file mode 100644
index 000000000..eaa30b33d
--- /dev/null
+++ b/2024/CVE-2024-5522.md
@@ -0,0 +1,18 @@
+### [CVE-2024-5522](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5522)
+
+
+
+
+### Description
+
+The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/bc76ef95-a2a9-4185-8ed9-1059097a506a/
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/truonghuuphuc/CVE-2024-5522-Poc
+
diff --git a/2024/CVE-2024-5585.md b/2024/CVE-2024-5585.md
index 38f3f3c76..380812131 100644
--- a/2024/CVE-2024-5585.md
+++ b/2024/CVE-2024-5585.md
@@ -15,4 +15,5 @@ In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, t
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/tianstcht/tianstcht
diff --git a/2024/CVE-2024-5656.md b/2024/CVE-2024-5656.md
index 17bdb5482..da58c7004 100644
--- a/2024/CVE-2024-5656.md
+++ b/2024/CVE-2024-5656.md
@@ -1,11 +1,11 @@
### [CVE-2024-5656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5656)
-
-
-&color=brighgreen)
+
+
+
### Description
-The Google CSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
+** REJECT ** Accidental duplicate assignment of CVE-2024-4755. Please use CVE-2024-4755.
### POC
diff --git a/2024/CVE-2024-5657.md b/2024/CVE-2024-5657.md
index c6c1791da..da4d02bb4 100644
--- a/2024/CVE-2024-5657.md
+++ b/2024/CVE-2024-5657.md
@@ -10,6 +10,7 @@ The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3
### POC
#### Reference
+- http://www.openwall.com/lists/oss-security/2024/06/06/1
- https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-01_CraftCMS_Plugin_Two-Factor_Authentication_Password_Hash_Disclosure
#### Github
diff --git a/2024/CVE-2024-5658.md b/2024/CVE-2024-5658.md
index 1d2d78b37..3626e5ccf 100644
--- a/2024/CVE-2024-5658.md
+++ b/2024/CVE-2024-5658.md
@@ -10,6 +10,7 @@ The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP
### POC
#### Reference
+- http://www.openwall.com/lists/oss-security/2024/06/06/2
- https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-02_CraftCMS_Plugin_Two-Factor_Authentication_TOTP_Valid_After_Use
#### Github
diff --git a/2024/CVE-2024-5676.md b/2024/CVE-2024-5676.md
new file mode 100644
index 000000000..3ac02ff51
--- /dev/null
+++ b/2024/CVE-2024-5676.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5676)
+
+
+&color=brighgreen)
+
+### Description
+
+The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery (CSRF) attacks due to a lack of countermeasures and the use of the HTTP method `GET` to introduce changes in the system.
+
+### POC
+
+#### Reference
+- https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240321-01_Paradox_Cross_Site_Request_Forgery
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5758.md b/2024/CVE-2024-5758.md
index fb586b47d..5cc0a16ed 100644
--- a/2024/CVE-2024-5758.md
+++ b/2024/CVE-2024-5758.md
@@ -1,11 +1,11 @@
### [CVE-2024-5758](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5758)
-
-
-&color=brighgreen)
+
+
+
### Description
-The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filterMobileText parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+** REJECT ** Duplicate of CVE-2024-4305. Please use CVE-2024-4305 instead.
### POC
diff --git a/2024/CVE-2024-5772.md b/2024/CVE-2024-5772.md
index f48e275f1..2afcce72e 100644
--- a/2024/CVE-2024-5772.md
+++ b/2024/CVE-2024-5772.md
@@ -10,7 +10,7 @@ A vulnerability, which was classified as critical, has been found in Netentsec N
### POC
#### Reference
-No PoCs from references.
+- https://github.com/charliecatsec/cve1/blob/main/NS-ASG-sql-deleteiscuser.md
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-5785.md b/2024/CVE-2024-5785.md
new file mode 100644
index 000000000..f4113aef7
--- /dev/null
+++ b/2024/CVE-2024-5785.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5785](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5785)
+
+
+&color=brighgreen)
+
+### Description
+
+Command injection vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us version. This vulnerability could allow an authenticated user to execute commands inside the router by making a POST request to the URL “/boaform/admin/formUserTracert”.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-5786.md b/2024/CVE-2024-5786.md
new file mode 100644
index 000000000..266699814
--- /dev/null
+++ b/2024/CVE-2024-5786.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5786](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5786)
+
+
+&color=brighgreen)
+
+### Description
+
+Cross-Site Request Forgery vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us version. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application to which he is authenticated.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-5851.md b/2024/CVE-2024-5851.md
new file mode 100644
index 000000000..920de9aa0
--- /dev/null
+++ b/2024/CVE-2024-5851.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5851](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5851)
+
+
+
+
+### Description
+
+A vulnerability classified as problematic has been found in playSMS up to 1.4.7. Affected is an unknown function of the file /index.php?app=main&inc=feature_schedule&op=list of the component SMS Schedule Handler. The manipulation of the argument name/message leads to basic cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.4.8 is able to address this issue. The name of the patch is 7a88920f6b536c6a91512e739bcb4e8adefeed2b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-267912. NOTE: The code maintainer was contacted early about this disclosure and was eager to prepare a fix as quickly as possible.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?submit.347385
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5894.md b/2024/CVE-2024-5894.md
new file mode 100644
index 000000000..792845899
--- /dev/null
+++ b/2024/CVE-2024-5894.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5894](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5894)
+
+
+
+
+### Description
+
+A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. This vulnerability affects unknown code of the file manage_product.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-268138 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/Hefei-Coffee/cve/blob/main/sql10.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5895.md b/2024/CVE-2024-5895.md
new file mode 100644
index 000000000..ccf827fc1
--- /dev/null
+++ b/2024/CVE-2024-5895.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5895](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5895)
+
+
+
+
+### Description
+
+A vulnerability, which was classified as critical, has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. This issue affects the function delete_users of the file /classes/Users.php?f=delete. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268139.
+
+### POC
+
+#### Reference
+- https://github.com/Hefei-Coffee/cve/blob/main/sql11.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5896.md b/2024/CVE-2024-5896.md
new file mode 100644
index 000000000..33e6d5b02
--- /dev/null
+++ b/2024/CVE-2024-5896.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5896](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5896)
+
+
+
+
+### Description
+
+A vulnerability, which was classified as critical, was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is the function save_users of the file /classes/Users.php?f=save. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268140.
+
+### POC
+
+#### Reference
+- https://github.com/Hefei-Coffee/cve/blob/main/sql12.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5898.md b/2024/CVE-2024-5898.md
new file mode 100644
index 000000000..c72a2be2d
--- /dev/null
+++ b/2024/CVE-2024-5898.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5898](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5898)
+
+
+
+
+### Description
+
+A vulnerability was found in itsourcecode Payroll Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file print_payroll.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-268142 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/guiyxli/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5981.md b/2024/CVE-2024-5981.md
new file mode 100644
index 000000000..918181f26
--- /dev/null
+++ b/2024/CVE-2024-5981.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5981](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5981)
+
+
+
+
+### Description
+
+A vulnerability was found in itsourcecode Online House Rental System 1.0. It has been classified as critical. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-268458 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/LiuYongXiang-git/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5983.md b/2024/CVE-2024-5983.md
new file mode 100644
index 000000000..4cacff38b
--- /dev/null
+++ b/2024/CVE-2024-5983.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5983](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5983)
+
+
+
+
+### Description
+
+A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file bookPerPub.php. The manipulation of the argument pubid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268459.
+
+### POC
+
+#### Reference
+- https://github.com/LiuYongXiang-git/cve/issues/2
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5984.md b/2024/CVE-2024-5984.md
new file mode 100644
index 000000000..1729586a5
--- /dev/null
+++ b/2024/CVE-2024-5984.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5984](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5984)
+
+
+
+
+### Description
+
+A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file book.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268460.
+
+### POC
+
+#### Reference
+- https://github.com/LiuYongXiang-git/cve/issues/3
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5985.md b/2024/CVE-2024-5985.md
new file mode 100644
index 000000000..0c4fd6365
--- /dev/null
+++ b/2024/CVE-2024-5985.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5985](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5985)
+
+
+
+
+### Description
+
+A vulnerability classified as critical has been found in SourceCodester Best Online News Portal 1.0. This affects an unknown part of the file /admin/index.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-268461 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/CveSecLook/cve/issues/45
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6006.md b/2024/CVE-2024-6006.md
new file mode 100644
index 000000000..611794f63
--- /dev/null
+++ b/2024/CVE-2024-6006.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6006](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6006)
+
+
+
+
+### Description
+
+A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Summer Schedule Handler. The manipulation of the argument Schedule Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-268694 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?submit.351403
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6007.md b/2024/CVE-2024-6007.md
new file mode 100644
index 000000000..7ee317375
--- /dev/null
+++ b/2024/CVE-2024-6007.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6007](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6007)
+
+
+
+
+### Description
+
+A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /protocol/iscgwtunnel/deleteiscgwrouteconf.php. The manipulation of the argument messagecontent leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268695. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/SecureF1sh/findings/blob/main/ns_sqli.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6009.md b/2024/CVE-2024-6009.md
new file mode 100644
index 000000000..387923852
--- /dev/null
+++ b/2024/CVE-2024-6009.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6009](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6009)
+
+
+
+
+### Description
+
+A vulnerability has been found in itsourcecode Event Calendar 1.0 and classified as critical. Affected by this vulnerability is the function regConfirm/regDelete of the file process.php. The manipulation of the argument userId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268699.
+
+### POC
+
+#### Reference
+- https://github.com/AutoZhou1/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6013.md b/2024/CVE-2024-6013.md
new file mode 100644
index 000000000..d7e08702a
--- /dev/null
+++ b/2024/CVE-2024-6013.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6013](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6013)
+
+
+
+
+### Description
+
+A vulnerability was found in itsourcecode Online Book Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin_delete.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-268721 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/gabriel202212/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6015.md b/2024/CVE-2024-6015.md
new file mode 100644
index 000000000..3b0dd99dd
--- /dev/null
+++ b/2024/CVE-2024-6015.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6015](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6015)
+
+
+
+
+### Description
+
+A vulnerability classified as critical was found in itsourcecode Online House Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument month_of leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268723.
+
+### POC
+
+#### Reference
+- https://github.com/chenwulin-bit/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6016.md b/2024/CVE-2024-6016.md
new file mode 100644
index 000000000..1551def27
--- /dev/null
+++ b/2024/CVE-2024-6016.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6016](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6016)
+
+
+
+
+### Description
+
+A vulnerability, which was classified as critical, has been found in itsourcecode Online Laundry Management System 1.0. Affected by this issue is some unknown functionality of the file admin_class.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268724.
+
+### POC
+
+#### Reference
+- https://github.com/chenwulin-bit/cve/issues/2
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6041.md b/2024/CVE-2024-6041.md
new file mode 100644
index 000000000..702ab7842
--- /dev/null
+++ b/2024/CVE-2024-6041.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6041](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6041)
+
+
+
+
+### Description
+
+A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-268765 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/ssiicckk/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6042.md b/2024/CVE-2024-6042.md
new file mode 100644
index 000000000..d69f66330
--- /dev/null
+++ b/2024/CVE-2024-6042.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6042](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6042)
+
+
+
+
+### Description
+
+A vulnerability was found in itsourcecode Real Estate Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file property-detail.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-268766 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/Cormac315/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6043.md b/2024/CVE-2024-6043.md
new file mode 100644
index 000000000..27c758d48
--- /dev/null
+++ b/2024/CVE-2024-6043.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6043](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6043)
+
+
+
+
+### Description
+
+A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects the function login of the file admin_class.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268767.
+
+### POC
+
+#### Reference
+- https://github.com/yezzzo/y3/blob/main/SourceCodester%20Best%20house%20rental%20management%20system%20project%20in%20php%201.0%20SQL%20Injection.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6061.md b/2024/CVE-2024-6061.md
new file mode 100644
index 000000000..fcd120ca8
--- /dev/null
+++ b/2024/CVE-2024-6061.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6061](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6061)
+
+
+
+
+### Description
+
+A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffin_process of the file src/filters/isoffin_read.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of the patch is 20c0f29139a82779b86453ce7f68d0681ec7624c. It is recommended to apply a patch to fix this issue. The identifier VDB-268789 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/gpac/gpac/issues/2871
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6084.md b/2024/CVE-2024-6084.md
new file mode 100644
index 000000000..39a590d5d
--- /dev/null
+++ b/2024/CVE-2024-6084.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6084](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6084)
+
+
+
+
+### Description
+
+A vulnerability has been found in itsourcecode Pool of Bethesda Online Reservation System up to 1.0 and classified as critical. Affected by this vulnerability is the function uploadImage of the file /admin/mod_room/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-268825 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/Laster-dev/CVE/issues/2
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6111.md b/2024/CVE-2024-6111.md
new file mode 100644
index 000000000..b16ad1f4d
--- /dev/null
+++ b/2024/CVE-2024-6111.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6111](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6111)
+
+
+
+
+### Description
+
+A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-268857 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/wangyuan-ui/CVE/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6113.md b/2024/CVE-2024-6113.md
new file mode 100644
index 000000000..458bb4f41
--- /dev/null
+++ b/2024/CVE-2024-6113.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6113](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6113)
+
+
+
+
+### Description
+
+A vulnerability was found in itsourcecode Monbela Tourist Inn Online Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The identifier VDB-268865 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/wangyuan-ui/CVE/issues/3
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6114.md b/2024/CVE-2024-6114.md
new file mode 100644
index 000000000..79f66a9fd
--- /dev/null
+++ b/2024/CVE-2024-6114.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6114](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6114)
+
+
+
+
+### Description
+
+A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online Reservation System up to 1.0. Affected is an unknown function of the file controller.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-268866 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/wangyuan-ui/CVE/issues/4
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6120.md b/2024/CVE-2024-6120.md
new file mode 100644
index 000000000..4e4f5f92c
--- /dev/null
+++ b/2024/CVE-2024-6120.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6120](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6120)
+
+
+
+
+### Description
+
+The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and demo data import due to a missing capability check on the multiple functions in all versions up to and including 1.4.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete all posts, pages, and uploaded files, as well as download and install a limited set of demo plugins.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-6184.md b/2024/CVE-2024-6184.md
new file mode 100644
index 000000000..38febe46b
--- /dev/null
+++ b/2024/CVE-2024-6184.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6184](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6184)
+
+
+
+
+### Description
+
+A vulnerability classified as critical was found in Ruijie RG-UAC 1.0. Affected by this vulnerability is an unknown functionality of the file /view/systemConfig/reboot/reboot_commit.php. The manipulation of the argument servicename leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269155. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/L1OudFd8cl09/CVE/blob/main/11_06_2024_a.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6187.md b/2024/CVE-2024-6187.md
new file mode 100644
index 000000000..244c0adb9
--- /dev/null
+++ b/2024/CVE-2024-6187.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6187](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6187)
+
+
+
+
+### Description
+
+A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects unknown code of the file /view/vpn/autovpn/sub_commit.php. The manipulation of the argument key leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-269158 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/L1OudFd8cl09/CVE/blob/main/11_06_2024_d.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6188.md b/2024/CVE-2024-6188.md
new file mode 100644
index 000000000..9b16386c5
--- /dev/null
+++ b/2024/CVE-2024-6188.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6188](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6188)
+
+
+
+
+### Description
+
+A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269159. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://kiwiyumi.com/post/tracksys-export-source-code/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6190.md b/2024/CVE-2024-6190.md
new file mode 100644
index 000000000..b632c7b53
--- /dev/null
+++ b/2024/CVE-2024-6190.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6190)
+
+
+
+
+### Description
+
+A vulnerability was found in itsourcecode Farm Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-269162 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/HryspaHodor/CVE/issues/2
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6191.md b/2024/CVE-2024-6191.md
new file mode 100644
index 000000000..a34d2c7e7
--- /dev/null
+++ b/2024/CVE-2024-6191.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6191](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6191)
+
+
+
+
+### Description
+
+A vulnerability classified as critical has been found in itsourcecode Student Management System 1.0. This affects an unknown part of the file login.php of the component Login Page. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269163.
+
+### POC
+
+#### Reference
+- https://github.com/HryspaHodor/CVE/issues/3
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6192.md b/2024/CVE-2024-6192.md
new file mode 100644
index 000000000..b937c27c4
--- /dev/null
+++ b/2024/CVE-2024-6192.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6192](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6192)
+
+
+
+
+### Description
+
+A vulnerability classified as critical was found in itsourcecode Loan Management System 1.0. This vulnerability affects unknown code of the file login.php of the component Login Page. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269164.
+
+### POC
+
+#### Reference
+- https://github.com/HryspaHodor/CVE/issues/4
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6194.md b/2024/CVE-2024-6194.md
new file mode 100644
index 000000000..0b8e581c9
--- /dev/null
+++ b/2024/CVE-2024-6194.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6194)
+
+
+
+
+### Description
+
+A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System 1.0. Affected is an unknown function of the file editmeasurement.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-269166 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/HryspaHodor/CVE/issues/6
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6218.md b/2024/CVE-2024-6218.md
new file mode 100644
index 000000000..ab51e1080
--- /dev/null
+++ b/2024/CVE-2024-6218.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6218)
+
+
+
+
+### Description
+
+A vulnerability, which was classified as critical, has been found in itsourcecode Vehicle Management System 1.0. Affected by this issue is some unknown functionality of the file busprofile.php. The manipulation of the argument busid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-269282 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/HryspaHodor/CVE/issues/7
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/github.txt b/github.txt
index 8ffa4bbef..6ae042fc6 100644
--- a/github.txt
+++ b/github.txt
@@ -102,6 +102,7 @@ CVE-1999-0256 - https://github.com/x00itachi/metasploit-exploit-search-online
CVE-1999-0372 - https://github.com/SamanShafigh/vulBERT
CVE-1999-0428 - https://github.com/chnzzh/OpenSSL-CVE-lib
CVE-1999-0502 - https://github.com/ahm3dhany/IDS-Evasion
+CVE-1999-0511 - https://github.com/anvithalolla/Tesla_PenTest
CVE-1999-0524 - https://github.com/mikemackintosh/ruby-qualys
CVE-1999-0532 - https://github.com/HeiTang/ZYXEl-CTF-WriteUp
CVE-1999-0635 - https://github.com/muchdogesec/cve2stix
@@ -161,6 +162,7 @@ CVE-2000-0109 - https://github.com/Live-Hack-CVE/CVE-2000-0109
CVE-2000-0114 - https://github.com/0xPugal/One-Liners
CVE-2000-0114 - https://github.com/0xPugazh/One-Liners
CVE-2000-0114 - https://github.com/ARPSyndicate/kenzer-templates
+CVE-2000-0114 - https://github.com/CVEDB/awesome-cve-repo
CVE-2000-0114 - https://github.com/Cappricio-Securities/CVE-2000-0114
CVE-2000-0114 - https://github.com/Live-Hack-CVE/CVE-2000-0114
CVE-2000-0114 - https://github.com/POORVAJA-195/Nuclei-Analysis-main
@@ -175,6 +177,7 @@ CVE-2000-0142 - https://github.com/Live-Hack-CVE/CVE-2000-0142
CVE-2000-0143 - https://github.com/Live-Hack-CVE/CVE-2000-0143
CVE-2000-0170 - https://github.com/ARPSyndicate/cvemon
CVE-2000-0170 - https://github.com/CVEDB/PoC-List
+CVE-2000-0170 - https://github.com/CVEDB/awesome-cve-repo
CVE-2000-0170 - https://github.com/mike182/exploit
CVE-2000-0182 - https://github.com/Live-Hack-CVE/CVE-2000-0182
CVE-2000-0388 - https://github.com/ARPSyndicate/cvemon
@@ -189,6 +192,8 @@ CVE-2000-0564 - https://github.com/CamiloEscobar98/DjangoProject
CVE-2000-0649 - https://github.com/0xNVAN/win-iisadmin
CVE-2000-0649 - https://github.com/ARPSyndicate/cvemon
CVE-2000-0649 - https://github.com/CVEDB/PoC-List
+CVE-2000-0649 - https://github.com/CVEDB/awesome-cve-repo
+CVE-2000-0649 - https://github.com/Downgraderz/PoC-CVE-2000-0649
CVE-2000-0649 - https://github.com/JimboJimbabwe/HackGPTV2
CVE-2000-0649 - https://github.com/amtzespinosa/lord-of-the-root-walkthrough
CVE-2000-0649 - https://github.com/hanmin0512/Web-hacking-LAB
@@ -211,6 +216,7 @@ CVE-2000-0936 - https://github.com/Parist0nH1ll/Vulnerabilities-Write-Ups
CVE-2000-0979 - https://github.com/ARPSyndicate/cvemon
CVE-2000-0979 - https://github.com/Ascotbe/Kernelhub
CVE-2000-0979 - https://github.com/CVEDB/PoC-List
+CVE-2000-0979 - https://github.com/CVEDB/awesome-cve-repo
CVE-2000-0979 - https://github.com/Cruxer8Mech/Idk
CVE-2000-0979 - https://github.com/Z6543/CVE-2000-0979
CVE-2000-0979 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
@@ -285,6 +291,7 @@ CVE-2001-0550 - https://github.com/AnyMaster/EQGRP
CVE-2001-0550 - https://github.com/Badbug6/EQGRP
CVE-2001-0550 - https://github.com/CKmaenn/EQGRP
CVE-2001-0550 - https://github.com/CVEDB/PoC-List
+CVE-2001-0550 - https://github.com/CVEDB/awesome-cve-repo
CVE-2001-0550 - https://github.com/CybernetiX-S3C/EQGRP_Linux
CVE-2001-0550 - https://github.com/Drift-Security/Shadow_Brokers-Vs-NSA
CVE-2001-0550 - https://github.com/IHA114/EQGRP
@@ -326,6 +333,7 @@ CVE-2001-0554 - https://github.com/vshaliii/DC-4-Vulnhub-Walkthrough
CVE-2001-0561 - https://github.com/jubram/es_tpf
CVE-2001-0680 - https://github.com/ARPSyndicate/cvemon
CVE-2001-0680 - https://github.com/CVEDB/PoC-List
+CVE-2001-0680 - https://github.com/CVEDB/awesome-cve-repo
CVE-2001-0690 - https://github.com/AnyMaster/EQGRP
CVE-2001-0690 - https://github.com/Badbug6/EQGRP
CVE-2001-0690 - https://github.com/CKmaenn/EQGRP
@@ -361,18 +369,23 @@ CVE-2001-0690 - https://github.com/wuvuw/EQGR
CVE-2001-0690 - https://github.com/x0rz/EQGRP
CVE-2001-0758 - https://github.com/ARPSyndicate/cvemon
CVE-2001-0758 - https://github.com/CVEDB/PoC-List
+CVE-2001-0758 - https://github.com/CVEDB/awesome-cve-repo
CVE-2001-0797 - https://github.com/0xdea/exploits
CVE-2001-0797 - https://github.com/Kicksecure/security-misc
CVE-2001-0797 - https://github.com/Whonix/security-misc
CVE-2001-0845 - https://github.com/jhswartz/cvrfdb
CVE-2001-0931 - https://github.com/ARPSyndicate/cvemon
CVE-2001-0931 - https://github.com/CVEDB/PoC-List
+CVE-2001-0931 - https://github.com/CVEDB/awesome-cve-repo
CVE-2001-0932 - https://github.com/ARPSyndicate/cvemon
CVE-2001-0932 - https://github.com/CVEDB/PoC-List
+CVE-2001-0932 - https://github.com/CVEDB/awesome-cve-repo
CVE-2001-0933 - https://github.com/ARPSyndicate/cvemon
CVE-2001-0933 - https://github.com/CVEDB/PoC-List
+CVE-2001-0933 - https://github.com/CVEDB/awesome-cve-repo
CVE-2001-0934 - https://github.com/ARPSyndicate/cvemon
CVE-2001-0934 - https://github.com/CVEDB/PoC-List
+CVE-2001-0934 - https://github.com/CVEDB/awesome-cve-repo
CVE-2001-1002 - https://github.com/Xiol/CVEChecker
CVE-2001-1092 - https://github.com/truefinder/truefinder
CVE-2001-1093 - https://github.com/truefinder/truefinder
@@ -386,9 +399,11 @@ CVE-2001-1382 - https://github.com/phx/cvescan
CVE-2001-1432 - https://github.com/SamanShafigh/vulBERT
CVE-2001-1442 - https://github.com/ARPSyndicate/cvemon
CVE-2001-1442 - https://github.com/CVEDB/PoC-List
+CVE-2001-1442 - https://github.com/CVEDB/awesome-cve-repo
CVE-2001-1451 - https://github.com/clearbluejar/cve-markdown-charts
CVE-2001-1473 - https://github.com/0xget/cve-2001-1473
CVE-2001-1473 - https://github.com/ARPSyndicate/kenzer-templates
+CVE-2001-1473 - https://github.com/CVEDB/awesome-cve-repo
CVE-2001-1473 - https://github.com/codine7/Hacking_Automated
CVE-2001-1473 - https://github.com/codine7/fox
CVE-2001-1473 - https://github.com/codine7/jungle
@@ -398,6 +413,7 @@ CVE-2001-1494 - https://github.com/jaydenaung/CloudGuard-ShiftLeft-CICD-AWS
CVE-2001-1494 - https://github.com/tp1-SpZIaPvBD/testprojekt
CVE-2001-1583 - https://github.com/Live-Hack-CVE/CVE-2001-1583
CVE-2001-1594 - https://github.com/wsbespalov/vmengine
+CVE-2001-3389 - https://github.com/CVEDB/awesome-cve-repo
CVE-2001-3389 - https://github.com/becrevex/Gaston
CVE-2002-0029 - https://github.com/C4ssif3r/nmap-scripts
CVE-2002-0029 - https://github.com/stran0s/stran0s
@@ -408,18 +424,25 @@ CVE-2002-0082 - https://github.com/piyush-saurabh/exploits
CVE-2002-0082 - https://github.com/rosonsec/Exploits
CVE-2002-0200 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0200 - https://github.com/CVEDB/PoC-List
+CVE-2002-0200 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-0201 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0201 - https://github.com/CVEDB/PoC-List
+CVE-2002-0201 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-0288 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0288 - https://github.com/CVEDB/PoC-List
+CVE-2002-0288 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-0289 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0289 - https://github.com/CVEDB/PoC-List
+CVE-2002-0289 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-0346 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0346 - https://github.com/CVEDB/PoC-List
+CVE-2002-0346 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-0347 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0347 - https://github.com/CVEDB/PoC-List
+CVE-2002-0347 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-0348 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0348 - https://github.com/CVEDB/PoC-List
+CVE-2002-0348 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-0367 - https://github.com/Ostorlab/KEV
CVE-2002-0367 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2002-0367 - https://github.com/todb-cisa/kev-cwes
@@ -431,6 +454,7 @@ CVE-2002-0422 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0422 - https://github.com/k0pak4/k0pak4
CVE-2002-0448 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0448 - https://github.com/CVEDB/PoC-List
+CVE-2002-0448 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-0526 - https://github.com/bcoles/local-exploits
CVE-2002-0649 - https://github.com/rewardone/MS02-039-Port
CVE-2002-0651 - https://github.com/C4ssif3r/nmap-scripts
@@ -449,12 +473,15 @@ CVE-2002-0680 - https://github.com/alt3kx/alt3kx.github.io
CVE-2002-0685 - https://github.com/hannob/pgpbugs
CVE-2002-0740 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0740 - https://github.com/CVEDB/PoC-List
+CVE-2002-0740 - https://github.com/CVEDB/awesome-cve-repo
+CVE-2002-0748 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-0748 - https://github.com/fauzanwijaya/CVE-2002-0748
CVE-2002-0839 - https://github.com/Live-Hack-CVE/CVE-2002-0839
CVE-2002-0970 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0970 - https://github.com/chnzzh/OpenSSL-CVE-lib
CVE-2002-0991 - https://github.com/ARPSyndicate/cvemon
CVE-2002-0991 - https://github.com/CVEDB/PoC-List
+CVE-2002-0991 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-1024 - https://github.com/phx/cvescan
CVE-2002-1120 - https://github.com/ret2eax/exploits
CVE-2002-1131 - https://github.com/0xget/cve-2001-1473
@@ -489,6 +516,7 @@ CVE-2002-1569 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2002-1569 - https://github.com/ARPSyndicate/cvemon
CVE-2002-1614 - https://github.com/ARPSyndicate/cvemon
CVE-2002-1614 - https://github.com/CVEDB/PoC-List
+CVE-2002-1614 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-1614 - https://github.com/DrewSC13/Linpeas
CVE-2002-1614 - https://github.com/cedelasen/htb-laboratory
CVE-2002-1614 - https://github.com/chorankates/Irked
@@ -507,6 +535,7 @@ CVE-2002-1904 - https://github.com/Hanc1999/System-Security-Exploit-Practice
CVE-2002-20001 - https://github.com/ARPSyndicate/cvemon
CVE-2002-20001 - https://github.com/Balasys/dheater
CVE-2002-20001 - https://github.com/CVEDB/PoC-List
+CVE-2002-20001 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-20001 - https://github.com/Live-Hack-CVE/CVE-2002-20001
CVE-2002-20001 - https://github.com/Live-Hack-CVE/CVE-2022-40735
CVE-2002-20001 - https://github.com/anquanscan/sec-tools
@@ -518,6 +547,7 @@ CVE-2002-2086 - https://github.com/tawrid/the-game-changer
CVE-2002-2268 - https://github.com/cherry-wb/monalisa
CVE-2002-2420 - https://github.com/ARPSyndicate/cvemon
CVE-2002-2420 - https://github.com/CVEDB/PoC-List
+CVE-2002-2420 - https://github.com/CVEDB/awesome-cve-repo
CVE-2002-2420 - https://github.com/krdsploit/CVE-2002-2420
CVE-2002-2443 - https://github.com/ARPSyndicate/cvemon
CVE-2003-0001 - https://github.com/ARPSyndicate/cvemon
@@ -844,6 +874,7 @@ CVE-2004-0077 - https://github.com/C0dak/linux-kernel-exploits
CVE-2004-0077 - https://github.com/C0dak/local-root-exploit-
CVE-2004-0077 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2004-0077 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2004-0077 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2004-0077 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2004-0077 - https://github.com/Micr067/linux-kernel-exploits
CVE-2004-0077 - https://github.com/QChiLan/linux-exp
@@ -882,6 +913,7 @@ CVE-2004-0077 - https://github.com/qiantu88/Linux--exp
CVE-2004-0077 - https://github.com/rakjong/LinuxElevation
CVE-2004-0077 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2004-0077 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2004-0077 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2004-0077 - https://github.com/xairy/linux-kernel-exploitation
CVE-2004-0077 - https://github.com/xfinest/linux-kernel-exploits
CVE-2004-0077 - https://github.com/xssfile/linux-kernel-exploits
@@ -964,6 +996,7 @@ CVE-2004-1235 - https://github.com/C0dak/linux-kernel-exploits
CVE-2004-1235 - https://github.com/C0dak/local-root-exploit-
CVE-2004-1235 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2004-1235 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2004-1235 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2004-1235 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2004-1235 - https://github.com/Micr067/linux-kernel-exploits
CVE-2004-1235 - https://github.com/QChiLan/linux-exp
@@ -1202,6 +1235,7 @@ CVE-2005-0736 - https://github.com/C0dak/linux-kernel-exploits
CVE-2005-0736 - https://github.com/C0dak/local-root-exploit-
CVE-2005-0736 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2005-0736 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2005-0736 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2005-0736 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2005-0736 - https://github.com/Micr067/linux-kernel-exploits
CVE-2005-0736 - https://github.com/QChiLan/linux-exp
@@ -1250,6 +1284,7 @@ CVE-2005-1263 - https://github.com/C0dak/linux-kernel-exploits
CVE-2005-1263 - https://github.com/C0dak/local-root-exploit-
CVE-2005-1263 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2005-1263 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2005-1263 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2005-1263 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2005-1263 - https://github.com/Micr067/linux-kernel-exploits
CVE-2005-1263 - https://github.com/QChiLan/linux-exp
@@ -1290,6 +1325,7 @@ CVE-2005-1794 - https://github.com/CVEDB/PoC-List
CVE-2005-1794 - https://github.com/CVEDB/awesome-cve-repo
CVE-2005-1794 - https://github.com/InitRoot/CVE-2005-1794Scanner
CVE-2005-1794 - https://github.com/Ressurect0/fluffyLogic
+CVE-2005-1794 - https://github.com/anvithalolla/Tesla_PenTest
CVE-2005-1915 - https://github.com/mirac7/codegraph
CVE-2005-1983 - https://github.com/ARPSyndicate/cvemon
CVE-2005-1983 - https://github.com/Al1ex/WindowsElevation
@@ -1318,6 +1354,7 @@ CVE-2005-2428 - https://github.com/Elsfa7-110/kenzer-templates
CVE-2005-2428 - https://github.com/POORVAJA-195/Nuclei-Analysis-main
CVE-2005-2428 - https://github.com/d4n-sec/d4n-sec.github.io
CVE-2005-2428 - https://github.com/gojhonny/Pentesting-Scripts
+CVE-2005-2428 - https://github.com/jobroche/Pentesting-Scripts
CVE-2005-2428 - https://github.com/merlinepedra/nuclei-templates
CVE-2005-2428 - https://github.com/merlinepedra25/nuclei-templates
CVE-2005-2428 - https://github.com/schwankner/CVE-2005-2428-IBM-Lotus-Domino-R8-Password-Hash-Extraction-Exploit
@@ -1450,6 +1487,7 @@ CVE-2006-20001 - https://github.com/ARPSyndicate/cvemon
CVE-2006-20001 - https://github.com/ByteXenon/IP-Security-Database
CVE-2006-20001 - https://github.com/CVEDB/PoC-List
CVE-2006-20001 - https://github.com/CVEDB/awesome-cve-repo
+CVE-2006-20001 - https://github.com/EzeTauil/Maquina-Upload
CVE-2006-20001 - https://github.com/Live-Hack-CVE/CVE-2006-20001
CVE-2006-20001 - https://github.com/Saksham2002/CVE-2006-20001
CVE-2006-20001 - https://github.com/bioly230/THM_Skynet
@@ -1478,6 +1516,7 @@ CVE-2006-2451 - https://github.com/C0dak/linux-kernel-exploits
CVE-2006-2451 - https://github.com/C0dak/local-root-exploit-
CVE-2006-2451 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2006-2451 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2006-2451 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2006-2451 - https://github.com/Jasut1n/CVE
CVE-2006-2451 - https://github.com/Jasut1n/c-exploits
CVE-2006-2451 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -1602,6 +1641,7 @@ CVE-2006-3626 - https://github.com/C0dak/linux-kernel-exploits
CVE-2006-3626 - https://github.com/C0dak/local-root-exploit-
CVE-2006-3626 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2006-3626 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2006-3626 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2006-3626 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2006-3626 - https://github.com/Micr067/linux-kernel-exploits
CVE-2006-3626 - https://github.com/QChiLan/linux-exp
@@ -2146,6 +2186,7 @@ CVE-2007-4573 - https://github.com/knd06/linux-kernel-exploitation
CVE-2007-4573 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2007-4573 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2007-4573 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2007-4573 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2007-4573 - https://github.com/xairy/linux-kernel-exploitation
CVE-2007-4607 - https://github.com/ARPSyndicate/cvemon
CVE-2007-4607 - https://github.com/CVEDB/PoC-List
@@ -2398,6 +2439,7 @@ CVE-2008-0009 - https://github.com/knd06/linux-kernel-exploitation
CVE-2008-0009 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2008-0009 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2008-0009 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2008-0009 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2008-0009 - https://github.com/xairy/linux-kernel-exploitation
CVE-2008-0010 - https://github.com/ARPSyndicate/cvemon
CVE-2008-0010 - https://github.com/R0B1NL1N/linux-kernel-exploitation
@@ -2413,6 +2455,7 @@ CVE-2008-0010 - https://github.com/knd06/linux-kernel-exploitation
CVE-2008-0010 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2008-0010 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2008-0010 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2008-0010 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2008-0010 - https://github.com/xairy/linux-kernel-exploitation
CVE-2008-0116 - https://github.com/defensahacker/debian-weak-ssh
CVE-2008-0122 - https://github.com/Heshamshaban001/Kioptix-level-1-walk-through
@@ -2515,6 +2558,7 @@ CVE-2008-0600 - https://github.com/C0dak/linux-kernel-exploits
CVE-2008-0600 - https://github.com/C0dak/local-root-exploit-
CVE-2008-0600 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2008-0600 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2008-0600 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2008-0600 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2008-0600 - https://github.com/Micr067/linux-kernel-exploits
CVE-2008-0600 - https://github.com/QChiLan/linux-exp
@@ -2553,6 +2597,7 @@ CVE-2008-0600 - https://github.com/qiantu88/Linux--exp
CVE-2008-0600 - https://github.com/rakjong/LinuxElevation
CVE-2008-0600 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2008-0600 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2008-0600 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2008-0600 - https://github.com/xairy/linux-kernel-exploitation
CVE-2008-0600 - https://github.com/xfinest/linux-kernel-exploits
CVE-2008-0600 - https://github.com/xssfile/linux-kernel-exploits
@@ -2567,6 +2612,7 @@ CVE-2008-0888 - https://github.com/phonito/phonito-vulnerable-container
CVE-2008-0891 - https://github.com/ARPSyndicate/cvemon
CVE-2008-0891 - https://github.com/chnzzh/OpenSSL-CVE-lib
CVE-2008-0900 - https://github.com/Al1ex/LinuxEelvation
+CVE-2008-0900 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2008-0900 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2008-0900 - https://github.com/Snoopy-Sec/Localroot-ALL-CVE
CVE-2008-0900 - https://github.com/fei9747/LinuxEelvation
@@ -2934,6 +2980,7 @@ CVE-2008-4210 - https://github.com/C0dak/linux-kernel-exploits
CVE-2008-4210 - https://github.com/C0dak/local-root-exploit-
CVE-2008-4210 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2008-4210 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2008-4210 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2008-4210 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2008-4210 - https://github.com/Micr067/linux-kernel-exploits
CVE-2008-4210 - https://github.com/QChiLan/linux-exp
@@ -3272,6 +3319,7 @@ CVE-2009-0065 - https://github.com/knd06/linux-kernel-exploitation
CVE-2009-0065 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2009-0065 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2009-0065 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2009-0065 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2009-0065 - https://github.com/xairy/linux-kernel-exploitation
CVE-2009-0075 - https://github.com/Shenal01/SNP_CVE_RESEARCH
CVE-2009-0079 - https://github.com/Al1ex/WindowsElevation
@@ -3474,6 +3522,7 @@ CVE-2009-1046 - https://github.com/knd06/linux-kernel-exploitation
CVE-2009-1046 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2009-1046 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2009-1046 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2009-1046 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2009-1046 - https://github.com/xairy/linux-kernel-exploitation
CVE-2009-1061 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2009-1061 - https://github.com/ARPSyndicate/cvemon
@@ -3516,6 +3565,7 @@ CVE-2009-1185 - https://github.com/C0dak/linux-kernel-exploits
CVE-2009-1185 - https://github.com/C0dak/local-root-exploit-
CVE-2009-1185 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2009-1185 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2009-1185 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2009-1185 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
CVE-2009-1185 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2009-1185 - https://github.com/Micr067/linux-kernel-exploits
@@ -3613,6 +3663,7 @@ CVE-2009-1337 - https://github.com/C0dak/linux-kernel-exploits
CVE-2009-1337 - https://github.com/C0dak/local-root-exploit-
CVE-2009-1337 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2009-1337 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2009-1337 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2009-1337 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2009-1337 - https://github.com/Micr067/linux-kernel-exploits
CVE-2009-1337 - https://github.com/QChiLan/linux-exp
@@ -3838,6 +3889,7 @@ CVE-2009-2692 - https://github.com/CVEDB/PoC-List
CVE-2009-2692 - https://github.com/CVEDB/awesome-cve-repo
CVE-2009-2692 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2009-2692 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2009-2692 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2009-2692 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
CVE-2009-2692 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2009-2692 - https://github.com/Micr067/linux-kernel-exploits
@@ -3888,6 +3940,7 @@ CVE-2009-2692 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2009-2692 - https://github.com/talent-x90c/cve_list
CVE-2009-2692 - https://github.com/tangsilian/android-vuln
CVE-2009-2692 - https://github.com/taviso/iknowthis
+CVE-2009-2692 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2009-2692 - https://github.com/x90hack/vulnerabilty_lab
CVE-2009-2692 - https://github.com/xairy/linux-kernel-exploitation
CVE-2009-2692 - https://github.com/xfinest/linux-kernel-exploits
@@ -3903,6 +3956,7 @@ CVE-2009-2698 - https://github.com/CVEDB/PoC-List
CVE-2009-2698 - https://github.com/CVEDB/awesome-cve-repo
CVE-2009-2698 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2009-2698 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2009-2698 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2009-2698 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2009-2698 - https://github.com/Micr067/linux-kernel-exploits
CVE-2009-2698 - https://github.com/QChiLan/linux-exp
@@ -3987,6 +4041,7 @@ CVE-2009-2910 - https://github.com/knd06/linux-kernel-exploitation
CVE-2009-2910 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2009-2910 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2009-2910 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2009-2910 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2009-2910 - https://github.com/xairy/linux-kernel-exploitation
CVE-2009-2942 - https://github.com/scmanjarrez/CVEScannerV2
CVE-2009-2948 - https://github.com/Live-Hack-CVE/CVE-2009-2948
@@ -4008,6 +4063,7 @@ CVE-2009-3001 - https://github.com/knd06/linux-kernel-exploitation
CVE-2009-3001 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2009-3001 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2009-3001 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2009-3001 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2009-3001 - https://github.com/xairy/linux-kernel-exploitation
CVE-2009-3036 - https://github.com/ARPSyndicate/cvemon
CVE-2009-3036 - https://github.com/CVEDB/awesome-cve-repo
@@ -4101,6 +4157,7 @@ CVE-2009-3547 - https://github.com/C0dak/linux-kernel-exploits
CVE-2009-3547 - https://github.com/C0dak/local-root-exploit-
CVE-2009-3547 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2009-3547 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2009-3547 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2009-3547 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
CVE-2009-3547 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2009-3547 - https://github.com/Micr067/linux-kernel-exploits
@@ -4215,6 +4272,7 @@ CVE-2009-3843 - https://github.com/oneplus-x/Sn1per
CVE-2009-3843 - https://github.com/samba234/Sniper
CVE-2009-3843 - https://github.com/twekkis/cybersecuritybase-project2
CVE-2009-3843 - https://github.com/unusualwork/Sn1per
+CVE-2009-3895 - https://github.com/ch1hyun/fuzzing-class
CVE-2009-3938 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2009-3938 - https://github.com/ARPSyndicate/cvemon
CVE-2009-3941 - https://github.com/ARPSyndicate/cvemon
@@ -4679,6 +4737,7 @@ CVE-2010-1146 - https://github.com/C0dak/linux-kernel-exploits
CVE-2010-1146 - https://github.com/C0dak/local-root-exploit-
CVE-2010-1146 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2010-1146 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2010-1146 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2010-1146 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
CVE-2010-1146 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2010-1146 - https://github.com/Micr067/linux-kernel-exploits
@@ -5099,6 +5158,7 @@ CVE-2010-2240 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2010-2240 - https://github.com/knd06/linux-kernel-exploitation
CVE-2010-2240 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2010-2240 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2010-2240 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2010-2240 - https://github.com/xairy/linux-kernel-exploitation
CVE-2010-2259 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2010-2307 - https://github.com/ARPSyndicate/kenzer-templates
@@ -5368,6 +5428,7 @@ CVE-2010-2554 - https://github.com/fei9747/WindowsElevation
CVE-2010-2554 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
CVE-2010-2568 - https://github.com/ARPSyndicate/cvemon
CVE-2010-2568 - https://github.com/Kuromesi/Py4CSKG
+CVE-2010-2568 - https://github.com/MN439/bingduziyuan
CVE-2010-2568 - https://github.com/Ostorlab/KEV
CVE-2010-2568 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2010-2568 - https://github.com/jisosomppi/pentesting
@@ -5485,6 +5546,7 @@ CVE-2010-2883 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detec
CVE-2010-2883 - https://github.com/ThunderJie/CVE
CVE-2010-2883 - https://github.com/Zhouyi827/myblog
CVE-2010-2883 - https://github.com/amliaW4/amliaW4.github.io
+CVE-2010-2883 - https://github.com/fangdada/ctf
CVE-2010-2883 - https://github.com/int0/pdfexplorer
CVE-2010-2883 - https://github.com/season-lab/rop-collection
CVE-2010-2883 - https://github.com/xinali/articles
@@ -5510,6 +5572,7 @@ CVE-2010-2959 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2010-2959 - https://github.com/DhivaKD/OSCP-Notes
CVE-2010-2959 - https://github.com/Elinpf/OSCP-survival-guide
CVE-2010-2959 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2010-2959 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2010-2959 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
CVE-2010-2959 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2010-2959 - https://github.com/MLGBSec/os-survival
@@ -5585,6 +5648,7 @@ CVE-2010-2959 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2010-2959 - https://github.com/spencerdodd/kernelpop
CVE-2010-2959 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2010-2959 - https://github.com/whackmanic/OSCP_Found
+CVE-2010-2959 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2010-2959 - https://github.com/xairy/linux-kernel-exploitation
CVE-2010-2959 - https://github.com/xfinest/linux-kernel-exploits
CVE-2010-2959 - https://github.com/xssfile/linux-kernel-exploits
@@ -5606,6 +5670,7 @@ CVE-2010-2963 - https://github.com/knd06/linux-kernel-exploitation
CVE-2010-2963 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2010-2963 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2010-2963 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2010-2963 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2010-2963 - https://github.com/xairy/linux-kernel-exploitation
CVE-2010-3035 - https://github.com/Ostorlab/KEV
CVE-2010-3035 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
@@ -5618,6 +5683,7 @@ CVE-2010-3081 - https://github.com/C0dak/linux-kernel-exploits
CVE-2010-3081 - https://github.com/C0dak/local-root-exploit-
CVE-2010-3081 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2010-3081 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2010-3081 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2010-3081 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
CVE-2010-3081 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2010-3081 - https://github.com/Micr067/linux-kernel-exploits
@@ -5661,6 +5727,7 @@ CVE-2010-3081 - https://github.com/rakjong/LinuxElevation
CVE-2010-3081 - https://github.com/ram4u/Linux_Exploit_Suggester
CVE-2010-3081 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2010-3081 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2010-3081 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2010-3081 - https://github.com/xairy/linux-kernel-exploitation
CVE-2010-3081 - https://github.com/xfinest/linux-kernel-exploits
CVE-2010-3081 - https://github.com/xssfile/linux-kernel-exploits
@@ -5687,6 +5754,7 @@ CVE-2010-3301 - https://github.com/C0dak/linux-kernel-exploits
CVE-2010-3301 - https://github.com/C0dak/local-root-exploit-
CVE-2010-3301 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2010-3301 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2010-3301 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2010-3301 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
CVE-2010-3301 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2010-3301 - https://github.com/Micr067/linux-kernel-exploits
@@ -5729,6 +5797,7 @@ CVE-2010-3301 - https://github.com/rakjong/LinuxElevation
CVE-2010-3301 - https://github.com/ram4u/Linux_Exploit_Suggester
CVE-2010-3301 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2010-3301 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2010-3301 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2010-3301 - https://github.com/xairy/linux-kernel-exploitation
CVE-2010-3301 - https://github.com/xfinest/linux-kernel-exploits
CVE-2010-3301 - https://github.com/xssfile/linux-kernel-exploits
@@ -5754,6 +5823,7 @@ CVE-2010-3333 - https://github.com/djschleen/ash
CVE-2010-3333 - https://github.com/doshyt/cve-monitor
CVE-2010-3333 - https://github.com/enthought/cve-search
CVE-2010-3333 - https://github.com/extremenetworks/cve-search-src
+CVE-2010-3333 - https://github.com/fangdada/ctf
CVE-2010-3333 - https://github.com/jerfinj/cve-search
CVE-2010-3333 - https://github.com/miradam/cve-search
CVE-2010-3333 - https://github.com/pandazheng/Threat-Intelligence-Analyst
@@ -5832,6 +5902,7 @@ CVE-2010-3437 - https://github.com/rakjong/LinuxElevation
CVE-2010-3437 - https://github.com/ram4u/Linux_Exploit_Suggester
CVE-2010-3437 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2010-3437 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2010-3437 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2010-3437 - https://github.com/xairy/linux-kernel-exploitation
CVE-2010-3437 - https://github.com/xfinest/linux-kernel-exploits
CVE-2010-3437 - https://github.com/xssfile/linux-kernel-exploits
@@ -6007,6 +6078,7 @@ CVE-2010-3904 - https://github.com/DictionaryHouse/The-Security-Handbook-Kali-Li
CVE-2010-3904 - https://github.com/Elinpf/OSCP-survival-guide
CVE-2010-3904 - https://github.com/Feng4/linux-kernel-exploits
CVE-2010-3904 - https://github.com/Gajasurve/The-Security-Handbook
+CVE-2010-3904 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2010-3904 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2010-3904 - https://github.com/MLGBSec/os-survival
CVE-2010-3904 - https://github.com/Micr067/linux-kernel-exploits
@@ -6128,6 +6200,7 @@ CVE-2010-4073 - https://github.com/C0dak/linux-kernel-exploits
CVE-2010-4073 - https://github.com/C0dak/local-root-exploit-
CVE-2010-4073 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2010-4073 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2010-4073 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2010-4073 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
CVE-2010-4073 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2010-4073 - https://github.com/Micr067/linux-kernel-exploits
@@ -6199,6 +6272,7 @@ CVE-2010-4258 - https://github.com/C0dak/local-root-exploit-
CVE-2010-4258 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2010-4258 - https://github.com/Feng4/linux-kernel-exploits
CVE-2010-4258 - https://github.com/HUSTSeclab/Kernel-Exploits
+CVE-2010-4258 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2010-4258 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2010-4258 - https://github.com/Micr067/linux-kernel-exploits
CVE-2010-4258 - https://github.com/QChiLan/linux-exp
@@ -6243,6 +6317,7 @@ CVE-2010-4258 - https://github.com/sonu7519/linux-priv-Esc
CVE-2010-4258 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2010-4258 - https://github.com/tranquac/Linux-Privilege-Escalation
CVE-2010-4258 - https://github.com/usamaelshazly/Linux-Privilege-Escalation
+CVE-2010-4258 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2010-4258 - https://github.com/xairy/linux-kernel-exploitation
CVE-2010-4258 - https://github.com/xfinest/linux-kernel-exploits
CVE-2010-4258 - https://github.com/xssfile/linux-kernel-exploits
@@ -6269,6 +6344,7 @@ CVE-2010-4347 - https://github.com/C0dak/linux-kernel-exploits
CVE-2010-4347 - https://github.com/C0dak/local-root-exploit-
CVE-2010-4347 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2010-4347 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2010-4347 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2010-4347 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
CVE-2010-4347 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2010-4347 - https://github.com/Micr067/linux-kernel-exploits
@@ -6428,6 +6504,7 @@ CVE-2010-5107 - https://github.com/zzzWTF/db-13-01
CVE-2010-5110 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2010-5110 - https://github.com/ARPSyndicate/cvemon
CVE-2010-5137 - https://github.com/ARPSyndicate/cvemon
+CVE-2010-5137 - https://github.com/cryptoquick/ossification
CVE-2010-5137 - https://github.com/uvhw/conchimgiangnang
CVE-2010-5137 - https://github.com/uvhw/wallet.cpp
CVE-2010-5138 - https://github.com/ARPSyndicate/cvemon
@@ -6625,6 +6702,7 @@ CVE-2011-0762 - https://github.com/Okarn/TP_securite_EDOU_JACQUEMONT
CVE-2011-0762 - https://github.com/hack-parthsharma/Vision
CVE-2011-0807 - https://github.com/ACIC-Africa/metasploitable3
CVE-2011-0865 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
+CVE-2011-0923 - https://github.com/marcocarolasec/CVE-2016-2004-Exploit
CVE-2011-10001 - https://github.com/Live-Hack-CVE/CVE-2011-10001
CVE-2011-10001 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2011-10002 - https://github.com/Live-Hack-CVE/CVE-2011-10002
@@ -6775,6 +6853,7 @@ CVE-2011-1493 - https://github.com/knd06/linux-kernel-exploitation
CVE-2011-1493 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2011-1493 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2011-1493 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2011-1493 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2011-1493 - https://github.com/xairy/linux-kernel-exploitation
CVE-2011-1502 - https://github.com/starnightcyber/vul-info-collect
CVE-2011-1503 - https://github.com/starnightcyber/vul-info-collect
@@ -6960,6 +7039,7 @@ CVE-2011-2523 - https://github.com/sanskar30/vsftpd_2.3.4_Exploit
CVE-2011-2523 - https://github.com/shamsulchowdhury/Unit-16-Homework-Penetration-Testing1
CVE-2011-2523 - https://github.com/slxwzk/slxwzkBotnet
CVE-2011-2523 - https://github.com/sponkmonk/Ladon_english_update
+CVE-2011-2523 - https://github.com/sug4r-wr41th/CVE-2011-2523
CVE-2011-2523 - https://github.com/sunzu94/vsftpd_2.3.4_Exploit
CVE-2011-2523 - https://github.com/tarikemal/exploit-ftp-samba
CVE-2011-2523 - https://github.com/thanawut2903/Port-21-tcp-vsftpd-2.3.4-exploit
@@ -7153,6 +7233,7 @@ CVE-2011-3374 - https://github.com/garethr/findcve
CVE-2011-3374 - https://github.com/garethr/snykout
CVE-2011-3374 - https://github.com/goharbor/pluggable-scanner-spec
CVE-2011-3374 - https://github.com/jnsgruk/trivy-cvss-tools
+CVE-2011-3374 - https://github.com/m-pasima/CI-CD-Security-image-scan
CVE-2011-3374 - https://github.com/mauraneh/WIK-DPS-TP02
CVE-2011-3374 - https://github.com/sharmapravin1001/Kubernetes-cks
CVE-2011-3374 - https://github.com/siddharthraopotukuchi/trivy
@@ -7182,6 +7263,7 @@ CVE-2011-3389 - https://github.com/WiktorMysz/devops-netology
CVE-2011-3389 - https://github.com/alexandrburyakov/Rep2
CVE-2011-3389 - https://github.com/alexgro1982/devops-netology
CVE-2011-3389 - https://github.com/bysart/devops-netology
+CVE-2011-3389 - https://github.com/catsploit/catsploit
CVE-2011-3389 - https://github.com/cdupuis/image-api
CVE-2011-3389 - https://github.com/daniel1302/litecoin
CVE-2011-3389 - https://github.com/dmitrii1312/03-sysadmin-09
@@ -7213,6 +7295,7 @@ CVE-2011-3544 - https://github.com/yasuobgg/crawl_daily_ioc_using_OTXv2
CVE-2011-3545 - https://github.com/dyjakan/exploit-development-case-studies
CVE-2011-3556 - https://github.com/20142995/Goby
CVE-2011-3556 - https://github.com/ARPSyndicate/cvemon
+CVE-2011-3556 - https://github.com/CVEDB/awesome-cve-repo
CVE-2011-3556 - https://github.com/HimmelAward/Goby_POC
CVE-2011-3556 - https://github.com/MelanyRoob/Goby
CVE-2011-3556 - https://github.com/Z0fhack/Goby_POC
@@ -7262,6 +7345,7 @@ CVE-2011-3654 - https://github.com/sambacha/mirror-radamsa
CVE-2011-3654 - https://github.com/sunzu94/radamsa-Fuzzer
CVE-2011-3659 - https://github.com/nyimol/AttributeChildRemoved_UAF
CVE-2011-3659 - https://github.com/rakwaht/FirefoxExploits
+CVE-2011-3730 - https://github.com/catsploit/catsploit
CVE-2011-3796 - https://github.com/zapalm/prestashop-security-vulnerability-checker
CVE-2011-3872 - https://github.com/ARPSyndicate/cvemon
CVE-2011-3872 - https://github.com/CVEDB/PoC-List
@@ -7491,6 +7575,7 @@ CVE-2011-4447 - https://github.com/ARPSyndicate/cvemon
CVE-2011-4447 - https://github.com/uvhw/conchimgiangnang
CVE-2011-4461 - https://github.com/Anonymous-Phunter/PHunter
CVE-2011-4461 - https://github.com/CGCL-codes/PHunter
+CVE-2011-4461 - https://github.com/LibHunter/LibHunter
CVE-2011-4461 - https://github.com/javirodriguezzz/Shodan-Browser
CVE-2011-4544 - https://github.com/zapalm/prestashop-security-vulnerability-checker
CVE-2011-4545 - https://github.com/zapalm/prestashop-security-vulnerability-checker
@@ -7538,6 +7623,7 @@ CVE-2011-4926 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2011-4926 - https://github.com/d4n-sec/d4n-sec.github.io
CVE-2011-4968 - https://github.com/lukeber4/usn-search
CVE-2011-4969 - https://github.com/FallibleInc/retirejslib
+CVE-2011-4969 - https://github.com/catsploit/catsploit
CVE-2011-4969 - https://github.com/ctcpip/jquery-security
CVE-2011-4969 - https://github.com/eliasgranderubio/4depcheck
CVE-2011-4971 - https://github.com/secure-rewind-and-discard/sdrad_utils
@@ -7686,6 +7772,7 @@ CVE-2012-0056 - https://github.com/DotSight7/Cheatsheet
CVE-2012-0056 - https://github.com/Elinpf/OSCP-survival-guide
CVE-2012-0056 - https://github.com/Feng4/linux-kernel-exploits
CVE-2012-0056 - https://github.com/Gajasurve/The-Security-Handbook
+CVE-2012-0056 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2012-0056 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
CVE-2012-0056 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2012-0056 - https://github.com/MLGBSec/os-survival
@@ -7792,6 +7879,7 @@ CVE-2012-0056 - https://github.com/tangsilian/android-vuln
CVE-2012-0056 - https://github.com/tranquac/Linux-Privilege-Escalation
CVE-2012-0056 - https://github.com/usamaelshazly/Linux-Privilege-Escalation
CVE-2012-0056 - https://github.com/whackmanic/OSCP_Found
+CVE-2012-0056 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2012-0056 - https://github.com/xairy/linux-kernel-exploitation
CVE-2012-0056 - https://github.com/xcsrf/OSCP-PWK-Notes-Public
CVE-2012-0056 - https://github.com/xfinest/linux-kernel-exploits
@@ -7877,6 +7965,7 @@ CVE-2012-0158 - https://github.com/Ygodsec/-
CVE-2012-0158 - https://github.com/amliaW4/amliaW4.github.io
CVE-2012-0158 - https://github.com/cnhouzi/APTNotes
CVE-2012-0158 - https://github.com/czq945659538/-study
+CVE-2012-0158 - https://github.com/fangdada/ctf
CVE-2012-0158 - https://github.com/havocykp/Vulnerability-analysis
CVE-2012-0158 - https://github.com/helloandrewpaul/Mandiant---APT
CVE-2012-0158 - https://github.com/houjingyi233/office-exploit-case-study
@@ -8247,9 +8336,11 @@ CVE-2012-1823 - https://github.com/SexyBeast233/SecBooks
CVE-2012-1823 - https://github.com/Soundaryakambhampati/test-6
CVE-2012-1823 - https://github.com/Unix13/metasploitable2
CVE-2012-1823 - https://github.com/Vibragence/Dockersploit
+CVE-2012-1823 - https://github.com/XiangDongCJC/CVE-2024-4577-PHP-CGI-RCE
CVE-2012-1823 - https://github.com/ajread4/cve_pull
CVE-2012-1823 - https://github.com/alex14324/Eagel
CVE-2012-1823 - https://github.com/beched/libpywebhack
+CVE-2012-1823 - https://github.com/bl4cksku11/CVE-2024-4577
CVE-2012-1823 - https://github.com/cyberdeception/deepdig
CVE-2012-1823 - https://github.com/cyberharsh/PHP_CVE-2012-1823
CVE-2012-1823 - https://github.com/daai1/CVE-2012-1823
@@ -8312,6 +8403,7 @@ CVE-2012-2034 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detec
CVE-2012-2098 - https://github.com/Anonymous-Phunter/PHunter
CVE-2012-2098 - https://github.com/BrunoBonacci/lein-binplus
CVE-2012-2098 - https://github.com/CGCL-codes/PHunter
+CVE-2012-2098 - https://github.com/LibHunter/LibHunter
CVE-2012-2098 - https://github.com/markus-wa/clj-bin
CVE-2012-2110 - https://github.com/ARPSyndicate/cvemon
CVE-2012-2110 - https://github.com/chnzzh/OpenSSL-CVE-lib
@@ -8471,6 +8563,7 @@ CVE-2012-2825 - https://github.com/sambacha/mirror-radamsa
CVE-2012-2825 - https://github.com/sunzu94/radamsa-Fuzzer
CVE-2012-2836 - https://github.com/ARPSyndicate/cvemon
CVE-2012-2836 - https://github.com/asur4s/fuzzing
+CVE-2012-2836 - https://github.com/ch1hyun/fuzzing-class
CVE-2012-2836 - https://github.com/chiehw/fuzzing
CVE-2012-2849 - https://github.com/Hwangtaewon/radamsa
CVE-2012-2849 - https://github.com/StephenHaruna/RADAMSA
@@ -8509,6 +8602,7 @@ CVE-2012-2982 - https://github.com/LeDucKhiem/CVE-2012-2982
CVE-2012-2982 - https://github.com/Mithlonde/Mithlonde
CVE-2012-2982 - https://github.com/OstojaOfficial/CVE-2012-2982
CVE-2012-2982 - https://github.com/R00tendo/CVE-2012-2982
+CVE-2012-2982 - https://github.com/Shadow-Spinner/CVE-2012-2982_python
CVE-2012-2982 - https://github.com/SlizBinksman/CVE_2012-2982
CVE-2012-2982 - https://github.com/Will-Banksy/My-Exploits
CVE-2012-2982 - https://github.com/alien-keric/webmin-v1.580-exploit
@@ -8562,6 +8656,7 @@ CVE-2012-3167 - https://github.com/Live-Hack-CVE/CVE-2012-3167
CVE-2012-3173 - https://github.com/Live-Hack-CVE/CVE-2012-3173
CVE-2012-3174 - https://github.com/ARPSyndicate/cvemon
CVE-2012-3174 - https://github.com/ferdinandmudjialim/metasploit-cve-search
+CVE-2012-3174 - https://github.com/tunnelcat/metasploit-cve-search
CVE-2012-3177 - https://github.com/tomwillfixit/alpine-cvecheck
CVE-2012-3180 - https://github.com/Live-Hack-CVE/CVE-2012-3180
CVE-2012-3197 - https://github.com/Live-Hack-CVE/CVE-2012-3197
@@ -8978,6 +9073,7 @@ CVE-2012-5204 - https://github.com/CERTCC/git_vul_driller
CVE-2012-5221 - https://github.com/ARPSyndicate/cvemon
CVE-2012-5221 - https://github.com/aredspy/HPCredDumper
CVE-2012-5306 - https://github.com/anima1111/DLink-DCS-5009L
+CVE-2012-5321 - https://github.com/Cappricio-Securities/CVE-2012-5321
CVE-2012-5475 - https://github.com/Live-Hack-CVE/CVE-2012-5475
CVE-2012-5510 - https://github.com/hinj/hInjector
CVE-2012-5513 - https://github.com/hinj/hInjector
@@ -9131,6 +9227,7 @@ CVE-2012-6706 - https://github.com/ARPSyndicate/cvemon
CVE-2012-6706 - https://github.com/abge0386/Final-Project
CVE-2012-6708 - https://github.com/ARPSyndicate/cvemon
CVE-2012-6708 - https://github.com/catdever/watchdog
+CVE-2012-6708 - https://github.com/catsploit/catsploit
CVE-2012-6708 - https://github.com/ctcpip/jquery-security
CVE-2012-6708 - https://github.com/flipkart-incubator/watchdog
CVE-2012-6708 - https://github.com/rohankumardubey/watchdog
@@ -9277,6 +9374,7 @@ CVE-2013-0268 - https://github.com/C0dak/linux-kernel-exploits
CVE-2013-0268 - https://github.com/C0dak/local-root-exploit-
CVE-2013-0268 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2013-0268 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2013-0268 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2013-0268 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2013-0268 - https://github.com/Micr067/linux-kernel-exploits
CVE-2013-0268 - https://github.com/QChiLan/linux-exp
@@ -9635,6 +9733,7 @@ CVE-2013-1763 - https://github.com/C0dak/linux-kernel-exploits
CVE-2013-1763 - https://github.com/C0dak/local-root-exploit-
CVE-2013-1763 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2013-1763 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2013-1763 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2013-1763 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2013-1763 - https://github.com/Micr067/linux-kernel-exploits
CVE-2013-1763 - https://github.com/QChiLan/linux-exp
@@ -9675,6 +9774,7 @@ CVE-2013-1763 - https://github.com/qkrtjsrbs315/CVE-2013-1763
CVE-2013-1763 - https://github.com/rakjong/LinuxElevation
CVE-2013-1763 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2013-1763 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2013-1763 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2013-1763 - https://github.com/xairy/linux-kernel-exploitation
CVE-2013-1763 - https://github.com/xfinest/linux-kernel-exploits
CVE-2013-1763 - https://github.com/xssfile/linux-kernel-exploits
@@ -9685,6 +9785,7 @@ CVE-2013-1768 - https://github.com/Anonymous-Phunter/PHunter
CVE-2013-1768 - https://github.com/BrittanyKuhn/javascript-tutorial
CVE-2013-1768 - https://github.com/CGCL-codes/PHunter
CVE-2013-1768 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
+CVE-2013-1768 - https://github.com/LibHunter/LibHunter
CVE-2013-1768 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2013-1768 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet
CVE-2013-1768 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
@@ -9703,6 +9804,7 @@ CVE-2013-1858 - https://github.com/C0dak/linux-kernel-exploits
CVE-2013-1858 - https://github.com/C0dak/local-root-exploit-
CVE-2013-1858 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2013-1858 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2013-1858 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2013-1858 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2013-1858 - https://github.com/Micr067/linux-kernel-exploits
CVE-2013-1858 - https://github.com/QChiLan/linux-exp
@@ -9813,6 +9915,7 @@ CVE-2013-1933 - https://github.com/ARPSyndicate/cvemon
CVE-2013-1937 - https://github.com/spiegel-im-spiegel/cvss3
CVE-2013-1950 - https://github.com/Live-Hack-CVE/CVE-2013-1950
CVE-2013-1956 - https://github.com/ARPSyndicate/cvemon
+CVE-2013-1959 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2013-1959 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2013-1965 - https://github.com/0day666/Vulnerability-verification
CVE-2013-1965 - https://github.com/20142995/pocsuite3
@@ -9899,6 +10002,7 @@ CVE-2013-2094 - https://github.com/CVEDB/PoC-List
CVE-2013-2094 - https://github.com/CVEDB/awesome-cve-repo
CVE-2013-2094 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2013-2094 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2013-2094 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2013-2094 - https://github.com/I-Prashanth-S/CybersecurityTIFAC
CVE-2013-2094 - https://github.com/IMCG/awesome-c
CVE-2013-2094 - https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
@@ -9970,6 +10074,7 @@ CVE-2013-2094 - https://github.com/tarunyadav/fix-cve-2013-2094
CVE-2013-2094 - https://github.com/timhsutw/cve-2013-2094
CVE-2013-2094 - https://github.com/vnik5287/CVE-2013-2094
CVE-2013-2094 - https://github.com/weeka10/-hktalent-TOP
+CVE-2013-2094 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2013-2094 - https://github.com/xairy/linux-kernel-exploitation
CVE-2013-2094 - https://github.com/xfinest/linux-kernel-exploits
CVE-2013-2094 - https://github.com/xssfile/linux-kernel-exploits
@@ -10873,6 +10978,7 @@ CVE-2013-7240 - https://github.com/JNado/CST312-WordPressExploits
CVE-2013-7285 - https://github.com/ARPSyndicate/cvemon
CVE-2013-7285 - https://github.com/Anonymous-Phunter/PHunter
CVE-2013-7285 - https://github.com/CGCL-codes/PHunter
+CVE-2013-7285 - https://github.com/LibHunter/LibHunter
CVE-2013-7285 - https://github.com/Live-Hack-CVE/CVE-2019-10173
CVE-2013-7285 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2013-7285 - https://github.com/Whoopsunix/PPPVULNS
@@ -10941,6 +11047,7 @@ CVE-2014-0038 - https://github.com/CVEDB/top
CVE-2014-0038 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2014-0038 - https://github.com/Feng4/linux-kernel-exploits
CVE-2014-0038 - https://github.com/GhostTroops/TOP
+CVE-2014-0038 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2014-0038 - https://github.com/IMCG/awesome-c
CVE-2014-0038 - https://github.com/JERRY123S/all-poc
CVE-2014-0038 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -10994,6 +11101,7 @@ CVE-2014-0038 - https://github.com/spencerdodd/kernelpop
CVE-2014-0038 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2014-0038 - https://github.com/sujayadkesar/Linux-Privilege-Escalation
CVE-2014-0038 - https://github.com/weeka10/-hktalent-TOP
+CVE-2014-0038 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2014-0038 - https://github.com/xairy/linux-kernel-exploitation
CVE-2014-0038 - https://github.com/xfinest/linux-kernel-exploits
CVE-2014-0038 - https://github.com/xssfile/linux-kernel-exploits
@@ -11761,6 +11869,7 @@ CVE-2014-0181 - https://github.com/ARPSyndicate/cvemon
CVE-2014-0181 - https://github.com/lrh2000/CVE-2023-2002
CVE-2014-0193 - https://github.com/Anonymous-Phunter/PHunter
CVE-2014-0193 - https://github.com/CGCL-codes/PHunter
+CVE-2014-0193 - https://github.com/LibHunter/LibHunter
CVE-2014-0193 - https://github.com/ian4hu/super-pom
CVE-2014-0195 - https://github.com/ARPSyndicate/cvemon
CVE-2014-0195 - https://github.com/PotterXma/linux-deployment-standard
@@ -11777,6 +11886,7 @@ CVE-2014-0196 - https://github.com/C0dak/linux-kernel-exploits
CVE-2014-0196 - https://github.com/C0dak/local-root-exploit-
CVE-2014-0196 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2014-0196 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2014-0196 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2014-0196 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2014-0196 - https://github.com/Micr067/linux-kernel-exploits
CVE-2014-0196 - https://github.com/Ostorlab/KEV
@@ -11825,6 +11935,7 @@ CVE-2014-0196 - https://github.com/spencerdodd/kernelpop
CVE-2014-0196 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2014-0196 - https://github.com/tangsilian/android-vuln
CVE-2014-0196 - https://github.com/tempbottle/CVE-2014-0196
+CVE-2014-0196 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2014-0196 - https://github.com/xairy/linux-kernel-exploitation
CVE-2014-0196 - https://github.com/xfinest/linux-kernel-exploits
CVE-2014-0196 - https://github.com/xssfile/linux-kernel-exploits
@@ -12440,6 +12551,7 @@ CVE-2014-2851 - https://github.com/oneoy/cve-
CVE-2014-2851 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2014-2851 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2014-2851 - https://github.com/thomaxxl/group_info
+CVE-2014-2851 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2014-2851 - https://github.com/xairy/linux-kernel-exploitation
CVE-2014-2886 - https://github.com/andir/nixos-issue-db-example
CVE-2014-2908 - https://github.com/ARPSyndicate/kenzer-templates
@@ -12447,6 +12559,7 @@ CVE-2014-2913 - https://github.com/bootc/nrpe-ng
CVE-2014-2913 - https://github.com/ohsawa0515/ec2-vuls-config
CVE-2014-2917 - https://github.com/Ch4p34uN0iR/mongoaudit
CVE-2014-2917 - https://github.com/gold1029/mongoaudit
+CVE-2014-2917 - https://github.com/stampery/mongoaudit
CVE-2014-2962 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2014-3068 - https://github.com/ARPSyndicate/cvemon
CVE-2014-3068 - https://github.com/r-wisniewski/Vulnerability-Check
@@ -12544,6 +12657,7 @@ CVE-2014-3153 - https://github.com/CVEDB/top
CVE-2014-3153 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2014-3153 - https://github.com/Feng4/linux-kernel-exploits
CVE-2014-3153 - https://github.com/GhostTroops/TOP
+CVE-2014-3153 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2014-3153 - https://github.com/I-Prashanth-S/CybersecurityTIFAC
CVE-2014-3153 - https://github.com/IMCG/awesome-c
CVE-2014-3153 - https://github.com/JERRY123S/all-poc
@@ -12615,6 +12729,7 @@ CVE-2014-3153 - https://github.com/tangsilian/android-vuln
CVE-2014-3153 - https://github.com/timwr/CVE-2014-3153
CVE-2014-3153 - https://github.com/tymat/android_futex_root
CVE-2014-3153 - https://github.com/weeka10/-hktalent-TOP
+CVE-2014-3153 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2014-3153 - https://github.com/xairy/linux-kernel-exploitation
CVE-2014-3153 - https://github.com/xfinest/linux-kernel-exploits
CVE-2014-3153 - https://github.com/xssfile/linux-kernel-exploits
@@ -12659,6 +12774,7 @@ CVE-2014-3480 - https://github.com/Live-Hack-CVE/CVE-2014-3480
CVE-2014-3487 - https://github.com/Live-Hack-CVE/CVE-2014-3487
CVE-2014-3488 - https://github.com/Anonymous-Phunter/PHunter
CVE-2014-3488 - https://github.com/CGCL-codes/PHunter
+CVE-2014-3488 - https://github.com/LibHunter/LibHunter
CVE-2014-3488 - https://github.com/cezapata/appconfiguration-sample
CVE-2014-3488 - https://github.com/ian4hu/super-pom
CVE-2014-3498 - https://github.com/OSAS/ansible-role-ansible_bastion
@@ -12843,6 +12959,7 @@ CVE-2014-3572 - https://github.com/neominds/JPN_RIC13351-2
CVE-2014-3577 - https://github.com/ARPSyndicate/cvemon
CVE-2014-3577 - https://github.com/Anonymous-Phunter/PHunter
CVE-2014-3577 - https://github.com/CGCL-codes/PHunter
+CVE-2014-3577 - https://github.com/LibHunter/LibHunter
CVE-2014-3577 - https://github.com/albfernandez/commons-httpclient-3
CVE-2014-3577 - https://github.com/argon-gh-demo/clojure-sample
CVE-2014-3577 - https://github.com/rm-hull/nvd-clojure
@@ -12944,6 +13061,7 @@ CVE-2014-3704 - https://github.com/Threekiii/Awesome-POC
CVE-2014-3704 - https://github.com/Threekiii/Vulhub-Reproduce
CVE-2014-3704 - https://github.com/Z0fhack/Goby_POC
CVE-2014-3704 - https://github.com/bakery312/Vulhub-Reproduce
+CVE-2014-3704 - https://github.com/catsploit/catsploit
CVE-2014-3704 - https://github.com/enomothem/PenTestNote
CVE-2014-3704 - https://github.com/happynote3966/CVE-2014-3704
CVE-2014-3704 - https://github.com/hxysaury/saury-vulnhub
@@ -12971,6 +13089,7 @@ CVE-2014-3744 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2014-3744 - https://github.com/Elsfa7-110/kenzer-templates
CVE-2014-3791 - https://github.com/0xT11/CVE-POC
CVE-2014-3791 - https://github.com/Parist0nH1ll/Vulnerabilities-Write-Ups
+CVE-2014-3791 - https://github.com/fangdada/ctf
CVE-2014-3791 - https://github.com/hectorgie/PoC-in-GitHub
CVE-2014-3852 - https://github.com/Whamo12/fetch-cwe-list
CVE-2014-3852 - https://github.com/aemon1407/KWSPZapTest
@@ -12987,6 +13106,7 @@ CVE-2014-4014 - https://github.com/C0dak/linux-kernel-exploits
CVE-2014-4014 - https://github.com/C0dak/local-root-exploit-
CVE-2014-4014 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2014-4014 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2014-4014 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2014-4014 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2014-4014 - https://github.com/Micr067/linux-kernel-exploits
CVE-2014-4014 - https://github.com/QChiLan/linux-exp
@@ -13028,6 +13148,7 @@ CVE-2014-4014 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2014-4014 - https://github.com/spencerdodd/kernelpop
CVE-2014-4014 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2014-4014 - https://github.com/vnik5287/cve-2014-4014-privesc
+CVE-2014-4014 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2014-4014 - https://github.com/xairy/linux-kernel-exploitation
CVE-2014-4014 - https://github.com/xfinest/linux-kernel-exploits
CVE-2014-4014 - https://github.com/xssfile/linux-kernel-exploits
@@ -13344,6 +13465,7 @@ CVE-2014-4322 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2014-4322 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2014-4322 - https://github.com/tangsilian/android-vuln
CVE-2014-4322 - https://github.com/weeka10/-hktalent-TOP
+CVE-2014-4322 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2014-4322 - https://github.com/xairy/linux-kernel-exploitation
CVE-2014-4323 - https://github.com/ARPSyndicate/cvemon
CVE-2014-4323 - https://github.com/CVEDB/PoC-List
@@ -13457,6 +13579,7 @@ CVE-2014-4699 - https://github.com/C0dak/linux-kernel-exploits
CVE-2014-4699 - https://github.com/C0dak/local-root-exploit-
CVE-2014-4699 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2014-4699 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2014-4699 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2014-4699 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2014-4699 - https://github.com/Micr067/linux-kernel-exploits
CVE-2014-4699 - https://github.com/QChiLan/linux-exp
@@ -13500,6 +13623,7 @@ CVE-2014-4699 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2014-4699 - https://github.com/spencerdodd/kernelpop
CVE-2014-4699 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2014-4699 - https://github.com/vnik5287/cve-2014-4699-ptrace
+CVE-2014-4699 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2014-4699 - https://github.com/xairy/linux-kernel-exploitation
CVE-2014-4699 - https://github.com/xfinest/linux-kernel-exploits
CVE-2014-4699 - https://github.com/xssfile/linux-kernel-exploits
@@ -13535,6 +13659,7 @@ CVE-2014-4943 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2014-4943 - https://github.com/redes-2015/l2tp-socket-bug
CVE-2014-4943 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2014-4943 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2014-4943 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2014-4943 - https://github.com/xairy/linux-kernel-exploitation
CVE-2014-4966 - https://github.com/clhlc/ansible-2.0
CVE-2014-4967 - https://github.com/clhlc/ansible-2.0
@@ -14928,6 +15053,7 @@ CVE-2014-9295 - https://github.com/sous-chefs/ntp
CVE-2014-9301 - https://github.com/ottimo/burp-alfresco-referer-proxy-cve-2014-9301
CVE-2014-9322 - https://github.com/ARPSyndicate/cvemon
CVE-2014-9322 - https://github.com/Flerov/WindowsExploitDev
+CVE-2014-9322 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2014-9322 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2014-9322 - https://github.com/R0B1NL1N/linux-kernel-exploitation
CVE-2014-9322 - https://github.com/RKX1209/CVE-2014-9322
@@ -14947,6 +15073,7 @@ CVE-2014-9322 - https://github.com/paulveillard/cybersecurity-exploit-developmen
CVE-2014-9322 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2014-9322 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2014-9322 - https://github.com/tangsilian/android-vuln
+CVE-2014-9322 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2014-9322 - https://github.com/xairy/linux-kernel-exploitation
CVE-2014-9328 - https://github.com/ARPSyndicate/cvemon
CVE-2014-9328 - https://github.com/SRVRS094ADM/ClamAV
@@ -14971,6 +15098,7 @@ CVE-2014-9390 - https://github.com/testingfly/xcode
CVE-2014-9390 - https://github.com/timcharper/git_osx_installer
CVE-2014-9402 - https://github.com/ARPSyndicate/cvemon
CVE-2014-9410 - https://github.com/betalphafai/CVE-2015-0568
+CVE-2014-9418 - https://github.com/javierparadadev/python-value-objects
CVE-2014-9418 - https://github.com/jparadadev/python-value-objects
CVE-2014-9428 - https://github.com/Live-Hack-CVE/CVE-2014-9428
CVE-2014-9439 - https://github.com/Parist0nH1ll/Vulnerabilities-Write-Ups
@@ -15192,6 +15320,7 @@ CVE-2015-0204 - https://github.com/alexoslabs/HTTPSScan
CVE-2015-0204 - https://github.com/anthophilee/A2SV--SSL-VUL-Scan
CVE-2015-0204 - https://github.com/bysart/devops-netology
CVE-2015-0204 - https://github.com/camel-clarkson/non-controlflow-hijacking-datasets
+CVE-2015-0204 - https://github.com/catsploit/catsploit
CVE-2015-0204 - https://github.com/chnzzh/OpenSSL-CVE-lib
CVE-2015-0204 - https://github.com/clic-kbait/A2SV--SSL-VUL-Scan
CVE-2015-0204 - https://github.com/clino-mania/A2SV--SSL-VUL-Scan
@@ -15527,6 +15656,7 @@ CVE-2015-0568 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2015-0568 - https://github.com/knd06/linux-kernel-exploitation
CVE-2015-0568 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2015-0568 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2015-0568 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2015-0568 - https://github.com/xairy/linux-kernel-exploitation
CVE-2015-0569 - https://github.com/tangsilian/android-vuln
CVE-2015-0570 - https://github.com/ARPSyndicate/cvemon
@@ -15543,6 +15673,7 @@ CVE-2015-0570 - https://github.com/knd06/linux-kernel-exploitation
CVE-2015-0570 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2015-0570 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2015-0570 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2015-0570 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2015-0570 - https://github.com/xairy/linux-kernel-exploitation
CVE-2015-0571 - https://github.com/thdusdl1219/CVE-Study
CVE-2015-0572 - https://github.com/thdusdl1219/CVE-Study
@@ -15782,6 +15913,7 @@ CVE-2015-1328 - https://github.com/C0dak/local-root-exploit-
CVE-2015-1328 - https://github.com/DarkenCode/PoC
CVE-2015-1328 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2015-1328 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2015-1328 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2015-1328 - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups
CVE-2015-1328 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2015-1328 - https://github.com/Micr067/linux-kernel-exploits
@@ -16279,6 +16411,7 @@ CVE-2015-1805 - https://github.com/snorez/exploits
CVE-2015-1805 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2015-1805 - https://github.com/tangsilian/android-vuln
CVE-2015-1805 - https://github.com/weeka10/-hktalent-TOP
+CVE-2015-1805 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2015-1805 - https://github.com/xairy/linux-kernel-exploitation
CVE-2015-1817 - https://github.com/ARPSyndicate/cvemon
CVE-2015-1819 - https://github.com/ARPSyndicate/cvemon
@@ -16300,6 +16433,7 @@ CVE-2015-1833 - https://github.com/0ang3el/aem-hacker
CVE-2015-1833 - https://github.com/ARPSyndicate/cvemon
CVE-2015-1833 - https://github.com/Anonymous-Phunter/PHunter
CVE-2015-1833 - https://github.com/CGCL-codes/PHunter
+CVE-2015-1833 - https://github.com/LibHunter/LibHunter
CVE-2015-1833 - https://github.com/Raz0r/aemscan
CVE-2015-1833 - https://github.com/TheRipperJhon/AEMVS
CVE-2015-1833 - https://github.com/amarnathadapa-sec/aem
@@ -16376,6 +16510,7 @@ CVE-2015-2080 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2015-2080 - https://github.com/Anonymous-Phunter/PHunter
CVE-2015-2080 - https://github.com/CGCL-codes/PHunter
CVE-2015-2080 - https://github.com/Elsfa7-110/kenzer-templates
+CVE-2015-2080 - https://github.com/LibHunter/LibHunter
CVE-2015-2080 - https://github.com/albinowax/ActiveScanPlusPlus
CVE-2015-2080 - https://github.com/cranelab/webapp-tech
CVE-2015-2080 - https://github.com/ilmila/J2EEScan
@@ -16389,6 +16524,7 @@ CVE-2015-2153 - https://github.com/arntsonl/CVE-2015-2153
CVE-2015-2156 - https://github.com/ARPSyndicate/cvemon
CVE-2015-2156 - https://github.com/Anonymous-Phunter/PHunter
CVE-2015-2156 - https://github.com/CGCL-codes/PHunter
+CVE-2015-2156 - https://github.com/LibHunter/LibHunter
CVE-2015-2156 - https://github.com/cezapata/appconfiguration-sample
CVE-2015-2158 - https://github.com/mrash/afl-cve
CVE-2015-2166 - https://github.com/ARPSyndicate/cvemon
@@ -16675,6 +16811,7 @@ CVE-2015-2697 - https://github.com/ARPSyndicate/cvemon
CVE-2015-2704 - https://github.com/ARPSyndicate/cvemon
CVE-2015-2705 - https://github.com/Ch4p34uN0iR/mongoaudit
CVE-2015-2705 - https://github.com/gold1029/mongoaudit
+CVE-2015-2705 - https://github.com/stampery/mongoaudit
CVE-2015-2712 - https://github.com/pyllyukko/user.js
CVE-2015-2716 - https://github.com/ARPSyndicate/cvemon
CVE-2015-2716 - https://github.com/fokypoky/places-list
@@ -16997,6 +17134,7 @@ CVE-2015-3253 - https://github.com/CGCL-codes/PHunter
CVE-2015-3253 - https://github.com/CodeIntelligenceTesting/java-demo
CVE-2015-3253 - https://github.com/CodeIntelligenceTesting/java-demo-old
CVE-2015-3253 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
+CVE-2015-3253 - https://github.com/LibHunter/LibHunter
CVE-2015-3253 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2015-3253 - https://github.com/TheGrinch/elastic
CVE-2015-3253 - https://github.com/angelwhu/XStream_unserialization
@@ -17239,6 +17377,7 @@ CVE-2015-3636 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2015-3636 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2015-3636 - https://github.com/tangsilian/android-vuln
CVE-2015-3636 - https://github.com/weeka10/-hktalent-TOP
+CVE-2015-3636 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2015-3636 - https://github.com/xairy/linux-kernel-exploitation
CVE-2015-3641 - https://github.com/ARPSyndicate/cvemon
CVE-2015-3641 - https://github.com/uvhw/conchimgiangnang
@@ -17809,10 +17948,12 @@ CVE-2015-5254 - https://github.com/t0m4too/t0m4to
CVE-2015-5254 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2015-5256 - https://github.com/Anonymous-Phunter/PHunter
CVE-2015-5256 - https://github.com/CGCL-codes/PHunter
+CVE-2015-5256 - https://github.com/LibHunter/LibHunter
CVE-2015-5257 - https://github.com/Live-Hack-CVE/CVE-2015-5275
CVE-2015-5262 - https://github.com/ARPSyndicate/cvemon
CVE-2015-5262 - https://github.com/Anonymous-Phunter/PHunter
CVE-2015-5262 - https://github.com/CGCL-codes/PHunter
+CVE-2015-5262 - https://github.com/LibHunter/LibHunter
CVE-2015-5262 - https://github.com/albfernandez/commons-httpclient-3
CVE-2015-5262 - https://github.com/argon-gh-demo/clojure-sample
CVE-2015-5262 - https://github.com/dotanuki-labs/android-oss-cves-research
@@ -18441,6 +18582,7 @@ CVE-2015-6644 - https://github.com/ARPSyndicate/cvemon
CVE-2015-6644 - https://github.com/Anonymous-Phunter/PHunter
CVE-2015-6644 - https://github.com/CGCL-codes/PHunter
CVE-2015-6644 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2015-6644 - https://github.com/LibHunter/LibHunter
CVE-2015-6644 - https://github.com/brianhigh/us-cert-bulletins
CVE-2015-6644 - https://github.com/pctF/vulnerable-app
CVE-2015-6645 - https://github.com/ARPSyndicate/cvemon
@@ -18463,6 +18605,7 @@ CVE-2015-6673 - https://github.com/andir/nixos-issue-db-example
CVE-2015-6748 - https://github.com/ARPSyndicate/cvemon
CVE-2015-6748 - https://github.com/Anonymous-Phunter/PHunter
CVE-2015-6748 - https://github.com/CGCL-codes/PHunter
+CVE-2015-6748 - https://github.com/LibHunter/LibHunter
CVE-2015-6748 - https://github.com/epicosy/VUL4J-59
CVE-2015-6749 - https://github.com/andir/nixos-issue-db-example
CVE-2015-6755 - https://github.com/ARPSyndicate/cvemon
@@ -19329,6 +19472,7 @@ CVE-2015-8317 - https://github.com/mrash/afl-cve
CVE-2015-8317 - https://github.com/satbekmyrza/repo-afl-a2
CVE-2015-8320 - https://github.com/Anonymous-Phunter/PHunter
CVE-2015-8320 - https://github.com/CGCL-codes/PHunter
+CVE-2015-8320 - https://github.com/LibHunter/LibHunter
CVE-2015-8324 - https://github.com/Live-Hack-CVE/CVE-2015-8324
CVE-2015-8325 - https://github.com/Live-Hack-CVE/CVE-2015-8325
CVE-2015-8325 - https://github.com/bioly230/THM_Skynet
@@ -19408,6 +19552,7 @@ CVE-2015-8399 - https://github.com/CLincat/vulcat
CVE-2015-8399 - https://github.com/Elsfa7-110/kenzer-templates
CVE-2015-8399 - https://github.com/HimmelAward/Goby_POC
CVE-2015-8399 - https://github.com/Z0fhack/Goby_POC
+CVE-2015-8399 - https://github.com/enomothem/PenTestNote
CVE-2015-8399 - https://github.com/jweny/pocassistdb
CVE-2015-8400 - https://github.com/ARPSyndicate/cvemon
CVE-2015-8401 - https://github.com/thdusdl1219/CVE-Study
@@ -19462,6 +19607,7 @@ CVE-2015-8548 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2015-8548 - https://github.com/tunz/js-vuln-db
CVE-2015-8548 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2015-8550 - https://github.com/Al1ex/LinuxEelvation
+CVE-2015-8550 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2015-8550 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2015-8550 - https://github.com/bsauce/kernel-exploit-factory
CVE-2015-8550 - https://github.com/jfbastien/no-sane-compiler
@@ -19543,6 +19689,7 @@ CVE-2015-8656 - https://github.com/thdusdl1219/CVE-Study
CVE-2015-8657 - https://github.com/thdusdl1219/CVE-Study
CVE-2015-8658 - https://github.com/thdusdl1219/CVE-Study
CVE-2015-8660 - https://github.com/ARPSyndicate/cvemon
+CVE-2015-8660 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2015-8660 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2015-8660 - https://github.com/Live-Hack-CVE/CVE-2015-8660
CVE-2015-8660 - https://github.com/chorankates/Irked
@@ -20227,6 +20374,7 @@ CVE-2016-0701 - https://github.com/Live-Hack-CVE/CVE-2017-3738
CVE-2016-0701 - https://github.com/RClueX/Hackerone-Reports
CVE-2016-0701 - https://github.com/chnzzh/OpenSSL-CVE-lib
CVE-2016-0701 - https://github.com/erwinchang/utility-library
+CVE-2016-0701 - https://github.com/forget-eve/NSP
CVE-2016-0701 - https://github.com/imhunterand/hackerone-publicy-disclosed
CVE-2016-0701 - https://github.com/luanjampa/cve-2016-0701
CVE-2016-0702 - https://github.com/ARPSyndicate/cvemon
@@ -20291,6 +20439,7 @@ CVE-2016-0728 - https://github.com/C0dak/local-root-exploit-
CVE-2016-0728 - https://github.com/De30/zabbix_community-templates
CVE-2016-0728 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2016-0728 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2016-0728 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2016-0728 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2016-0728 - https://github.com/Michael-Git-Web/templateszbx
CVE-2016-0728 - https://github.com/Micr067/linux-kernel-exploits
@@ -20361,6 +20510,7 @@ CVE-2016-0728 - https://github.com/sunnyjiang/cve_2016_0728
CVE-2016-0728 - https://github.com/th30d00r/Linux-Vulnerability-CVE-2016-0728-and-Exploit
CVE-2016-0728 - https://github.com/tndud042713/cve
CVE-2016-0728 - https://github.com/whiteHat001/Kernel-Security
+CVE-2016-0728 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-0728 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-0728 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2016-0728 - https://github.com/xfinest/linux-kernel-exploits
@@ -20638,6 +20788,7 @@ CVE-2016-0819 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-0819 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-0819 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-0819 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-0819 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-0819 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-0820 - https://github.com/ARPSyndicate/cvemon
CVE-2016-0820 - https://github.com/R0B1NL1N/linux-kernel-exploitation
@@ -20653,6 +20804,7 @@ CVE-2016-0820 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-0820 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-0820 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-0820 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-0820 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-0820 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-0844 - https://github.com/jiayy/android_vuln_poc-exp
CVE-2016-0846 - https://github.com/ARPSyndicate/cvemon
@@ -21100,6 +21252,7 @@ CVE-2016-1000339 - https://github.com/ARPSyndicate/cvemon
CVE-2016-1000339 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-1000339 - https://github.com/CGCL-codes/PHunter
CVE-2016-1000339 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2016-1000339 - https://github.com/LibHunter/LibHunter
CVE-2016-1000339 - https://github.com/pctF/vulnerable-app
CVE-2016-1000339 - https://github.com/wolpert/crypto
CVE-2016-1000340 - https://github.com/ARPSyndicate/cvemon
@@ -21108,37 +21261,44 @@ CVE-2016-1000341 - https://github.com/ARPSyndicate/cvemon
CVE-2016-1000341 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-1000341 - https://github.com/CGCL-codes/PHunter
CVE-2016-1000341 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2016-1000341 - https://github.com/LibHunter/LibHunter
CVE-2016-1000341 - https://github.com/pctF/vulnerable-app
CVE-2016-1000342 - https://github.com/ARPSyndicate/cvemon
CVE-2016-1000342 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-1000342 - https://github.com/CGCL-codes/PHunter
CVE-2016-1000342 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2016-1000342 - https://github.com/LibHunter/LibHunter
CVE-2016-1000342 - https://github.com/pctF/vulnerable-app
CVE-2016-1000343 - https://github.com/ARPSyndicate/cvemon
CVE-2016-1000343 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-1000343 - https://github.com/CGCL-codes/PHunter
CVE-2016-1000343 - https://github.com/CyberSource/cybersource-sdk-java
CVE-2016-1000343 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2016-1000343 - https://github.com/LibHunter/LibHunter
CVE-2016-1000343 - https://github.com/pctF/vulnerable-app
CVE-2016-1000344 - https://github.com/ARPSyndicate/cvemon
CVE-2016-1000344 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-1000344 - https://github.com/CGCL-codes/PHunter
CVE-2016-1000344 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2016-1000344 - https://github.com/LibHunter/LibHunter
CVE-2016-1000344 - https://github.com/pctF/vulnerable-app
CVE-2016-1000345 - https://github.com/ARPSyndicate/cvemon
CVE-2016-1000345 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-1000345 - https://github.com/CGCL-codes/PHunter
CVE-2016-1000345 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2016-1000345 - https://github.com/LibHunter/LibHunter
CVE-2016-1000345 - https://github.com/pctF/vulnerable-app
CVE-2016-1000346 - https://github.com/ARPSyndicate/cvemon
CVE-2016-1000346 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-1000346 - https://github.com/CGCL-codes/PHunter
CVE-2016-1000346 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2016-1000346 - https://github.com/LibHunter/LibHunter
CVE-2016-1000346 - https://github.com/pctF/vulnerable-app
CVE-2016-1000352 - https://github.com/ARPSyndicate/cvemon
CVE-2016-1000352 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-1000352 - https://github.com/CGCL-codes/PHunter
CVE-2016-1000352 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2016-1000352 - https://github.com/LibHunter/LibHunter
CVE-2016-1000352 - https://github.com/pctF/vulnerable-app
CVE-2016-10005 - https://github.com/ARPSyndicate/cvemon
CVE-2016-10006 - https://github.com/ARPSyndicate/cvemon
@@ -21175,6 +21335,7 @@ CVE-2016-1002 - https://github.com/Live-Hack-CVE/CVE-2016-1002
CVE-2016-1002 - https://github.com/Live-Hack-CVE/CVE-2016-1005
CVE-2016-10027 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-10027 - https://github.com/CGCL-codes/PHunter
+CVE-2016-10027 - https://github.com/LibHunter/LibHunter
CVE-2016-10027 - https://github.com/tintinweb/striptls
CVE-2016-10028 - https://github.com/ARPSyndicate/cvemon
CVE-2016-1003 - https://github.com/ARPSyndicate/cvemon
@@ -21356,6 +21517,7 @@ CVE-2016-10033 - https://github.com/sccontroltotal/phpmailer
CVE-2016-10033 - https://github.com/sliani/PHPMailer-File-Attachments-FTP-to-Mail
CVE-2016-10033 - https://github.com/superfish9/pt
CVE-2016-10033 - https://github.com/supreethsk/rental
+CVE-2016-10033 - https://github.com/sweta-web/Online-Registration-System
CVE-2016-10033 - https://github.com/trganda/dockerv
CVE-2016-10033 - https://github.com/tvirus-01/PHP_mail
CVE-2016-10033 - https://github.com/vaartjesd/test
@@ -21505,6 +21667,7 @@ CVE-2016-10045 - https://github.com/sashasimulik/integration-1
CVE-2016-10045 - https://github.com/sccontroltotal/phpmailer
CVE-2016-10045 - https://github.com/sliani/PHPMailer-File-Attachments-FTP-to-Mail
CVE-2016-10045 - https://github.com/supreethsk/rental
+CVE-2016-10045 - https://github.com/sweta-web/Online-Registration-System
CVE-2016-10045 - https://github.com/tvirus-01/PHP_mail
CVE-2016-10045 - https://github.com/vaartjesd/test
CVE-2016-10045 - https://github.com/vatann07/BloodConnect
@@ -21586,6 +21749,7 @@ CVE-2016-10134 - https://github.com/1N3/Exploits
CVE-2016-10134 - https://github.com/ARPSyndicate/cvemon
CVE-2016-10134 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2016-10134 - https://github.com/Awrrays/FrameVul
+CVE-2016-10134 - https://github.com/CLincat/vulcat
CVE-2016-10134 - https://github.com/HimmelAward/Goby_POC
CVE-2016-10134 - https://github.com/SexyBeast233/SecBooks
CVE-2016-10134 - https://github.com/TesterCC/exp_poc_library
@@ -21779,6 +21943,7 @@ CVE-2016-10277 - https://github.com/lnick2023/nicenice
CVE-2016-10277 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-10277 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2016-10277 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-10277 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-10277 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-10277 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2016-1028 - https://github.com/Live-Hack-CVE/CVE-2016-1025
@@ -22220,6 +22385,7 @@ CVE-2016-1247 - https://github.com/ZeusBanda/Linux_Priv-Esc_Cheatsheet
CVE-2016-1247 - https://github.com/hungslab/awd-tools
CVE-2016-1247 - https://github.com/lukeber4/usn-search
CVE-2016-1247 - https://github.com/notnue/Linux-Privilege-Escalation
+CVE-2016-1247 - https://github.com/redcountryroad/OSCP-shortsheet
CVE-2016-1247 - https://github.com/superfish9/pt
CVE-2016-1247 - https://github.com/txuswashere/Pentesting-Linux
CVE-2016-1247 - https://github.com/woods-sega/woodswiki
@@ -22385,6 +22551,7 @@ CVE-2016-1583 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-1583 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-1583 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-1583 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-1583 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-1583 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-1585 - https://github.com/adegoodyer/kubernetes-admin-toolkit
CVE-2016-1585 - https://github.com/aws-samples/amazon-ecr-continuous-scan
@@ -22738,6 +22905,8 @@ CVE-2016-2003 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet
CVE-2016-2003 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
CVE-2016-2004 - https://github.com/ARPSyndicate/cvemon
CVE-2016-2004 - https://github.com/ARPSyndicate/kenzer-templates
+CVE-2016-2004 - https://github.com/CVEDB/awesome-cve-repo
+CVE-2016-2004 - https://github.com/marcocarolasec/CVE-2016-2004-Exploit
CVE-2016-2009 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2016-2017 - https://github.com/ARPSyndicate/cvemon
CVE-2016-2031 - https://github.com/ARPSyndicate/cvemon
@@ -22757,6 +22926,7 @@ CVE-2016-2059 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2016-2059 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-2059 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-2059 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-2059 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-2059 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-2061 - https://github.com/thdusdl1219/CVE-Study
CVE-2016-2062 - https://github.com/thdusdl1219/CVE-Study
@@ -22901,6 +23071,7 @@ CVE-2016-2175 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2016-2175 - https://github.com/ARPSyndicate/cvemon
CVE-2016-2175 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-2175 - https://github.com/CGCL-codes/PHunter
+CVE-2016-2175 - https://github.com/LibHunter/LibHunter
CVE-2016-2176 - https://github.com/ARPSyndicate/cvemon
CVE-2016-2176 - https://github.com/RClueX/Hackerone-Reports
CVE-2016-2176 - https://github.com/chnzzh/OpenSSL-CVE-lib
@@ -22948,6 +23119,7 @@ CVE-2016-2183 - https://github.com/alexgro1982/devops-netology
CVE-2016-2183 - https://github.com/aous-al-salek/crypto
CVE-2016-2183 - https://github.com/biswajitde/dsm_ips
CVE-2016-2183 - https://github.com/bysart/devops-netology
+CVE-2016-2183 - https://github.com/catsploit/catsploit
CVE-2016-2183 - https://github.com/dmitrii1312/03-sysadmin-09
CVE-2016-2183 - https://github.com/gabrieljcs/ips-assessment-reports
CVE-2016-2183 - https://github.com/geon071/netolofy_12
@@ -23066,6 +23238,7 @@ CVE-2016-2324 - https://github.com/ARPSyndicate/cvemon
CVE-2016-2331 - https://github.com/ivision-research/disclosures
CVE-2016-2332 - https://github.com/ivision-research/disclosures
CVE-2016-2333 - https://github.com/ivision-research/disclosures
+CVE-2016-2334 - https://github.com/ch1hyun/fuzzing-class
CVE-2016-2334 - https://github.com/icewall/CVE-2016-2334
CVE-2016-2334 - https://github.com/integeruser/on-pwning
CVE-2016-2334 - https://github.com/litneet64/containerized-bomb-disposal
@@ -23087,6 +23260,7 @@ CVE-2016-2384 - https://github.com/CKmaenn/kernel-exploits
CVE-2016-2384 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2016-2384 - https://github.com/Feng4/linux-kernel-exploits
CVE-2016-2384 - https://github.com/HackOvert/awesome-bugs
+CVE-2016-2384 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2016-2384 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2016-2384 - https://github.com/Micr067/linux-kernel-exploits
CVE-2016-2384 - https://github.com/QChiLan/linux-exp
@@ -23129,6 +23303,7 @@ CVE-2016-2384 - https://github.com/rakjong/LinuxElevation
CVE-2016-2384 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-2384 - https://github.com/spencerdodd/kernelpop
CVE-2016-2384 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-2384 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-2384 - https://github.com/xairy/kernel-exploits
CVE-2016-2384 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-2384 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
@@ -23189,6 +23364,7 @@ CVE-2016-2411 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-2411 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-2411 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-2411 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-2411 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-2411 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-2428 - https://github.com/ARPSyndicate/cvemon
CVE-2016-2431 - https://github.com/ABCIncs/personal-security-checklist
@@ -23255,6 +23431,7 @@ CVE-2016-2434 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-2434 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2016-2434 - https://github.com/tangsilian/android-vuln
CVE-2016-2434 - https://github.com/weeka10/-hktalent-TOP
+CVE-2016-2434 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-2434 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-2435 - https://github.com/ARPSyndicate/cvemon
CVE-2016-2435 - https://github.com/R0B1NL1N/linux-kernel-exploitation
@@ -23271,6 +23448,7 @@ CVE-2016-2435 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-2435 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-2435 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-2435 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-2435 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-2435 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-2443 - https://github.com/tangsilian/android-vuln
CVE-2016-2461 - https://github.com/ARPSyndicate/cvemon
@@ -23292,6 +23470,7 @@ CVE-2016-2475 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-2475 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-2475 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-2475 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-2475 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-2475 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-2503 - https://github.com/ARPSyndicate/cvemon
CVE-2016-2503 - https://github.com/kdn111/linux-kernel-exploitation
@@ -23304,6 +23483,7 @@ CVE-2016-2503 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2016-2503 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-2503 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-2503 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-2503 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-2503 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-2510 - https://github.com/AdeliaNitzsche/Java-Deserialization-Cheat-Sheet
CVE-2016-2510 - https://github.com/BrittanyKuhn/javascript-tutorial
@@ -23413,6 +23593,7 @@ CVE-2016-2781 - https://github.com/gp47/xef-scan-ex02
CVE-2016-2781 - https://github.com/hartwork/antijack
CVE-2016-2781 - https://github.com/khulnasoft-lab/vulnlist
CVE-2016-2781 - https://github.com/khulnasoft-labs/griffon
+CVE-2016-2781 - https://github.com/m-pasima/CI-CD-Security-image-scan
CVE-2016-2781 - https://github.com/metapull/attackfinder
CVE-2016-2781 - https://github.com/nedenwalker/spring-boot-app-using-gradle
CVE-2016-2781 - https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln
@@ -24112,6 +24293,7 @@ CVE-2016-3720 - https://github.com/0ang3el/Unsafe-JAX-RS-Burp
CVE-2016-3720 - https://github.com/ARPSyndicate/cvemon
CVE-2016-3720 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-3720 - https://github.com/CGCL-codes/PHunter
+CVE-2016-3720 - https://github.com/LibHunter/LibHunter
CVE-2016-3720 - https://github.com/argon-gh-demo/clojure-sample
CVE-2016-3720 - https://github.com/developer3000S/PoC-in-GitHub
CVE-2016-3720 - https://github.com/gitrobtest/Java-Security
@@ -24140,6 +24322,7 @@ CVE-2016-3857 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-3857 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-3857 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-3857 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-3857 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-3857 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-3861 - https://github.com/ARPSyndicate/cvemon
CVE-2016-3861 - https://github.com/dropk1ck/CVE-2016-3861
@@ -24172,6 +24355,7 @@ CVE-2016-3873 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-3873 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-3873 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-3873 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-3873 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-3873 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-3901 - https://github.com/jiayy/android_vuln_poc-exp
CVE-2016-3906 - https://github.com/jiayy/android_vuln_poc-exp
@@ -25497,6 +25681,7 @@ CVE-2016-4544 - https://github.com/mrhacker51/FileUploadScanner
CVE-2016-4544 - https://github.com/navervn/modified_uploadscanner
CVE-2016-4544 - https://github.com/tagua-vm/tagua-vm
CVE-2016-4557 - https://github.com/ARPSyndicate/cvemon
+CVE-2016-4557 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2016-4557 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2016-4557 - https://github.com/chreniuc/CTF
CVE-2016-4557 - https://github.com/dylandreimerink/gobpfld
@@ -25700,6 +25885,7 @@ CVE-2016-4780 - https://github.com/sweetchipsw/vulnerability
CVE-2016-4800 - https://github.com/ARPSyndicate/cvemon
CVE-2016-4800 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-4800 - https://github.com/CGCL-codes/PHunter
+CVE-2016-4800 - https://github.com/LibHunter/LibHunter
CVE-2016-4800 - https://github.com/saidramirezh/Elvis-DAM
CVE-2016-4802 - https://github.com/Ananya-0306/vuln-finder
CVE-2016-4802 - https://github.com/cve-search/git-vuln-finder
@@ -25721,6 +25907,7 @@ CVE-2016-4952 - https://github.com/qianfei11/QEMU-CVES
CVE-2016-4970 - https://github.com/ARPSyndicate/cvemon
CVE-2016-4970 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-4970 - https://github.com/CGCL-codes/PHunter
+CVE-2016-4970 - https://github.com/LibHunter/LibHunter
CVE-2016-4970 - https://github.com/chnzzh/OpenSSL-CVE-lib
CVE-2016-4970 - https://github.com/eliasgranderubio/4depcheck
CVE-2016-4971 - https://github.com/ARPSyndicate/cvemon
@@ -25796,6 +25983,8 @@ CVE-2016-4979 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrou
CVE-2016-4979 - https://github.com/vshaliii/DC-3-Vulnhub-Walkthrough
CVE-2016-4984 - https://github.com/ARPSyndicate/cvemon
CVE-2016-4986 - https://github.com/HotDB-Community/HotDB-Engine
+CVE-2016-4994 - https://github.com/ch1hyun/fuzzing-class
+CVE-2016-4997 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2016-4997 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2016-4999 - https://github.com/shanika04/dashbuilder
CVE-2016-5003 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
@@ -25875,6 +26064,7 @@ CVE-2016-5184 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2016-5184 - https://github.com/ARPSyndicate/cvemon
CVE-2016-5186 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2016-5186 - https://github.com/ARPSyndicate/cvemon
+CVE-2016-5195 - https://github.com/0xMarcio/cve
CVE-2016-5195 - https://github.com/0xS3rgI0/OSCP
CVE-2016-5195 - https://github.com/0xStrygwyr/OSCP-Guide
CVE-2016-5195 - https://github.com/0xZipp0/OSCP
@@ -25935,6 +26125,7 @@ CVE-2016-5195 - https://github.com/GhostScreaming/os-experiment-4
CVE-2016-5195 - https://github.com/GhostTroops/TOP
CVE-2016-5195 - https://github.com/GiorgosXou/Our-Xiaomi-Redmi-5A-riva-debloating-list
CVE-2016-5195 - https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe
+CVE-2016-5195 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2016-5195 - https://github.com/Hellnino18/ansible-dirty-cow
CVE-2016-5195 - https://github.com/Hellnino18/ansible-dirty-cow-2
CVE-2016-5195 - https://github.com/Hetti/PoC-Exploitchain-GS-VBox-DirtyCow-
@@ -26250,6 +26441,7 @@ CVE-2016-5195 - https://github.com/weeka10/-hktalent-TOP
CVE-2016-5195 - https://github.com/whackmanic/OSCP_Found
CVE-2016-5195 - https://github.com/whitephone/farm-root
CVE-2016-5195 - https://github.com/whu-enjoy/CVE-2016-5195
+CVE-2016-5195 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-5195 - https://github.com/www-glasswall-nl/UT-DirtyCow
CVE-2016-5195 - https://github.com/x90hack/vulnerabilty_lab
CVE-2016-5195 - https://github.com/xXxhagenxXx/OSCP_Cheat_sheet
@@ -26365,6 +26557,7 @@ CVE-2016-5340 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2016-5340 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-5340 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-5340 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-5340 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-5340 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-5342 - https://github.com/SeaJae/exploitPlayground
CVE-2016-5342 - https://github.com/externalist/exploit_playground
@@ -26581,6 +26774,7 @@ CVE-2016-5420 - https://github.com/ARPSyndicate/cvemon
CVE-2016-5423 - https://github.com/digoal/blog
CVE-2016-5425 - https://github.com/ARPSyndicate/cvemon
CVE-2016-5425 - https://github.com/starnightcyber/vul-info-collect
+CVE-2016-5425 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2016-5431 - https://github.com/ARPSyndicate/cvemon
CVE-2016-5431 - https://github.com/Nucleware/powershell-jwt
CVE-2016-5431 - https://github.com/d3ck9/HTB-Under-Construction
@@ -26821,6 +27015,7 @@ CVE-2016-6187 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-6187 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2016-6187 - https://github.com/vnik5287/cve-2016-6187-poc
CVE-2016-6187 - https://github.com/whiteHat001/Kernel-Security
+CVE-2016-6187 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-6187 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-6189 - https://github.com/Live-Hack-CVE/CVE-2016-6189
CVE-2016-6195 - https://github.com/ARPSyndicate/cvemon
@@ -26994,6 +27189,7 @@ CVE-2016-6318 - https://github.com/fokypoky/places-list
CVE-2016-6321 - https://github.com/tomwillfixit/alpine-cvecheck
CVE-2016-6323 - https://github.com/ARPSyndicate/cvemon
CVE-2016-6325 - https://github.com/ARPSyndicate/cvemon
+CVE-2016-6325 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2016-6327 - https://github.com/thdusdl1219/CVE-Study
CVE-2016-6328 - https://github.com/TinyNiko/android_bulletin_notes
CVE-2016-6329 - https://github.com/ARPSyndicate/cvemon
@@ -27008,6 +27204,7 @@ CVE-2016-6329 - https://github.com/WiktorMysz/devops-netology
CVE-2016-6329 - https://github.com/alexandrburyakov/Rep2
CVE-2016-6329 - https://github.com/alexgro1982/devops-netology
CVE-2016-6329 - https://github.com/bysart/devops-netology
+CVE-2016-6329 - https://github.com/catsploit/catsploit
CVE-2016-6329 - https://github.com/dmitrii1312/03-sysadmin-09
CVE-2016-6329 - https://github.com/geon071/netolofy_12
CVE-2016-6329 - https://github.com/ilya-starchikov/devops-netology
@@ -27219,6 +27416,7 @@ CVE-2016-6787 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-6787 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2016-6787 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2016-6787 - https://github.com/whiteHat001/Kernel-Security
+CVE-2016-6787 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-6787 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-6787 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2016-6789 - https://github.com/thdusdl1219/CVE-Study
@@ -27235,6 +27433,7 @@ CVE-2016-6797 - https://github.com/ARPSyndicate/cvemon
CVE-2016-6798 - https://github.com/tafamace/CVE-2016-6798
CVE-2016-6801 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-6801 - https://github.com/CGCL-codes/PHunter
+CVE-2016-6801 - https://github.com/LibHunter/LibHunter
CVE-2016-6801 - https://github.com/TSNGL21/CVE-2016-6801
CVE-2016-6802 - https://github.com/ARPSyndicate/cvemon
CVE-2016-6802 - https://github.com/HackJava/HackShiro
@@ -27262,6 +27461,7 @@ CVE-2016-6811 - https://github.com/yahoo/cubed
CVE-2016-6814 - https://github.com/ARPSyndicate/cvemon
CVE-2016-6814 - https://github.com/Anonymous-Phunter/PHunter
CVE-2016-6814 - https://github.com/CGCL-codes/PHunter
+CVE-2016-6814 - https://github.com/LibHunter/LibHunter
CVE-2016-6814 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2016-6814 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2016-6814 - https://github.com/ilmari666/cybsec
@@ -27572,6 +27772,7 @@ CVE-2016-7117 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-7117 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-7117 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-7117 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-7117 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-7117 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-7119 - https://github.com/ARPSyndicate/cvemon
CVE-2016-7124 - https://github.com/ARPSyndicate/cvemon
@@ -28173,6 +28374,7 @@ CVE-2016-8453 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-8453 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-8453 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-8453 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-8453 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-8453 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-8454 - https://github.com/thdusdl1219/CVE-Study
CVE-2016-8455 - https://github.com/thdusdl1219/CVE-Study
@@ -28326,6 +28528,7 @@ CVE-2016-8633 - https://github.com/knd06/linux-kernel-exploitation
CVE-2016-8633 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2016-8633 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-8633 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2016-8633 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-8633 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-8635 - https://github.com/getupcloud/openshift-clair-controller
CVE-2016-8636 - https://github.com/ARPSyndicate/cvemon
@@ -28341,6 +28544,7 @@ CVE-2016-8655 - https://github.com/84KaliPleXon3/linux-exploit-suggester
CVE-2016-8655 - https://github.com/ARPSyndicate/cvemon
CVE-2016-8655 - https://github.com/AabyssZG/AWD-Guide
CVE-2016-8655 - https://github.com/Aneesh-Satla/Linux-Kernel-Exploitation-Suggester
+CVE-2016-8655 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2016-8655 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2016-8655 - https://github.com/KosukeShimofuji/CVE-2016-8655
CVE-2016-8655 - https://github.com/LakshmiDesai/CVE-2016-8655
@@ -28388,6 +28592,7 @@ CVE-2016-8655 - https://github.com/scarvell/cve-2016-8655
CVE-2016-8655 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2016-8655 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2016-8655 - https://github.com/stefanocutelle/linux-exploit-suggester
+CVE-2016-8655 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2016-8655 - https://github.com/xairy/linux-kernel-exploitation
CVE-2016-8655 - https://github.com/xyongcn/exploit
CVE-2016-8656 - https://github.com/ARPSyndicate/cvemon
@@ -28793,6 +28998,7 @@ CVE-2016-9276 - https://github.com/mrash/afl-cve
CVE-2016-9296 - https://github.com/andir/nixos-issue-db-example
CVE-2016-9296 - https://github.com/yangke/7zip-null-pointer-dereference
CVE-2016-9297 - https://github.com/RClueX/Hackerone-Reports
+CVE-2016-9297 - https://github.com/ch1hyun/fuzzing-class
CVE-2016-9297 - https://github.com/geeknik/cve-fuzzing-poc
CVE-2016-9297 - https://github.com/imhunterand/hackerone-publicy-disclosed
CVE-2016-9299 - https://github.com/ARPSyndicate/cvemon
@@ -28993,6 +29199,7 @@ CVE-2016-9793 - https://github.com/C0dak/local-root-exploit-
CVE-2016-9793 - https://github.com/CKmaenn/kernel-exploits
CVE-2016-9793 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2016-9793 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2016-9793 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2016-9793 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2016-9793 - https://github.com/Micr067/linux-kernel-exploits
CVE-2016-9793 - https://github.com/QChiLan/linux-exp
@@ -29779,6 +29986,7 @@ CVE-2017-0146 - https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode
CVE-2017-0146 - https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode
CVE-2017-0146 - https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag-
CVE-2017-0146 - https://github.com/chaao195/EBEKv2.0
+CVE-2017-0146 - https://github.com/enomothem/PenTestNote
CVE-2017-0146 - https://github.com/ericjiang97/SecScripts
CVE-2017-0146 - https://github.com/geeksniper/active-directory-pentest
CVE-2017-0146 - https://github.com/ginapalomo/ScanAll
@@ -30430,6 +30638,7 @@ CVE-2017-0403 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2017-0403 - https://github.com/knd06/linux-kernel-exploitation
CVE-2017-0403 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2017-0403 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2017-0403 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-0403 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-0404 - https://github.com/ThomasKing2014/android-Vulnerability-PoC
CVE-2017-0411 - https://github.com/lulusudoku/PoC
@@ -30454,6 +30663,7 @@ CVE-2017-0437 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2017-0437 - https://github.com/knd06/linux-kernel-exploitation
CVE-2017-0437 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2017-0437 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2017-0437 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-0437 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-0438 - https://github.com/flankersky/android_wifi_pocs
CVE-2017-0439 - https://github.com/flankersky/android_wifi_pocs
@@ -30554,6 +30764,7 @@ CVE-2017-0569 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2017-0569 - https://github.com/knd06/linux-kernel-exploitation
CVE-2017-0569 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2017-0569 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2017-0569 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-0569 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-0570 - https://github.com/thdusdl1219/CVE-Study
CVE-2017-0571 - https://github.com/thdusdl1219/CVE-Study
@@ -30970,6 +31181,7 @@ CVE-2017-1000112 - https://github.com/spencerdodd/kernelpop
CVE-2017-1000112 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2017-1000112 - https://github.com/stefanocutelle/linux-exploit-suggester
CVE-2017-1000112 - https://github.com/teamssix/container-escape-check
+CVE-2017-1000112 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-1000112 - https://github.com/xairy/kernel-exploits
CVE-2017-1000112 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-1000112 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
@@ -31041,6 +31253,7 @@ CVE-2017-1000207 - https://github.com/ARPSyndicate/cvemon
CVE-2017-1000208 - https://github.com/ARPSyndicate/cvemon
CVE-2017-1000209 - https://github.com/Anonymous-Phunter/PHunter
CVE-2017-1000209 - https://github.com/CGCL-codes/PHunter
+CVE-2017-1000209 - https://github.com/LibHunter/LibHunter
CVE-2017-1000219 - https://github.com/ossf-cve-benchmark/CVE-2017-1000219
CVE-2017-1000227 - https://github.com/ARPSyndicate/cvemon
CVE-2017-1000228 - https://github.com/ARPSyndicate/cvemon
@@ -31095,10 +31308,12 @@ CVE-2017-1000251 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2017-1000251 - https://github.com/sgxgsx/BlueToolkit
CVE-2017-1000251 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2017-1000251 - https://github.com/tlatkdgus1/blueborne-CVE-2017-1000251
+CVE-2017-1000251 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-1000251 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-1000251 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2017-1000252 - https://github.com/ARPSyndicate/cvemon
CVE-2017-1000253 - https://github.com/ARPSyndicate/cvemon
+CVE-2017-1000253 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2017-1000253 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2017-1000253 - https://github.com/RicterZ/PIE-Stack-Clash-CVE-2017-1000253
CVE-2017-1000253 - https://github.com/kaosagnt/ansible-everyday
@@ -31179,6 +31394,7 @@ CVE-2017-1000363 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2017-1000363 - https://github.com/knd06/linux-kernel-exploitation
CVE-2017-1000363 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2017-1000363 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2017-1000363 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-1000363 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-1000364 - https://github.com/ARPSyndicate/cvemon
CVE-2017-1000364 - https://github.com/lnick2023/nicenice
@@ -31323,6 +31539,7 @@ CVE-2017-1000380 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2017-1000380 - https://github.com/knd06/linux-kernel-exploitation
CVE-2017-1000380 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2017-1000380 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2017-1000380 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-1000380 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-1000382 - https://github.com/ARPSyndicate/cvemon
CVE-2017-1000394 - https://github.com/speedyfriend67/Experiments
@@ -31393,6 +31610,7 @@ CVE-2017-1000493 - https://github.com/ARPSyndicate/cvemon
CVE-2017-1000494 - https://github.com/panctf/Router
CVE-2017-1000498 - https://github.com/Anonymous-Phunter/PHunter
CVE-2017-1000498 - https://github.com/CGCL-codes/PHunter
+CVE-2017-1000498 - https://github.com/LibHunter/LibHunter
CVE-2017-1000499 - https://github.com/ARPSyndicate/cvemon
CVE-2017-1000499 - https://github.com/Villaquiranm/5MMISSI-CVE-2017-1000499
CVE-2017-1000500 - https://github.com/ARPSyndicate/cvemon
@@ -31802,6 +32020,7 @@ CVE-2017-10661 - https://github.com/ostrichxyz7/kexps
CVE-2017-10661 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2017-10661 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2017-10661 - https://github.com/tangsilian/android-vuln
+CVE-2017-10661 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-10661 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-10661 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2017-10662 - https://github.com/thdusdl1219/CVE-Study
@@ -31940,6 +32159,7 @@ CVE-2017-11176 - https://github.com/CERTCC/Linux-Kernel-Analysis-Environment
CVE-2017-11176 - https://github.com/DoubleMice/cve-2017-11176
CVE-2017-11176 - https://github.com/Flerov/WindowsExploitDev
CVE-2017-11176 - https://github.com/Gobinath-B/Exploit-Developement
+CVE-2017-11176 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2017-11176 - https://github.com/HckEX/CVE-2017-11176
CVE-2017-11176 - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
CVE-2017-11176 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -31972,6 +32192,7 @@ CVE-2017-11176 - https://github.com/paulveillard/cybersecurity-exploit-developme
CVE-2017-11176 - https://github.com/pjlantz/optee-qemu
CVE-2017-11176 - https://github.com/prince-stark/Exploit-Developement
CVE-2017-11176 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2017-11176 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-11176 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-11178 - https://github.com/ARPSyndicate/cvemon
CVE-2017-11178 - https://github.com/LoRexxar/LoRexxar
@@ -33572,6 +33793,7 @@ CVE-2017-13010 - https://github.com/RClueX/Hackerone-Reports
CVE-2017-13010 - https://github.com/geeknik/cve-fuzzing-poc
CVE-2017-13010 - https://github.com/imhunterand/hackerone-publicy-disclosed
CVE-2017-13019 - https://github.com/ARPSyndicate/cvemon
+CVE-2017-13028 - https://github.com/ch1hyun/fuzzing-class
CVE-2017-13028 - https://github.com/paras98/AFL_Fuzzing
CVE-2017-13038 - https://github.com/ARPSyndicate/cvemon
CVE-2017-13038 - https://github.com/RClueX/Hackerone-Reports
@@ -33663,6 +33885,7 @@ CVE-2017-13098 - https://github.com/ARPSyndicate/cvemon
CVE-2017-13098 - https://github.com/Anonymous-Phunter/PHunter
CVE-2017-13098 - https://github.com/CGCL-codes/PHunter
CVE-2017-13098 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2017-13098 - https://github.com/LibHunter/LibHunter
CVE-2017-13098 - https://github.com/dotanuki-labs/android-oss-cves-research
CVE-2017-13098 - https://github.com/pctF/vulnerable-app
CVE-2017-13130 - https://github.com/itm4n/CVEs
@@ -33744,6 +33967,7 @@ CVE-2017-13306 - https://github.com/ARPSyndicate/cvemon
CVE-2017-13307 - https://github.com/ARPSyndicate/cvemon
CVE-2017-13309 - https://github.com/Anonymous-Phunter/PHunter
CVE-2017-13309 - https://github.com/CGCL-codes/PHunter
+CVE-2017-13309 - https://github.com/LibHunter/LibHunter
CVE-2017-13669 - https://github.com/ARPSyndicate/cvemon
CVE-2017-13669 - https://github.com/burpheart/NexusPHP_safe
CVE-2017-13672 - https://github.com/DavidBuchanan314/CVE-2017-13672
@@ -35075,6 +35299,7 @@ CVE-2017-16695 - https://github.com/chorankates/Help
CVE-2017-16695 - https://github.com/gameFace22/vulnmachine-walkthrough
CVE-2017-16695 - https://github.com/jondonas/linux-exploit-suggester-2
CVE-2017-16695 - https://github.com/ndk191/linux-kernel-exploitation
+CVE-2017-16695 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-16695 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-16709 - https://github.com/ARPSyndicate/cvemon
CVE-2017-16711 - https://github.com/andir/nixos-issue-db-example
@@ -35192,6 +35417,7 @@ CVE-2017-16932 - https://github.com/vincent-deng/veracode-container-security-fin
CVE-2017-16939 - https://github.com/ARPSyndicate/cvemon
CVE-2017-16939 - https://github.com/Al1ex/LinuxEelvation
CVE-2017-16939 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
+CVE-2017-16939 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2017-16939 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2017-16939 - https://github.com/Micr067/linux-kernel-exploits
CVE-2017-16939 - https://github.com/QChiLan/linux-exp
@@ -35244,6 +35470,7 @@ CVE-2017-16995 - https://github.com/DanielShmu/OSCP-Cheat-Sheet
CVE-2017-16995 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2017-16995 - https://github.com/Dk0n9/linux_exploit
CVE-2017-16995 - https://github.com/Getshell/LinuxTQ
+CVE-2017-16995 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2017-16995 - https://github.com/JMontRod/Pruebecita
CVE-2017-16995 - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups
CVE-2017-16995 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -35337,6 +35564,7 @@ CVE-2017-16995 - https://github.com/thelostvoice/global-takeover
CVE-2017-16995 - https://github.com/thelostvoice/inept-us-military
CVE-2017-16995 - https://github.com/tninh27/Lab
CVE-2017-16995 - https://github.com/vnik5287/CVE-2017-16995
+CVE-2017-16995 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-16995 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-16995 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2017-16995 - https://github.com/xfinest/linux-kernel-exploits
@@ -35523,6 +35751,7 @@ CVE-2017-17485 - https://github.com/CrackerCat/myhktools
CVE-2017-17485 - https://github.com/Drun1baby/JavaSecurityLearning
CVE-2017-17485 - https://github.com/GhostTroops/myhktools
CVE-2017-17485 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
+CVE-2017-17485 - https://github.com/LibHunter/LibHunter
CVE-2017-17485 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2017-17485 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2017-17485 - https://github.com/Pear1y/Vuln-Env
@@ -35933,6 +36162,7 @@ CVE-2017-18344 - https://github.com/lnick2023/nicenice
CVE-2017-18344 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2017-18344 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2017-18344 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2017-18344 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-18344 - https://github.com/xairy/kernel-exploits
CVE-2017-18344 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-18344 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
@@ -36390,6 +36620,7 @@ CVE-2017-2636 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2017-2636 - https://github.com/snorez/blog
CVE-2017-2636 - https://github.com/snorez/exploits
CVE-2017-2636 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2017-2636 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-2636 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-2636 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2017-2636 - https://github.com/xyongcn/exploit
@@ -36803,6 +37034,7 @@ CVE-2017-3506 - https://github.com/Kamiya767/CVE-2019-2725
CVE-2017-3506 - https://github.com/MacAsure/WL_Scan_GO
CVE-2017-3506 - https://github.com/Maskhe/javasec
CVE-2017-3506 - https://github.com/Micr067/CMS-Hunter
+CVE-2017-3506 - https://github.com/Ostorlab/KEV
CVE-2017-3506 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2017-3506 - https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot
CVE-2017-3506 - https://github.com/SecWiki/CMS-Hunter
@@ -37250,6 +37482,7 @@ CVE-2017-5123 - https://github.com/ARPSyndicate/cvemon
CVE-2017-5123 - https://github.com/Al1ex/LinuxEelvation
CVE-2017-5123 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2017-5123 - https://github.com/FloatingGuy/CVE-2017-5123
+CVE-2017-5123 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2017-5123 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2017-5123 - https://github.com/Metarget/awesome-cloud-native-security
CVE-2017-5123 - https://github.com/Micr067/linux-kernel-exploits
@@ -37318,6 +37551,7 @@ CVE-2017-5123 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2017-5123 - https://github.com/teawater/CVE-2017-5123
CVE-2017-5123 - https://github.com/txuswashere/Privilege-Escalation
CVE-2017-5123 - https://github.com/whiteHat001/Kernel-Security
+CVE-2017-5123 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-5123 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-5123 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2017-5123 - https://github.com/xfinest/linux-kernel-exploits
@@ -37498,6 +37732,7 @@ CVE-2017-5223 - https://github.com/sashasimulik/integration-1
CVE-2017-5223 - https://github.com/sccontroltotal/phpmailer
CVE-2017-5223 - https://github.com/sliani/PHPMailer-File-Attachments-FTP-to-Mail
CVE-2017-5223 - https://github.com/supreethsk/rental
+CVE-2017-5223 - https://github.com/sweta-web/Online-Registration-System
CVE-2017-5223 - https://github.com/tvirus-01/PHP_mail
CVE-2017-5223 - https://github.com/vaartjesd/test
CVE-2017-5223 - https://github.com/vatann07/BloodConnect
@@ -38076,6 +38311,7 @@ CVE-2017-5645 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
CVE-2017-5645 - https://github.com/HackJava/HackLog4j2
CVE-2017-5645 - https://github.com/HackJava/Log4j2
CVE-2017-5645 - https://github.com/HynekPetrak/log4shell-finder
+CVE-2017-5645 - https://github.com/LibHunter/LibHunter
CVE-2017-5645 - https://github.com/Marcelektro/Log4J-RCE-Implementation
CVE-2017-5645 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2017-5645 - https://github.com/SexyBeast233/SecBooks
@@ -38586,6 +38822,7 @@ CVE-2017-5924 - https://github.com/SZU-SE/UAF-Fuzzer-TestSuite
CVE-2017-5924 - https://github.com/wcventure/UAF-Fuzzer-TestSuite
CVE-2017-5929 - https://github.com/Anonymous-Phunter/PHunter
CVE-2017-5929 - https://github.com/CGCL-codes/PHunter
+CVE-2017-5929 - https://github.com/LibHunter/LibHunter
CVE-2017-5929 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2017-5929 - https://github.com/fergarrui/exploits
CVE-2017-5929 - https://github.com/hinat0y/Dataset1
@@ -38713,6 +38950,7 @@ CVE-2017-6074 - https://github.com/CKmaenn/kernel-exploits
CVE-2017-6074 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2017-6074 - https://github.com/Dk0n9/linux_exploit
CVE-2017-6074 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2017-6074 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2017-6074 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2017-6074 - https://github.com/Metarget/metarget
CVE-2017-6074 - https://github.com/Micr067/linux-kernel-exploits
@@ -38770,6 +39008,7 @@ CVE-2017-6074 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2017-6074 - https://github.com/spencerdodd/kernelpop
CVE-2017-6074 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2017-6074 - https://github.com/toanthang1842002/CVE-2017-6074
+CVE-2017-6074 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-6074 - https://github.com/xairy/kernel-exploits
CVE-2017-6074 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-6074 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
@@ -39251,6 +39490,7 @@ CVE-2017-7184 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2017-7184 - https://github.com/snorez/blog
CVE-2017-7184 - https://github.com/snorez/exploits
CVE-2017-7184 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2017-7184 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-7184 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-7184 - https://github.com/xyongcn/exploit
CVE-2017-7185 - https://github.com/ARPSyndicate/cvemon
@@ -39512,6 +39752,7 @@ CVE-2017-7308 - https://github.com/C0dak/local-root-exploit-
CVE-2017-7308 - https://github.com/CKmaenn/kernel-exploits
CVE-2017-7308 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2017-7308 - https://github.com/Feng4/linux-kernel-exploits
+CVE-2017-7308 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2017-7308 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2017-7308 - https://github.com/Mecyu/googlecontainers
CVE-2017-7308 - https://github.com/Metarget/metarget
@@ -39575,6 +39816,7 @@ CVE-2017-7308 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2017-7308 - https://github.com/spencerdodd/kernelpop
CVE-2017-7308 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2017-7308 - https://github.com/vusec/blindside
+CVE-2017-7308 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-7308 - https://github.com/xairy/kernel-exploits
CVE-2017-7308 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-7308 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
@@ -40240,6 +40482,7 @@ CVE-2017-7616 - https://github.com/knd06/linux-kernel-exploitation
CVE-2017-7616 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2017-7616 - https://github.com/skbasava/Linux-Kernel-exploit
CVE-2017-7616 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2017-7616 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2017-7616 - https://github.com/xairy/linux-kernel-exploitation
CVE-2017-7618 - https://github.com/thdusdl1219/CVE-Study
CVE-2017-7620 - https://github.com/ARPSyndicate/cvemon
@@ -40262,10 +40505,12 @@ CVE-2017-7656 - https://github.com/ARPSyndicate/cvemon
CVE-2017-7656 - https://github.com/Anonymous-Phunter/PHunter
CVE-2017-7656 - https://github.com/CGCL-codes/PHunter
CVE-2017-7656 - https://github.com/DonnumS/inf226Inchat
+CVE-2017-7656 - https://github.com/LibHunter/LibHunter
CVE-2017-7657 - https://github.com/ARPSyndicate/cvemon
CVE-2017-7657 - https://github.com/Anonymous-Phunter/PHunter
CVE-2017-7657 - https://github.com/CGCL-codes/PHunter
CVE-2017-7657 - https://github.com/DonnumS/inf226Inchat
+CVE-2017-7657 - https://github.com/LibHunter/LibHunter
CVE-2017-7657 - https://github.com/yahoo/cubed
CVE-2017-7658 - https://github.com/ARPSyndicate/cvemon
CVE-2017-7658 - https://github.com/DonnumS/inf226Inchat
@@ -40454,6 +40699,7 @@ CVE-2017-7943 - https://github.com/ARPSyndicate/cvemon
CVE-2017-7957 - https://github.com/ARPSyndicate/cvemon
CVE-2017-7957 - https://github.com/Anonymous-Phunter/PHunter
CVE-2017-7957 - https://github.com/CGCL-codes/PHunter
+CVE-2017-7957 - https://github.com/LibHunter/LibHunter
CVE-2017-7957 - https://github.com/Whoopsunix/PPPVULNS
CVE-2017-7957 - https://github.com/dotanuki-labs/android-oss-cves-research
CVE-2017-7957 - https://github.com/lmarso-asapp/kotlin-unsecure
@@ -41136,6 +41382,7 @@ CVE-2017-8625 - https://github.com/Ashadowkhan/PENTESTINGBIBLE
CVE-2017-8625 - https://github.com/Digit4lBytes/RedTeam
CVE-2017-8625 - https://github.com/DigitalQuinn/InfosecCompilation
CVE-2017-8625 - https://github.com/Fa1c0n35/Awesome-Red-Teaming.
+CVE-2017-8625 - https://github.com/GoVanguard/list-infosec-encyclopedia
CVE-2017-8625 - https://github.com/H4CK3RT3CH/Awesome-Red-Teaming
CVE-2017-8625 - https://github.com/Hemanthraju02/Red-team
CVE-2017-8625 - https://github.com/HildeTeamTNT/Awesome-Red-Teaming
@@ -41654,6 +41901,7 @@ CVE-2017-8878 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2017-8890 - https://github.com/7043mcgeep/cve-2017-8890-msf
CVE-2017-8890 - https://github.com/ARPSyndicate/cvemon
CVE-2017-8890 - https://github.com/Al1ex/LinuxEelvation
+CVE-2017-8890 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2017-8890 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2017-8890 - https://github.com/beraphin/CVE-2017-8890
CVE-2017-8890 - https://github.com/bsauce/kernel-exploit-factory
@@ -41688,6 +41936,7 @@ CVE-2017-8917 - https://github.com/AkuCyberSec/CVE-2017-8917-Joomla-370-SQL-Inje
CVE-2017-8917 - https://github.com/Aukaii/notes
CVE-2017-8917 - https://github.com/Awrrays/FrameVul
CVE-2017-8917 - https://github.com/BaptisteContreras/CVE-2017-8917-Joomla
+CVE-2017-8917 - https://github.com/CLincat/vulcat
CVE-2017-8917 - https://github.com/Elsfa7-110/kenzer-templates
CVE-2017-8917 - https://github.com/HattMobb/TryHackMe-Bugle-Machine-Writeup-Walkthrough
CVE-2017-8917 - https://github.com/HimmelAward/Goby_POC
@@ -41768,6 +42017,7 @@ CVE-2017-9044 - https://github.com/fokypoky/places-list
CVE-2017-9047 - https://github.com/introspection-libc/safe-libc
CVE-2017-9047 - https://github.com/pekd/safe-libc
CVE-2017-9048 - https://github.com/ARPSyndicate/cvemon
+CVE-2017-9048 - https://github.com/ch1hyun/fuzzing-class
CVE-2017-9049 - https://github.com/ARPSyndicate/cvemon
CVE-2017-9050 - https://github.com/ARPSyndicate/cvemon
CVE-2017-9050 - https://github.com/jason44406/Depot
@@ -41829,6 +42079,7 @@ CVE-2017-9096 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2017-9096 - https://github.com/ARPSyndicate/cvemon
CVE-2017-9096 - https://github.com/Anonymous-Phunter/PHunter
CVE-2017-9096 - https://github.com/CGCL-codes/PHunter
+CVE-2017-9096 - https://github.com/LibHunter/LibHunter
CVE-2017-9096 - https://github.com/jakabakos/CVE-2017-9096
CVE-2017-9096 - https://github.com/jakabakos/CVE-2017-9096-iText-XXE
CVE-2017-9097 - https://github.com/MDudek-ICS/AntiWeb_testing-Suite
@@ -42100,6 +42351,7 @@ CVE-2017-9732 - https://github.com/irsl/knc-memory-exhaustion
CVE-2017-9735 - https://github.com/ARPSyndicate/cvemon
CVE-2017-9735 - https://github.com/Anonymous-Phunter/PHunter
CVE-2017-9735 - https://github.com/CGCL-codes/PHunter
+CVE-2017-9735 - https://github.com/LibHunter/LibHunter
CVE-2017-9735 - https://github.com/fredfeng/Themis-taint
CVE-2017-9742 - https://github.com/fokypoky/places-list
CVE-2017-9743 - https://github.com/ARPSyndicate/cvemon
@@ -42709,6 +42961,7 @@ CVE-2018-0151 - https://github.com/ARPSyndicate/cvemon
CVE-2018-0151 - https://github.com/Ostorlab/KEV
CVE-2018-0151 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2018-0151 - https://github.com/ferdinandmudjialim/metasploit-cve-search
+CVE-2018-0151 - https://github.com/tunnelcat/metasploit-cve-search
CVE-2018-0153 - https://github.com/Ostorlab/KEV
CVE-2018-0153 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2018-0154 - https://github.com/Ostorlab/KEV
@@ -42737,6 +42990,7 @@ CVE-2018-0171 - https://github.com/lnick2023/nicenice
CVE-2018-0171 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2018-0171 - https://github.com/rikosintie/SmartInstall
CVE-2018-0171 - https://github.com/tomoyamachi/gocarts
+CVE-2018-0171 - https://github.com/tunnelcat/metasploit-cve-search
CVE-2018-0171 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2018-0172 - https://github.com/Ostorlab/KEV
CVE-2018-0172 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
@@ -42829,6 +43083,7 @@ CVE-2018-0296 - https://github.com/yassineaboukir/CVE-2018-0296
CVE-2018-0296 - https://github.com/yut0u/RedTeam-BlackBox
CVE-2018-0304 - https://github.com/ARPSyndicate/cvemon
CVE-2018-0304 - https://github.com/ferdinandmudjialim/metasploit-cve-search
+CVE-2018-0304 - https://github.com/tunnelcat/metasploit-cve-search
CVE-2018-0324 - https://github.com/s-index/dora
CVE-2018-0477 - https://github.com/lucabrasi83/vscan
CVE-2018-0481 - https://github.com/lucabrasi83/vscan
@@ -43657,6 +43912,7 @@ CVE-2018-1000132 - https://github.com/andir/nixos-issue-db-example
CVE-2018-1000134 - https://github.com/0xT11/CVE-POC
CVE-2018-1000134 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-1000134 - https://github.com/CGCL-codes/PHunter
+CVE-2018-1000134 - https://github.com/LibHunter/LibHunter
CVE-2018-1000136 - https://github.com/ARPSyndicate/cvemon
CVE-2018-1000136 - https://github.com/andir/nixos-issue-db-example
CVE-2018-1000136 - https://github.com/doyensec/awesome-electronjs-hacking
@@ -43697,6 +43953,7 @@ CVE-2018-1000180 - https://github.com/ARPSyndicate/cvemon
CVE-2018-1000180 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-1000180 - https://github.com/CGCL-codes/PHunter
CVE-2018-1000180 - https://github.com/CyberSource/cybersource-sdk-java
+CVE-2018-1000180 - https://github.com/LibHunter/LibHunter
CVE-2018-1000182 - https://github.com/ARPSyndicate/cvemon
CVE-2018-1000195 - https://github.com/ARPSyndicate/cvemon
CVE-2018-1000199 - https://github.com/0xT11/CVE-POC
@@ -43743,6 +44000,7 @@ CVE-2018-1000613 - https://github.com/ARPSyndicate/cvemon
CVE-2018-1000613 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-1000613 - https://github.com/CGCL-codes/PHunter
CVE-2018-1000613 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2018-1000613 - https://github.com/LibHunter/LibHunter
CVE-2018-1000613 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2018-1000613 - https://github.com/dotanuki-labs/android-oss-cves-research
CVE-2018-1000613 - https://github.com/pctF/vulnerable-app
@@ -43752,6 +44010,7 @@ CVE-2018-1000622 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs
CVE-2018-1000622 - https://github.com/xxg1413/rust-security
CVE-2018-1000632 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-1000632 - https://github.com/CGCL-codes/PHunter
+CVE-2018-1000632 - https://github.com/LibHunter/LibHunter
CVE-2018-1000632 - https://github.com/ilmari666/cybsec
CVE-2018-1000654 - https://github.com/PajakAlexandre/wik-dps-tp02
CVE-2018-1000654 - https://github.com/brandoncamenisch/release-the-code-litecoin
@@ -43797,6 +44056,7 @@ CVE-2018-1000810 - https://github.com/saaramar/Publications
CVE-2018-1000810 - https://github.com/xxg1413/rust-security
CVE-2018-1000850 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-1000850 - https://github.com/CGCL-codes/PHunter
+CVE-2018-1000850 - https://github.com/LibHunter/LibHunter
CVE-2018-1000850 - https://github.com/hinat0y/Dataset1
CVE-2018-1000850 - https://github.com/hinat0y/Dataset10
CVE-2018-1000850 - https://github.com/hinat0y/Dataset11
@@ -43902,6 +44162,7 @@ CVE-2018-1000886 - https://github.com/tzf-omkey/MemLock_Benchmark
CVE-2018-1000886 - https://github.com/wcventure/MemLock_Benchmark
CVE-2018-10016 - https://github.com/junxzm1990/afl-pt
CVE-2018-1002009 - https://github.com/ARPSyndicate/cvemon
+CVE-2018-1002015 - https://github.com/CLincat/vulcat
CVE-2018-10021 - https://github.com/ARPSyndicate/cvemon
CVE-2018-1002100 - https://github.com/43622283/awesome-cloud-native-security
CVE-2018-1002100 - https://github.com/Metarget/awesome-cloud-native-security
@@ -43981,6 +44242,7 @@ CVE-2018-1002200 - https://github.com/mile9299/zip-slip-vulnerability
CVE-2018-1002200 - https://github.com/snyk/zip-slip-vulnerability
CVE-2018-1002201 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-1002201 - https://github.com/CGCL-codes/PHunter
+CVE-2018-1002201 - https://github.com/LibHunter/LibHunter
CVE-2018-1002201 - https://github.com/jpbprakash/vuln
CVE-2018-1002201 - https://github.com/mile9299/zip-slip-vulnerability
CVE-2018-1002201 - https://github.com/snyk/zip-slip-vulnerability
@@ -44115,6 +44377,7 @@ CVE-2018-10237 - https://github.com/ARPSyndicate/cvemon
CVE-2018-10237 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-10237 - https://github.com/CGCL-codes/PHunter
CVE-2018-10237 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2018-10237 - https://github.com/LibHunter/LibHunter
CVE-2018-10237 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2018-10237 - https://github.com/diakogiannis/moviebook
CVE-2018-10237 - https://github.com/dotanuki-labs/android-oss-cves-research
@@ -44802,6 +45065,7 @@ CVE-2018-11247 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2018-11247 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
CVE-2018-11248 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-11248 - https://github.com/CGCL-codes/PHunter
+CVE-2018-11248 - https://github.com/LibHunter/LibHunter
CVE-2018-1125 - https://github.com/ARPSyndicate/cvemon
CVE-2018-11254 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2018-11254 - https://github.com/ARPSyndicate/cvemon
@@ -44831,6 +45095,7 @@ CVE-2018-11305 - https://github.com/ARPSyndicate/cvemon
CVE-2018-11307 - https://github.com/ARPSyndicate/cvemon
CVE-2018-11307 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-11307 - https://github.com/CGCL-codes/PHunter
+CVE-2018-11307 - https://github.com/LibHunter/LibHunter
CVE-2018-11307 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2018-11307 - https://github.com/ilmari666/cybsec
CVE-2018-11307 - https://github.com/seal-community/patches
@@ -45086,6 +45351,7 @@ CVE-2018-11771 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-11771 - https://github.com/CGCL-codes/PHunter
CVE-2018-11771 - https://github.com/DennisFeldbusch/Fuzz
CVE-2018-11771 - https://github.com/GCFuzzer/SP2023
+CVE-2018-11771 - https://github.com/LibHunter/LibHunter
CVE-2018-11771 - https://github.com/hwen020/JQF
CVE-2018-11771 - https://github.com/jyi/JQF
CVE-2018-11771 - https://github.com/mfatima1/CS182
@@ -45293,6 +45559,7 @@ CVE-2018-11797 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2018-11797 - https://github.com/ARPSyndicate/cvemon
CVE-2018-11797 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-11797 - https://github.com/CGCL-codes/PHunter
+CVE-2018-11797 - https://github.com/LibHunter/LibHunter
CVE-2018-11798 - https://github.com/ossf-cve-benchmark/CVE-2018-11798
CVE-2018-11805 - https://github.com/Live-Hack-CVE/CVE-2019-19920
CVE-2018-11808 - https://github.com/kactrosN/publicdisclosures
@@ -45369,6 +45636,7 @@ CVE-2018-12021 - https://github.com/ARPSyndicate/cvemon
CVE-2018-12022 - https://github.com/ARPSyndicate/cvemon
CVE-2018-12022 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-12022 - https://github.com/CGCL-codes/PHunter
+CVE-2018-12022 - https://github.com/LibHunter/LibHunter
CVE-2018-12022 - https://github.com/ilmari666/cybsec
CVE-2018-12022 - https://github.com/seal-community/patches
CVE-2018-12023 - https://github.com/ilmari666/cybsec
@@ -45595,6 +45863,7 @@ CVE-2018-12418 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-12418 - https://github.com/CGCL-codes/PHunter
CVE-2018-12418 - https://github.com/DennisFeldbusch/Fuzz
CVE-2018-12418 - https://github.com/GCFuzzer/SP2023
+CVE-2018-12418 - https://github.com/LibHunter/LibHunter
CVE-2018-12418 - https://github.com/hwen020/JQF
CVE-2018-12418 - https://github.com/jyi/JQF
CVE-2018-12418 - https://github.com/mfatima1/CS182
@@ -45652,6 +45921,7 @@ CVE-2018-12537 - https://github.com/0xT11/CVE-POC
CVE-2018-12537 - https://github.com/tafamace/CVE-2018-12537
CVE-2018-12538 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-12538 - https://github.com/CGCL-codes/PHunter
+CVE-2018-12538 - https://github.com/LibHunter/LibHunter
CVE-2018-12539 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2018-12540 - https://github.com/0xT11/CVE-POC
CVE-2018-12540 - https://github.com/bernard-wagner/vertx-web-xsrf
@@ -45683,6 +45953,7 @@ CVE-2018-1260 - https://github.com/Cryin/Paper
CVE-2018-1260 - https://github.com/Drun1baby/CVE-Reproduction-And-Analysis
CVE-2018-1260 - https://github.com/SexyBeast233/SecBooks
CVE-2018-1260 - https://github.com/ax1sX/SpringSecurity
+CVE-2018-1260 - https://github.com/enomothem/PenTestNote
CVE-2018-1260 - https://github.com/gyyyy/footprint
CVE-2018-1260 - https://github.com/langu-xyz/JavaVulnMap
CVE-2018-12601 - https://github.com/xiaoqx/pocs
@@ -45806,6 +46077,7 @@ CVE-2018-1270 - https://github.com/bkhablenko/CVE-2017-8046
CVE-2018-1270 - https://github.com/cybersecsi/docker-vuln-runner
CVE-2018-1270 - https://github.com/developer3000S/PoC-in-GitHub
CVE-2018-1270 - https://github.com/do0dl3/myhktools
+CVE-2018-1270 - https://github.com/enomothem/PenTestNote
CVE-2018-1270 - https://github.com/genxor/CVE-2018-1270_EXP
CVE-2018-1270 - https://github.com/hectorgie/PoC-in-GitHub
CVE-2018-1270 - https://github.com/hktalent/myhktools
@@ -46636,6 +46908,7 @@ CVE-2018-1323 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2018-1324 - https://github.com/0xT11/CVE-POC
CVE-2018-1324 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-1324 - https://github.com/CGCL-codes/PHunter
+CVE-2018-1324 - https://github.com/LibHunter/LibHunter
CVE-2018-1324 - https://github.com/developer3000S/PoC-in-GitHub
CVE-2018-1324 - https://github.com/dotanuki-labs/android-oss-cves-research
CVE-2018-1324 - https://github.com/hectorgie/PoC-in-GitHub
@@ -46751,6 +47024,7 @@ CVE-2018-13379 - https://github.com/Legadro/Legadro-Forti-Scanner
CVE-2018-13379 - https://github.com/MelanyRoob/Goby
CVE-2018-13379 - https://github.com/Ostorlab/KEV
CVE-2018-13379 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+CVE-2018-13379 - https://github.com/RedcentricCyber/Fortigate
CVE-2018-13379 - https://github.com/SexyBeast233/SecBooks
CVE-2018-13379 - https://github.com/TebbaaX/Vault6
CVE-2018-13379 - https://github.com/W01fh4cker/Serein
@@ -47171,6 +47445,7 @@ CVE-2018-14634 - https://github.com/luan0ap/cve-2018-14634
CVE-2018-14634 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2018-14634 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2018-14634 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2018-14634 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2018-14634 - https://github.com/xairy/linux-kernel-exploitation
CVE-2018-14634 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2018-14647 - https://github.com/revl-ca/scan-docker-image
@@ -48737,6 +49012,7 @@ CVE-2018-17182 - https://github.com/CVEDB/awesome-cve-repo
CVE-2018-17182 - https://github.com/CVEDB/top
CVE-2018-17182 - https://github.com/Echocipher/Resource-list
CVE-2018-17182 - https://github.com/GhostTroops/TOP
+CVE-2018-17182 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2018-17182 - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
CVE-2018-17182 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2018-17182 - https://github.com/Ondrik8/RED-Team
@@ -48770,6 +49046,7 @@ CVE-2018-17182 - https://github.com/slimdaddy/RedTeam
CVE-2018-17182 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2018-17182 - https://github.com/svbjdbk123/-
CVE-2018-17182 - https://github.com/twensoo/PersistentThreat
+CVE-2018-17182 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2018-17182 - https://github.com/xairy/linux-kernel-exploitation
CVE-2018-17182 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2018-17182 - https://github.com/xiaoZ-hc/redtool
@@ -49079,6 +49356,7 @@ CVE-2018-18281 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2018-18281 - https://github.com/knd06/linux-kernel-exploitation
CVE-2018-18281 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2018-18281 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2018-18281 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2018-18281 - https://github.com/xairy/linux-kernel-exploitation
CVE-2018-18282 - https://github.com/ossf-cve-benchmark/CVE-2018-18282
CVE-2018-18287 - https://github.com/syrex1013/AsusLeak
@@ -49350,6 +49628,7 @@ CVE-2018-18955 - https://github.com/ARPSyndicate/cvemon
CVE-2018-18955 - https://github.com/Al1ex/LinuxEelvation
CVE-2018-18955 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2018-18955 - https://github.com/HaleyWei/POC-available
+CVE-2018-18955 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2018-18955 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2018-18955 - https://github.com/Metarget/metarget
CVE-2018-18955 - https://github.com/Micr067/linux-kernel-exploits
@@ -49485,6 +49764,7 @@ CVE-2018-19320 - https://github.com/Ostorlab/KEV
CVE-2018-19320 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2018-19320 - https://github.com/cmd-theo/RobbinHood-attack
CVE-2018-19320 - https://github.com/cygnosic/Gigabyte_Disable_DSE
+CVE-2018-19320 - https://github.com/gmh5225/RobbinHood-attack
CVE-2018-19320 - https://github.com/gmh5225/awesome-game-security
CVE-2018-19320 - https://github.com/h4rmy/KDU
CVE-2018-19320 - https://github.com/hfiref0x/KDU
@@ -49523,6 +49803,7 @@ CVE-2018-19358 - https://github.com/swiesend/secret-service
CVE-2018-19360 - https://github.com/ARPSyndicate/cvemon
CVE-2018-19360 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-19360 - https://github.com/CGCL-codes/PHunter
+CVE-2018-19360 - https://github.com/LibHunter/LibHunter
CVE-2018-19360 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2018-19360 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2018-19360 - https://github.com/aaronm-sysdig/risk-accept
@@ -49530,6 +49811,7 @@ CVE-2018-19360 - https://github.com/ilmari666/cybsec
CVE-2018-19361 - https://github.com/ARPSyndicate/cvemon
CVE-2018-19361 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-19361 - https://github.com/CGCL-codes/PHunter
+CVE-2018-19361 - https://github.com/LibHunter/LibHunter
CVE-2018-19361 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2018-19361 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2018-19361 - https://github.com/aaronm-sysdig/risk-accept
@@ -49537,6 +49819,7 @@ CVE-2018-19361 - https://github.com/ilmari666/cybsec
CVE-2018-19362 - https://github.com/ARPSyndicate/cvemon
CVE-2018-19362 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-19362 - https://github.com/CGCL-codes/PHunter
+CVE-2018-19362 - https://github.com/LibHunter/LibHunter
CVE-2018-19362 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2018-19362 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2018-19362 - https://github.com/aaronm-sysdig/risk-accept
@@ -51559,6 +51842,7 @@ CVE-2018-3639 - https://github.com/v-lavrentikov/meltdown-spectre
CVE-2018-3639 - https://github.com/vintagesucks/awesome-stars
CVE-2018-3639 - https://github.com/vurtne/specter---meltdown--checker
CVE-2018-3639 - https://github.com/willyb321/willyb321-stars
+CVE-2018-3639 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2018-3639 - https://github.com/xairy/linux-kernel-exploitation
CVE-2018-3639 - https://github.com/yardenshafir/MitigationFlagsCliTool
CVE-2018-3640 - https://github.com/ARPSyndicate/cvemon
@@ -52796,6 +53080,7 @@ CVE-2018-5318 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2018-5333 - https://github.com/ARPSyndicate/cvemon
CVE-2018-5333 - https://github.com/Al1ex/LinuxEelvation
CVE-2018-5333 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
+CVE-2018-5333 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2018-5333 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2018-5333 - https://github.com/bcoles/kernel-exploits
CVE-2018-5333 - https://github.com/bsauce/kernel-exploit-factory
@@ -53125,6 +53410,7 @@ CVE-2018-5968 - https://github.com/ARPSyndicate/cvemon
CVE-2018-5968 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-5968 - https://github.com/CGCL-codes/PHunter
CVE-2018-5968 - https://github.com/FHGZS/jackson-rce-via-two-new-gadgets
+CVE-2018-5968 - https://github.com/LibHunter/LibHunter
CVE-2018-5968 - https://github.com/OneSourceCat/jackson-rce-via-two-new-gadgets
CVE-2018-5968 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2018-5968 - https://github.com/ilmari666/cybsec
@@ -53637,6 +53923,7 @@ CVE-2018-6554 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2018-6554 - https://github.com/knd06/linux-kernel-exploitation
CVE-2018-6554 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2018-6554 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2018-6554 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2018-6554 - https://github.com/xairy/linux-kernel-exploitation
CVE-2018-6555 - https://github.com/ARPSyndicate/cvemon
CVE-2018-6555 - https://github.com/kdn111/linux-kernel-exploitation
@@ -53650,6 +53937,7 @@ CVE-2018-6555 - https://github.com/knd06/linux-kernel-exploitation
CVE-2018-6555 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2018-6555 - https://github.com/ostrichxyz7/kexps
CVE-2018-6555 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2018-6555 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2018-6555 - https://github.com/xairy/linux-kernel-exploitation
CVE-2018-6556 - https://github.com/MaherAzzouzi/CVE-2022-47952
CVE-2018-6556 - https://github.com/k0mi-tg/CVE-POC
@@ -54241,6 +54529,7 @@ CVE-2018-7489 - https://github.com/zema1/oracle-vuln-crawler
CVE-2018-7490 - https://github.com/0ps/pocassistdb
CVE-2018-7490 - https://github.com/ARPSyndicate/cvemon
CVE-2018-7490 - https://github.com/ARPSyndicate/kenzer-templates
+CVE-2018-7490 - https://github.com/CLincat/vulcat
CVE-2018-7490 - https://github.com/Elsfa7-110/kenzer-templates
CVE-2018-7490 - https://github.com/H4cking2theGate/TraversalHunter
CVE-2018-7490 - https://github.com/SexyBeast233/SecBooks
@@ -54784,6 +55073,7 @@ CVE-2018-8036 - https://github.com/Anonymous-Phunter/PHunter
CVE-2018-8036 - https://github.com/CGCL-codes/PHunter
CVE-2018-8036 - https://github.com/DennisFeldbusch/Fuzz
CVE-2018-8036 - https://github.com/GCFuzzer/SP2023
+CVE-2018-8036 - https://github.com/LibHunter/LibHunter
CVE-2018-8036 - https://github.com/hwen020/JQF
CVE-2018-8036 - https://github.com/jyi/JQF
CVE-2018-8036 - https://github.com/mfatima1/CS182
@@ -54794,6 +55084,7 @@ CVE-2018-8036 - https://github.com/rohanpadhye/JQF
CVE-2018-8036 - https://github.com/sarahc7/jqf-gson
CVE-2018-8037 - https://github.com/ilmari666/cybsec
CVE-2018-8037 - https://github.com/tomoyamachi/gocarts
+CVE-2018-8037 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2018-8037 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2018-8038 - https://github.com/0xT11/CVE-POC
CVE-2018-8038 - https://github.com/hectorgie/PoC-in-GitHub
@@ -55094,6 +55385,7 @@ CVE-2018-8174 - https://github.com/HacTF/poc--exp
CVE-2018-8174 - https://github.com/InQuest/yara-rules
CVE-2018-8174 - https://github.com/JERRY123S/all-poc
CVE-2018-8174 - https://github.com/KasperskyLab/VBscriptInternals
+CVE-2018-8174 - https://github.com/MN439/bingduziyuan
CVE-2018-8174 - https://github.com/MrTcsy/Exploit
CVE-2018-8174 - https://github.com/Ondrik8/RED-Team
CVE-2018-8174 - https://github.com/Ostorlab/KEV
@@ -55898,6 +56190,7 @@ CVE-2018-8781 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2018-8781 - https://github.com/knd06/linux-kernel-exploitation
CVE-2018-8781 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2018-8781 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2018-8781 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2018-8781 - https://github.com/xairy/linux-kernel-exploitation
CVE-2018-8792 - https://github.com/ARPSyndicate/cvemon
CVE-2018-8796 - https://github.com/ARPSyndicate/cvemon
@@ -56216,6 +56509,7 @@ CVE-2018-9427 - https://github.com/ARPSyndicate/cvemon
CVE-2018-9436 - https://github.com/ARPSyndicate/cvemon
CVE-2018-9437 - https://github.com/ARPSyndicate/cvemon
CVE-2018-9438 - https://github.com/ARPSyndicate/cvemon
+CVE-2018-9442 - https://github.com/codexlynx/hardware-attacks-state-of-the-art
CVE-2018-9444 - https://github.com/ARPSyndicate/cvemon
CVE-2018-9445 - https://github.com/ARPSyndicate/cvemon
CVE-2018-9445 - https://github.com/lnick2023/nicenice
@@ -56304,6 +56598,7 @@ CVE-2018-9568 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2018-9568 - https://github.com/knd06/linux-kernel-exploitation
CVE-2018-9568 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2018-9568 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2018-9568 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2018-9568 - https://github.com/xairy/linux-kernel-exploitation
CVE-2018-9582 - https://github.com/ARPSyndicate/cvemon
CVE-2018-9582 - https://github.com/virtualpatch/virtualpatch_evaluation
@@ -56719,6 +57014,7 @@ CVE-2019-0227 - https://github.com/pen4uin/vulnerability-research-list
CVE-2019-0227 - https://github.com/sunzu94/AWS-CVEs
CVE-2019-0228 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-0228 - https://github.com/CGCL-codes/PHunter
+CVE-2019-0228 - https://github.com/LibHunter/LibHunter
CVE-2019-0228 - https://github.com/bluesNbrews/SkillSearchEngine
CVE-2019-0228 - https://github.com/swilliams9671/SkillSearchEngine
CVE-2019-0229 - https://github.com/ARPSyndicate/cvemon
@@ -57424,6 +57720,7 @@ CVE-2019-0708 - https://github.com/password520/Penetration_PoC
CVE-2019-0708 - https://github.com/password520/RedTeamer
CVE-2019-0708 - https://github.com/pengusec/awesome-netsec-articles
CVE-2019-0708 - https://github.com/pentest-a2p2v/pentest-a2p2v-core
+CVE-2019-0708 - https://github.com/pg001001/deception-tech
CVE-2019-0708 - https://github.com/phant0n/PENTESTING-BIBLE
CVE-2019-0708 - https://github.com/pikpikcu/Pentest-Tools-Framework
CVE-2019-0708 - https://github.com/pravinsrc/NOTES-windows-kernel-links
@@ -58207,6 +58504,7 @@ CVE-2019-10086 - https://github.com/ARPSyndicate/cvemon
CVE-2019-10086 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-10086 - https://github.com/CGCL-codes/PHunter
CVE-2019-10086 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2019-10086 - https://github.com/LibHunter/LibHunter
CVE-2019-10086 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2019-10086 - https://github.com/developer3000S/PoC-in-GitHub
CVE-2019-10086 - https://github.com/hectorgie/PoC-in-GitHub
@@ -58505,11 +58803,14 @@ CVE-2019-10232 - https://github.com/youcans896768/APIV_Tool
CVE-2019-10241 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-10241 - https://github.com/CGCL-codes/PHunter
CVE-2019-10241 - https://github.com/DonnumS/inf226Inchat
+CVE-2019-10241 - https://github.com/LibHunter/LibHunter
CVE-2019-10246 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-10246 - https://github.com/CGCL-codes/PHunter
+CVE-2019-10246 - https://github.com/LibHunter/LibHunter
CVE-2019-10247 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-10247 - https://github.com/CGCL-codes/PHunter
CVE-2019-10247 - https://github.com/DonnumS/inf226Inchat
+CVE-2019-10247 - https://github.com/LibHunter/LibHunter
CVE-2019-10255 - https://github.com/ARPSyndicate/cvemon
CVE-2019-10255 - https://github.com/RonenDabach/python-tda-bug-hunt-2
CVE-2019-10261 - https://github.com/ARPSyndicate/cvemon
@@ -58695,6 +58996,7 @@ CVE-2019-10567 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-10567 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-10567 - https://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices
CVE-2019-10567 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-10567 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-10567 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-10584 - https://github.com/jiayy/android_vuln_poc-exp
CVE-2019-10596 - https://github.com/404notf0und/CVE-Flow
@@ -59237,6 +59539,7 @@ CVE-2019-11190 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2019-11190 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-11190 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-11190 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-11190 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-11190 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-11193 - https://github.com/ARPSyndicate/cvemon
CVE-2019-11223 - https://github.com/0xT11/CVE-POC
@@ -59559,6 +59862,7 @@ CVE-2019-11358 - https://github.com/6165-MSET-CuttleFish/FtcRobotController
CVE-2019-11358 - https://github.com/6165-MSET-CuttleFish/PowerPlay
CVE-2019-11358 - https://github.com/6165-MSET-CuttleFish/SHS_Swerve_Offseason
CVE-2019-11358 - https://github.com/6369Designosars/Summer_Software_6.2
+CVE-2019-11358 - https://github.com/6427FTCRobotics/centerstage6427
CVE-2019-11358 - https://github.com/731WannabeeStrange/FTC-731-Powerplay
CVE-2019-11358 - https://github.com/731WannabeeStrange/centerstage-731
CVE-2019-11358 - https://github.com/7390jellyfish/software
@@ -60431,6 +60735,7 @@ CVE-2019-11358 - https://github.com/FTCTeam11531/TechnoTrojanTraining_Drivetrain
CVE-2019-11358 - https://github.com/FTCTeam21217/AutonomousWorkshop
CVE-2019-11358 - https://github.com/FTCTeam7610-Software/7610-Software-Version-7.1
CVE-2019-11358 - https://github.com/FTCTeam7610-Software/7610Software-7.1
+CVE-2019-11358 - https://github.com/FTCclueless/Centerstage
CVE-2019-11358 - https://github.com/FUTURE-FTC10366/FTCFreightFrenzy-2021-22
CVE-2019-11358 - https://github.com/FaltechFTC/FtcRobotController2122
CVE-2019-11358 - https://github.com/Feyorsh/PASC-FTC-robotCode
@@ -60643,6 +60948,7 @@ CVE-2019-11358 - https://github.com/InduGadi/example-repository
CVE-2019-11358 - https://github.com/Indubitably8/Bot24Update
CVE-2019-11358 - https://github.com/Indubitably8/JakeBot
CVE-2019-11358 - https://github.com/Indubitably8/JakeBot24
+CVE-2019-11358 - https://github.com/Infernal-Industries/AprilTagTesting
CVE-2019-11358 - https://github.com/Infidge/LeagueMeetsBot
CVE-2019-11358 - https://github.com/InfinityTechRobotics/IT_2022_Summer_Learning
CVE-2019-11358 - https://github.com/Infinitybeond1/RobotCode
@@ -60838,6 +61144,7 @@ CVE-2019-11358 - https://github.com/LenickTan/FtcRobotController-7.0
CVE-2019-11358 - https://github.com/LenickTan/UltimateGoalCode
CVE-2019-11358 - https://github.com/LenickTan/ultgoal
CVE-2019-11358 - https://github.com/LeoMavri/RO109-Homosapiens
+CVE-2019-11358 - https://github.com/LeozinDaProgramacao/TechZeusCenterstage2023-2024
CVE-2019-11358 - https://github.com/LiBaoJake/ftcrobotcontrol
CVE-2019-11358 - https://github.com/LiamWalker01/CrowForce22-23
CVE-2019-11358 - https://github.com/LiamWalker01/CrowForce22-23-RobotController8.1.1
@@ -61130,6 +61437,7 @@ CVE-2019-11358 - https://github.com/OverlakeRobotics/FtcRobotController2021
CVE-2019-11358 - https://github.com/OverlakeRobotics/Nocturnal-2020-Ultimate-Goal
CVE-2019-11358 - https://github.com/OverlakeRobotics/OverlakeFTC-2023-7330
CVE-2019-11358 - https://github.com/OverripeBanana/9894_Robolions
+CVE-2019-11358 - https://github.com/Overture-7421/Hayabusa-2024
CVE-2019-11358 - https://github.com/Overture-7421/HayabusaRobotCode_23619
CVE-2019-11358 - https://github.com/Owen-Pryga/FtcRobotController_UltamateGoal
CVE-2019-11358 - https://github.com/Owen383/WM20
@@ -61471,6 +61779,7 @@ CVE-2019-11358 - https://github.com/SittingDucks23507/SD
CVE-2019-11358 - https://github.com/Skywalker934/PowerPlay
CVE-2019-11358 - https://github.com/Skywalker934/video-tutorial
CVE-2019-11358 - https://github.com/Slipperee-CODE/4625---FTC---POWERPLAY
+CVE-2019-11358 - https://github.com/Slipperee-CODE/4625-FTC-CenterStage
CVE-2019-11358 - https://github.com/Slipperee-CODE/4625-FTC-CenterStage2023-2024
CVE-2019-11358 - https://github.com/Slipperee-CODE/4625-FTC-Offseason
CVE-2019-11358 - https://github.com/Slipshodleaf74/Freight-Frenzy
@@ -61625,6 +61934,7 @@ CVE-2019-11358 - https://github.com/The-Founders-Academy/2023-Powerplay
CVE-2019-11358 - https://github.com/The-Founders-Academy/2023-Test-Robot
CVE-2019-11358 - https://github.com/The-Founders-Academy/2024-Centerstage
CVE-2019-11358 - https://github.com/The-Founders-Academy/2024-Centerstage-Archived
+CVE-2019-11358 - https://github.com/The-Founders-Academy/shared-code
CVE-2019-11358 - https://github.com/The-Innovation-Story/FreightFrenzy_FTC
CVE-2019-11358 - https://github.com/The-Knights-of-Ni/Skystone2020
CVE-2019-11358 - https://github.com/The-Knights-of-Ni/UltimateGoal2021_6.2
@@ -62371,6 +62681,7 @@ CVE-2019-11358 - https://github.com/frc4039/ftc2023
CVE-2019-11358 - https://github.com/frc4039/ftc2024
CVE-2019-11358 - https://github.com/frc5050/FTC7901-2021
CVE-2019-11358 - https://github.com/frc5050/FTC7902-2021
+CVE-2019-11358 - https://github.com/frc6606/ftc-2024
CVE-2019-11358 - https://github.com/frc7787/FTC-2023-Robot
CVE-2019-11358 - https://github.com/frc7787/FTC-Centerstage
CVE-2019-11358 - https://github.com/frc7787/FTC_AndroidStudio2023
@@ -63643,6 +63954,7 @@ CVE-2019-11510 - https://github.com/developer3000S/PoC-in-GitHub
CVE-2019-11510 - https://github.com/dnif/content
CVE-2019-11510 - https://github.com/es0/CVE-2019-11510_poc
CVE-2019-11510 - https://github.com/fengjixuchui/RedTeamer
+CVE-2019-11510 - https://github.com/fierceoj/ShonyDanza
CVE-2019-11510 - https://github.com/gquere/PulseSecure_session_hijacking
CVE-2019-11510 - https://github.com/hasee2018/Penetration_Testing_POC
CVE-2019-11510 - https://github.com/hectorgie/PoC-in-GitHub
@@ -64066,6 +64378,7 @@ CVE-2019-12086 - https://github.com/ARPSyndicate/cvemon
CVE-2019-12086 - https://github.com/Al1ex/CVE-2019-12086
CVE-2019-12086 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-12086 - https://github.com/CGCL-codes/PHunter
+CVE-2019-12086 - https://github.com/LibHunter/LibHunter
CVE-2019-12086 - https://github.com/SimoLin/CVE-2019-12086-jackson-databind-file-read
CVE-2019-12086 - https://github.com/SugarP1g/LearningSecurity
CVE-2019-12086 - https://github.com/codeplutos/CVE-2019-12086-jackson-databind-file-read
@@ -64282,6 +64595,7 @@ CVE-2019-12400 - https://github.com/onelogin/java-saml
CVE-2019-12400 - https://github.com/umeshnagori/java-saml-os
CVE-2019-12402 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-12402 - https://github.com/CGCL-codes/PHunter
+CVE-2019-12402 - https://github.com/LibHunter/LibHunter
CVE-2019-12409 - https://github.com/0day404/vulnerability-poc
CVE-2019-12409 - https://github.com/0xT11/CVE-POC
CVE-2019-12409 - https://github.com/20142995/pocsuite3
@@ -64331,6 +64645,7 @@ CVE-2019-12415 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2019-12417 - https://github.com/fruh/security-bulletins
CVE-2019-12418 - https://github.com/ARPSyndicate/cvemon
CVE-2019-12418 - https://github.com/raner/projo
+CVE-2019-12418 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2019-12418 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2019-12422 - https://github.com/ARPSyndicate/cvemon
CVE-2019-12422 - https://github.com/SugarP1g/LearningSecurity
@@ -64697,6 +65012,7 @@ CVE-2019-12814 - https://github.com/Al1ex/CVE-2019-12814
CVE-2019-12814 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-12814 - https://github.com/BorderTech/java-common
CVE-2019-12814 - https://github.com/CGCL-codes/PHunter
+CVE-2019-12814 - https://github.com/LibHunter/LibHunter
CVE-2019-12814 - https://github.com/SexyBeast233/SecBooks
CVE-2019-12814 - https://github.com/SugarP1g/LearningSecurity
CVE-2019-12814 - https://github.com/developer3000S/PoC-in-GitHub
@@ -65363,6 +65679,7 @@ CVE-2019-13272 - https://github.com/GhostTroops/TOP
CVE-2019-13272 - https://github.com/H0j3n/EzpzCheatSheet
CVE-2019-13272 - https://github.com/H1CH444MREB0RN/PenTest-free-tools
CVE-2019-13272 - https://github.com/HaleyWei/POC-available
+CVE-2019-13272 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2019-13272 - https://github.com/Huandtx/CVE-2019-13272
CVE-2019-13272 - https://github.com/ImranTheThirdEye/AD-Pentesting-Tools
CVE-2019-13272 - https://github.com/JERRY123S/all-poc
@@ -65467,6 +65784,7 @@ CVE-2019-13288 - https://github.com/EsharkyTheGreat/Xpdf-4.04-InfiniteStackRecur
CVE-2019-13288 - https://github.com/Fineas/CVE-2019-13288-POC
CVE-2019-13288 - https://github.com/asur4s/blog
CVE-2019-13288 - https://github.com/asur4s/fuzzing
+CVE-2019-13288 - https://github.com/ch1hyun/fuzzing-class
CVE-2019-13288 - https://github.com/chiehw/fuzzing
CVE-2019-13288 - https://github.com/gleaming0/CVE-2019-13288
CVE-2019-13289 - https://github.com/0xCyberY/CVE-T4PDF
@@ -65950,6 +66268,7 @@ CVE-2019-14040 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-14040 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-14040 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2019-14040 - https://github.com/tamirzb/CVE-2019-14040
+CVE-2019-14040 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-14040 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-14041 - https://github.com/0xT11/CVE-POC
CVE-2019-14041 - https://github.com/ARPSyndicate/cvemon
@@ -65966,6 +66285,7 @@ CVE-2019-14041 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-14041 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-14041 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2019-14041 - https://github.com/tamirzb/CVE-2019-14041
+CVE-2019-14041 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-14041 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-1405 - https://github.com/0xT11/CVE-POC
CVE-2019-1405 - https://github.com/65df4s/Erebusw
@@ -66330,6 +66650,7 @@ CVE-2019-14431 - https://github.com/Samsung/cotopaxi
CVE-2019-14439 - https://github.com/0xT11/CVE-POC
CVE-2019-14439 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-14439 - https://github.com/CGCL-codes/PHunter
+CVE-2019-14439 - https://github.com/LibHunter/LibHunter
CVE-2019-14439 - https://github.com/developer3000S/PoC-in-GitHub
CVE-2019-14439 - https://github.com/diakogiannis/moviebook
CVE-2019-14439 - https://github.com/galimba/Jackson-deserialization-PoC
@@ -66525,6 +66846,7 @@ CVE-2019-1477 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
CVE-2019-14772 - https://github.com/ossf-cve-benchmark/CVE-2019-14772
CVE-2019-14773 - https://github.com/ARPSyndicate/cvemon
CVE-2019-14775 - https://github.com/lukaspustina/cve-scorer
+CVE-2019-14776 - https://github.com/ch1hyun/fuzzing-class
CVE-2019-14795 - https://github.com/ARPSyndicate/cvemon
CVE-2019-14799 - https://github.com/ARPSyndicate/cvemon
CVE-2019-1481 - https://github.com/barrracud4/image-upload-exploits
@@ -66581,6 +66903,7 @@ CVE-2019-14891 - https://github.com/cibvetr2/crio_research
CVE-2019-14892 - https://github.com/ARPSyndicate/cvemon
CVE-2019-14892 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-14892 - https://github.com/CGCL-codes/PHunter
+CVE-2019-14892 - https://github.com/LibHunter/LibHunter
CVE-2019-14892 - https://github.com/Live-Hack-CVE/CVE-2019-14892
CVE-2019-14892 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2019-14892 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
@@ -66589,6 +66912,7 @@ CVE-2019-14892 - https://github.com/seal-community/patches
CVE-2019-14893 - https://github.com/ARPSyndicate/cvemon
CVE-2019-14893 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-14893 - https://github.com/CGCL-codes/PHunter
+CVE-2019-14893 - https://github.com/LibHunter/LibHunter
CVE-2019-14893 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2019-14893 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2019-14893 - https://github.com/seal-community/patches
@@ -67141,6 +67465,7 @@ CVE-2019-15658 - https://github.com/ossf-cve-benchmark/CVE-2019-15658
CVE-2019-15666 - https://github.com/Al1ex/LinuxEelvation
CVE-2019-15666 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
CVE-2019-15666 - https://github.com/DrewSC13/Linpeas
+CVE-2019-15666 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2019-15666 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2019-15666 - https://github.com/bsauce/kernel-exploit-factory
CVE-2019-15666 - https://github.com/bsauce/kernel-security-learning
@@ -67352,7 +67677,10 @@ CVE-2019-16098 - https://github.com/0xT11/CVE-POC
CVE-2019-16098 - https://github.com/474172261/KDU
CVE-2019-16098 - https://github.com/ARPSyndicate/cvemon
CVE-2019-16098 - https://github.com/Barakat/CVE-2019-16098
+CVE-2019-16098 - https://github.com/CVEDB/awesome-cve-repo
+CVE-2019-16098 - https://github.com/CVEDB/top
CVE-2019-16098 - https://github.com/ExpLife0011/awesome-windows-kernel-security-development
+CVE-2019-16098 - https://github.com/GhostTroops/TOP
CVE-2019-16098 - https://github.com/JustaT3ch/Kernel-Snooping
CVE-2019-16098 - https://github.com/Ondrik8/exploit
CVE-2019-16098 - https://github.com/developer3000S/PoC-in-GitHub
@@ -67763,6 +68091,7 @@ CVE-2019-16508 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2019-16508 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-16508 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-16508 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-16508 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-16508 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-16511 - https://github.com/GitHubAssessments/CVE_Assessments_09_2019
CVE-2019-16511 - https://github.com/jpbprakash/vuln
@@ -68022,6 +68351,7 @@ CVE-2019-16865 - https://github.com/ARPSyndicate/cvemon
CVE-2019-16869 - https://github.com/ARPSyndicate/cvemon
CVE-2019-16869 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-16869 - https://github.com/CGCL-codes/PHunter
+CVE-2019-16869 - https://github.com/LibHunter/LibHunter
CVE-2019-16869 - https://github.com/cezapata/appconfiguration-sample
CVE-2019-16880 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs
CVE-2019-16881 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs
@@ -68375,6 +68705,7 @@ CVE-2019-17262 - https://github.com/linhlhq/research
CVE-2019-17267 - https://github.com/ARPSyndicate/cvemon
CVE-2019-17267 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-17267 - https://github.com/CGCL-codes/PHunter
+CVE-2019-17267 - https://github.com/LibHunter/LibHunter
CVE-2019-17267 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2019-17267 - https://github.com/ilmari666/cybsec
CVE-2019-17267 - https://github.com/seal-community/patches
@@ -68389,6 +68720,7 @@ CVE-2019-17359 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-17359 - https://github.com/CGCL-codes/PHunter
CVE-2019-17359 - https://github.com/DennisFeldbusch/Fuzz
CVE-2019-17359 - https://github.com/GCFuzzer/SP2023
+CVE-2019-17359 - https://github.com/LibHunter/LibHunter
CVE-2019-17359 - https://github.com/hwen020/JQF
CVE-2019-17359 - https://github.com/mfatima1/CS182
CVE-2019-17359 - https://github.com/moudemans/GFuzz
@@ -68645,6 +68977,7 @@ CVE-2019-17559 - https://github.com/Live-Hack-CVE/CVE-2019-17559
CVE-2019-17563 - https://github.com/Live-Hack-CVE/CVE-2019-17563
CVE-2019-17563 - https://github.com/raner/projo
CVE-2019-17563 - https://github.com/rootameen/vulpine
+CVE-2019-17563 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2019-17563 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2019-17564 - https://github.com/0xT11/CVE-POC
CVE-2019-17564 - https://github.com/ARPSyndicate/cvemon
@@ -68860,6 +69193,7 @@ CVE-2019-17625 - https://github.com/hectorgie/PoC-in-GitHub
CVE-2019-17626 - https://github.com/asa1997/topgear_test
CVE-2019-17632 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-17632 - https://github.com/CGCL-codes/PHunter
+CVE-2019-17632 - https://github.com/LibHunter/LibHunter
CVE-2019-17633 - https://github.com/0xT11/CVE-POC
CVE-2019-17633 - https://github.com/developer3000S/PoC-in-GitHub
CVE-2019-17633 - https://github.com/hectorgie/PoC-in-GitHub
@@ -69220,6 +69554,7 @@ CVE-2019-18675 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2019-18675 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-18675 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-18675 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-18675 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-18675 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-18679 - https://github.com/SexyBeast233/SecBooks
CVE-2019-18683 - https://github.com/0xT11/CVE-POC
@@ -69243,6 +69578,7 @@ CVE-2019-18683 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-18683 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2019-18683 - https://github.com/sanjana123-cloud/CVE-2019-18683
CVE-2019-18683 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-18683 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-18683 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-18683 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2019-18775 - https://github.com/sjmini/icse2020-Solidity
@@ -69676,6 +70012,7 @@ CVE-2019-19377 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2019-19377 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-19377 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-19377 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-19377 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-19377 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-19378 - https://github.com/ARPSyndicate/cvemon
CVE-2019-19383 - https://github.com/0xT11/CVE-POC
@@ -70003,6 +70340,7 @@ CVE-2019-19781 - https://github.com/emtee40/win-pentest-tools
CVE-2019-19781 - https://github.com/faisal6me/DFIR-Note
CVE-2019-19781 - https://github.com/fcp999/centos
CVE-2019-19781 - https://github.com/fengjixuchui/RedTeamer
+CVE-2019-19781 - https://github.com/fierceoj/ShonyDanza
CVE-2019-19781 - https://github.com/gobysec/Goby
CVE-2019-19781 - https://github.com/hack-parthsharma/Pentest-Tools
CVE-2019-19781 - https://github.com/hackingyseguridad/nmap
@@ -70253,6 +70591,7 @@ CVE-2019-2000 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2019-2000 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-2000 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-2000 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-2000 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-2000 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-20002 - https://github.com/ARPSyndicate/cvemon
CVE-2019-2003 - https://github.com/ARPSyndicate/cvemon
@@ -70397,6 +70736,7 @@ CVE-2019-2025 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2019-2025 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-2025 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-2025 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-2025 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-2025 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-2027 - https://github.com/ARPSyndicate/cvemon
CVE-2019-2027 - https://github.com/hyrathon/trophies
@@ -70443,6 +70783,7 @@ CVE-2019-20414 - https://github.com/ARPSyndicate/cvemon
CVE-2019-20443 - https://github.com/cybersecurityworks553/Security-Advisories
CVE-2019-20444 - https://github.com/Anonymous-Phunter/PHunter
CVE-2019-20444 - https://github.com/CGCL-codes/PHunter
+CVE-2019-20444 - https://github.com/LibHunter/LibHunter
CVE-2019-20444 - https://github.com/cezapata/appconfiguration-sample
CVE-2019-20444 - https://github.com/yahoo/cubed
CVE-2019-20445 - https://github.com/cezapata/appconfiguration-sample
@@ -70570,6 +70911,7 @@ CVE-2019-2107 - https://github.com/CVEDB/PoC-List
CVE-2019-2107 - https://github.com/CVEDB/awesome-cve-repo
CVE-2019-2107 - https://github.com/CVEDB/top
CVE-2019-2107 - https://github.com/CnHack3r/Penetration_PoC
+CVE-2019-2107 - https://github.com/CrackerCat/CVE-2019-2107
CVE-2019-2107 - https://github.com/EchoGin404/-
CVE-2019-2107 - https://github.com/EchoGin404/gongkaishouji
CVE-2019-2107 - https://github.com/GhostTroops/TOP
@@ -70620,6 +70962,7 @@ CVE-2019-2181 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2019-2181 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-2181 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-2181 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-2181 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-2181 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-2187 - https://github.com/ARPSyndicate/cvemon
CVE-2019-2187 - https://github.com/hyrathon/trophies
@@ -70653,9 +70996,11 @@ CVE-2019-2214 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2019-2214 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-2214 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-2214 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-2214 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-2214 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-2215 - https://github.com/0xT11/CVE-POC
CVE-2019-2215 - https://github.com/ARPSyndicate/cvemon
+CVE-2019-2215 - https://github.com/ATorNinja/CVE-2019-2215
CVE-2019-2215 - https://github.com/Al1ex/LinuxEelvation
CVE-2019-2215 - https://github.com/Byte-Master-101/CVE-2019-2215
CVE-2019-2215 - https://github.com/CrackerCat/Rootsmart-v2.0
@@ -70720,6 +71065,7 @@ CVE-2019-2215 - https://github.com/themmokhtar/CVE-2020-0022
CVE-2019-2215 - https://github.com/timwr/CVE-2019-2215
CVE-2019-2215 - https://github.com/wateroot/poc-exp
CVE-2019-2215 - https://github.com/willboka/CVE-2019-2215-HuaweiP20Lite
+CVE-2019-2215 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-2215 - https://github.com/wrlu/Vulnerabilities
CVE-2019-2215 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-2215 - https://github.com/yud121212/Linux_Privilege_Escalation
@@ -70875,6 +71221,7 @@ CVE-2019-2618 - https://github.com/lp008/Hack-readme
CVE-2019-2618 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2019-2618 - https://github.com/pyn3rd/CVE-2019-2618
CVE-2019-2618 - https://github.com/qazbnm456/awesome-cve-poc
+CVE-2019-2618 - https://github.com/qtgavc/list
CVE-2019-2618 - https://github.com/r0eXpeR/redteam_vul
CVE-2019-2618 - https://github.com/reph0r/poc-exp
CVE-2019-2618 - https://github.com/reph0r/poc-exp-tools
@@ -70904,6 +71251,7 @@ CVE-2019-2684 - https://github.com/Live-Hack-CVE/CVE-2019-2684
CVE-2019-2684 - https://github.com/Live-Hack-CVE/CVE-2020-13946
CVE-2019-2684 - https://github.com/psifertex/ctf-vs-the-real-world
CVE-2019-2684 - https://github.com/qtc-de/remote-method-guesser
+CVE-2019-2684 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2019-2692 - https://github.com/ARPSyndicate/cvemon
CVE-2019-2692 - https://github.com/hinat0y/Dataset1
CVE-2019-2692 - https://github.com/hinat0y/Dataset10
@@ -71158,6 +71506,7 @@ CVE-2019-2729 - https://github.com/pizza-power/weblogic-CVE-2019-2729-POC
CVE-2019-2729 - https://github.com/pwnagelabs/VEF
CVE-2019-2729 - https://github.com/qi4L/WeblogicScan.go
CVE-2019-2729 - https://github.com/qianxiao996/FrameScan
+CVE-2019-2729 - https://github.com/qtgavc/list
CVE-2019-2729 - https://github.com/rabbitmask/WeblogicScan
CVE-2019-2729 - https://github.com/rabbitmask/WeblogicScanLot
CVE-2019-2729 - https://github.com/rockmelodies/rocComExpRce
@@ -72447,6 +72796,7 @@ CVE-2019-5844 - https://github.com/Live-Hack-CVE/CVE-2019-5844
CVE-2019-5845 - https://github.com/Live-Hack-CVE/CVE-2019-5845
CVE-2019-5846 - https://github.com/Live-Hack-CVE/CVE-2019-5846
CVE-2019-5847 - https://github.com/RUB-SysSec/JIT-Picker
+CVE-2019-5847 - https://github.com/ch1hyun/fuzzing-class
CVE-2019-5847 - https://github.com/googleprojectzero/fuzzilli
CVE-2019-5847 - https://github.com/zhangjiahui-buaa/MasterThesis
CVE-2019-5850 - https://github.com/allpaca/chrome-sbx-db
@@ -72736,6 +73086,7 @@ CVE-2019-6340 - https://github.com/nobodyatall648/CVE-2019-6340
CVE-2019-6340 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2019-6340 - https://github.com/opflep/Drupalgeddon-Toolkit
CVE-2019-6340 - https://github.com/oways/CVE-2019-6340
+CVE-2019-6340 - https://github.com/pg001001/deception-tech
CVE-2019-6340 - https://github.com/pinkieli/GitHub-Chinese-Top-Charts
CVE-2019-6340 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts
CVE-2019-6340 - https://github.com/resistezauxhackeurs/outils_audit_cms
@@ -73321,6 +73672,7 @@ CVE-2019-7308 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2019-7308 - https://github.com/knd06/linux-kernel-exploitation
CVE-2019-7308 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-7308 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-7308 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-7308 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-7309 - https://github.com/flyrev/security-scan-ci-presentation
CVE-2019-7310 - https://github.com/0xCyberY/CVE-T4PDF
@@ -74459,6 +74811,7 @@ CVE-2019-9213 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2019-9213 - https://github.com/shizhongpwn/Skr_StudyEveryday
CVE-2019-9213 - https://github.com/soh0ro0t/HappyHackingOnLinux
CVE-2019-9213 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-9213 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-9213 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-9213 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2019-9215 - https://github.com/0n3m4ns4rmy/WhatTheBug
@@ -74524,6 +74877,7 @@ CVE-2019-9500 - https://github.com/lnick2023/nicenice
CVE-2019-9500 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-9500 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2019-9500 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-9500 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-9500 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-9500 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2019-9501 - https://github.com/0xT11/CVE-POC
@@ -74556,6 +74910,7 @@ CVE-2019-9503 - https://github.com/lnick2023/nicenice
CVE-2019-9503 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2019-9503 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2019-9503 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2019-9503 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2019-9503 - https://github.com/xairy/linux-kernel-exploitation
CVE-2019-9503 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
CVE-2019-9506 - https://github.com/0xT11/CVE-POC
@@ -75041,6 +75396,7 @@ CVE-2020-0018 - https://github.com/he1m4n6a/cve-db
CVE-2020-0019 - https://github.com/TinyNiko/android_bulletin_notes
CVE-2020-0022 - https://github.com/0xT11/CVE-POC
CVE-2020-0022 - https://github.com/2lambda123/CVE-mitre
+CVE-2020-0022 - https://github.com/362902755/CVE-2020-0023
CVE-2020-0022 - https://github.com/5k1l/cve-2020-0022
CVE-2020-0022 - https://github.com/ARPSyndicate/cvemon
CVE-2020-0022 - https://github.com/JeffroMF/awesome-bluetooth-security321
@@ -75069,6 +75425,7 @@ CVE-2020-0022 - https://github.com/themmokhtar/CVE-2020-0022
CVE-2020-0022 - https://github.com/trhacknon/Pocingit
CVE-2020-0022 - https://github.com/wrlu/Vulnerabilities
CVE-2020-0022 - https://github.com/zecool/cve
+CVE-2020-0023 - https://github.com/362902755/CVE-2020-0023
CVE-2020-0026 - https://github.com/he1m4n6a/cve-db
CVE-2020-0027 - https://github.com/he1m4n6a/cve-db
CVE-2020-0032 - https://github.com/he1m4n6a/cve-db
@@ -75079,6 +75436,7 @@ CVE-2020-0036 - https://github.com/he1m4n6a/cve-db
CVE-2020-0037 - https://github.com/he1m4n6a/cve-db
CVE-2020-0038 - https://github.com/he1m4n6a/cve-db
CVE-2020-0039 - https://github.com/he1m4n6a/cve-db
+CVE-2020-0041 - https://github.com/0xMarcio/cve
CVE-2020-0041 - https://github.com/0xT11/CVE-POC
CVE-2020-0041 - https://github.com/0xZipp0/BIBLE
CVE-2020-0041 - https://github.com/ARPSyndicate/cvemon
@@ -75142,6 +75500,7 @@ CVE-2020-0041 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2020-0041 - https://github.com/trhacknon/Pocingit
CVE-2020-0041 - https://github.com/vaginessa/CVE-2020-0041-Pixel-3a
CVE-2020-0041 - https://github.com/weeka10/-hktalent-TOP
+CVE-2020-0041 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-0041 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-0041 - https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References
CVE-2020-0041 - https://github.com/yusufazizmustofa/BIBLE
@@ -75419,6 +75778,7 @@ CVE-2020-0423 - https://github.com/knd06/linux-kernel-exploitation
CVE-2020-0423 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-0423 - https://github.com/sparrow-labz/CVE-2020-0423
CVE-2020-0423 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-0423 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-0423 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-0424 - https://github.com/TinyNiko/android_bulletin_notes
CVE-2020-0427 - https://github.com/ARPSyndicate/cvemon
@@ -77325,6 +77685,7 @@ CVE-2020-10135 - https://github.com/WinMin/Protocol-Vul
CVE-2020-10135 - https://github.com/developer3000S/PoC-in-GitHub
CVE-2020-10135 - https://github.com/engn33r/awesome-bluetooth-security
CVE-2020-10135 - https://github.com/hectorgie/PoC-in-GitHub
+CVE-2020-10135 - https://github.com/m4rm0k/CVE-2020-10135-BIAS
CVE-2020-10135 - https://github.com/marcinguy/CVE-2020-10135-BIAS
CVE-2020-10135 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2020-10135 - https://github.com/sgxgsx/BlueToolkit
@@ -78288,6 +78649,7 @@ CVE-2020-10682 - https://github.com/JoshuaProvoste/joshuaprovoste
CVE-2020-10683 - https://github.com/ARPSyndicate/cvemon
CVE-2020-10683 - https://github.com/Anonymous-Phunter/PHunter
CVE-2020-10683 - https://github.com/CGCL-codes/PHunter
+CVE-2020-10683 - https://github.com/LibHunter/LibHunter
CVE-2020-10683 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2020-10684 - https://github.com/ARPSyndicate/cvemon
CVE-2020-10684 - https://github.com/Live-Hack-CVE/CVE-2020-10684
@@ -78921,6 +79283,7 @@ CVE-2020-11179 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2020-11179 - https://github.com/knd06/linux-kernel-exploitation
CVE-2020-11179 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-11179 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-11179 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-11179 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-11180 - https://github.com/TinyNiko/android_bulletin_notes
CVE-2020-11181 - https://github.com/TinyNiko/android_bulletin_notes
@@ -79772,6 +80135,7 @@ CVE-2020-11996 - https://github.com/hectorgie/PoC-in-GitHub
CVE-2020-11996 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2020-11996 - https://github.com/rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996
CVE-2020-11996 - https://github.com/soosmile/POC
+CVE-2020-11996 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2020-11996 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2020-11998 - https://github.com/404notf0und/CVE-Flow
CVE-2020-11998 - https://github.com/zhzhdoai/JAVA_Env-Poc
@@ -79860,6 +80224,7 @@ CVE-2020-12078 - https://github.com/tdtc7/qps
CVE-2020-12079 - https://github.com/Live-Hack-CVE/CVE-2020-12079
CVE-2020-1208 - https://github.com/ARPSyndicate/cvemon
CVE-2020-1208 - https://github.com/ferdinandmudjialim/metasploit-cve-search
+CVE-2020-1208 - https://github.com/tunnelcat/metasploit-cve-search
CVE-2020-1210 - https://github.com/404notf0und/CVE-Flow
CVE-2020-1210 - https://github.com/Cheroxx/Patch-Tuesday-Updates
CVE-2020-12100 - https://github.com/Live-Hack-CVE/CVE-2020-12100
@@ -79967,11 +80332,14 @@ CVE-2020-1234 - https://github.com/influxdata/sedg
CVE-2020-1234 - https://github.com/ivanid22/NVD-scraper
CVE-2020-1234 - https://github.com/strobes-co/ql-documentation
CVE-2020-1234 - https://github.com/tahtaciburak/CyAnnuaire
+CVE-2020-1234 - https://github.com/tunnelcat/metasploit-cve-search
CVE-2020-12340 - https://github.com/ARPSyndicate/cvemon
CVE-2020-12340 - https://github.com/ferdinandmudjialim/metasploit-cve-search
+CVE-2020-12340 - https://github.com/tunnelcat/metasploit-cve-search
CVE-2020-1234567 - https://github.com/DataSurgeon-ds/ds-cve-plugin
CVE-2020-1234567 - https://github.com/seifrajhi/aws-devops-pro-notes
CVE-2020-123477 - https://github.com/ferdinandmudjialim/metasploit-cve-search
+CVE-2020-123477 - https://github.com/tunnelcat/metasploit-cve-search
CVE-2020-12351 - https://github.com/ARPSyndicate/cvemon
CVE-2020-12351 - https://github.com/Charmve/BLE-Security-Attack-Defence
CVE-2020-12351 - https://github.com/Dikens88/hopp
@@ -80001,6 +80369,7 @@ CVE-2020-12351 - https://github.com/sgxgsx/BlueToolkit
CVE-2020-12351 - https://github.com/shannonmullins/hopp
CVE-2020-12351 - https://github.com/soosmile/POC
CVE-2020-12351 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-12351 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-12351 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-12352 - https://github.com/ARPSyndicate/cvemon
CVE-2020-12352 - https://github.com/Charmve/BLE-Security-Attack-Defence
@@ -80026,6 +80395,7 @@ CVE-2020-12352 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-12352 - https://github.com/sgxgsx/BlueToolkit
CVE-2020-12352 - https://github.com/shannonmullins/hopp
CVE-2020-12352 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-12352 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-12352 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-12362 - https://github.com/ARPSyndicate/cvemon
CVE-2020-12363 - https://github.com/ARPSyndicate/cvemon
@@ -80360,6 +80730,7 @@ CVE-2020-12865 - https://github.com/Live-Hack-CVE/CVE-2020-12865
CVE-2020-12866 - https://github.com/Live-Hack-CVE/CVE-2020-12866
CVE-2020-12867 - https://github.com/Live-Hack-CVE/CVE-2020-12867
CVE-2020-12872 - https://github.com/Live-Hack-CVE/CVE-2020-12872
+CVE-2020-12872 - https://github.com/catsploit/catsploit
CVE-2020-12873 - https://github.com/mbadanoiu/CVE-2023-49964
CVE-2020-12873 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2020-12882 - https://github.com/ARPSyndicate/cvemon
@@ -80735,6 +81106,7 @@ CVE-2020-13493 - https://github.com/Live-Hack-CVE/CVE-2020-13493
CVE-2020-13494 - https://github.com/Live-Hack-CVE/CVE-2020-13494
CVE-2020-13497 - https://github.com/Live-Hack-CVE/CVE-2020-13497
CVE-2020-13498 - https://github.com/Live-Hack-CVE/CVE-2020-13498
+CVE-2020-1350 - https://github.com/0xMarcio/cve
CVE-2020-1350 - https://github.com/0xT11/CVE-POC
CVE-2020-1350 - https://github.com/20142995/sectool
CVE-2020-1350 - https://github.com/2lambda123/diaphora
@@ -80794,6 +81166,7 @@ CVE-2020-1350 - https://github.com/maxpl0it/CVE-2020-1350-DoS
CVE-2020-1350 - https://github.com/mr-r3b00t/CVE-2020-1350
CVE-2020-1350 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2020-1350 - https://github.com/password520/Penetration_PoC
+CVE-2020-1350 - https://github.com/pg001001/deception-tech
CVE-2020-1350 - https://github.com/psc4re/NSE-scripts
CVE-2020-1350 - https://github.com/rudraimmunefi/source-code-review
CVE-2020-1350 - https://github.com/rudrapwn/source-code-review
@@ -80983,6 +81356,7 @@ CVE-2020-13753 - https://github.com/ARPSyndicate/cvemon
CVE-2020-13753 - https://github.com/hartwork/antijack
CVE-2020-13757 - https://github.com/ARPSyndicate/cvemon
CVE-2020-13757 - https://github.com/AdiRashkes/python-tda-bug-hunt-0
+CVE-2020-13757 - https://github.com/seal-community/patches
CVE-2020-13759 - https://github.com/Artisan-Lab/Rust-memory-safety-bugs
CVE-2020-1376 - https://github.com/404notf0und/CVE-Flow
CVE-2020-13765 - https://github.com/Live-Hack-CVE/CVE-2020-13765
@@ -81159,8 +81533,10 @@ CVE-2020-13933 - https://github.com/soosmile/POC
CVE-2020-13933 - https://github.com/superlink996/chunqiuyunjingbachang
CVE-2020-13933 - https://github.com/woods-sega/woodswiki
CVE-2020-13933 - https://github.com/xhycccc/Shiro-Vuln-Demo
+CVE-2020-13934 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2020-13934 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2020-13935 - https://github.com/0day404/vulnerability-poc
+CVE-2020-13935 - https://github.com/0xMarcio/cve
CVE-2020-13935 - https://github.com/20142995/sectool
CVE-2020-13935 - https://github.com/2lambda123/CVE-mitre
CVE-2020-13935 - https://github.com/404notf0und/CVE-Flow
@@ -81193,6 +81569,7 @@ CVE-2020-13935 - https://github.com/taielab/awesome-hacking-lists
CVE-2020-13935 - https://github.com/trganda/dockerv
CVE-2020-13935 - https://github.com/trganda/starrlist
CVE-2020-13935 - https://github.com/tzwlhack/Vulnerability
+CVE-2020-13935 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2020-13935 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2020-13935 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
CVE-2020-13935 - https://github.com/xuetusummer/Penetration_Testing_POC
@@ -81248,6 +81625,7 @@ CVE-2020-1394 - https://github.com/hyjun0407/COMRaceConditionSeeker
CVE-2020-13942 - https://github.com/1135/unomi_exploit
CVE-2020-13942 - https://github.com/ARPSyndicate/cvemon
CVE-2020-13942 - https://github.com/ARPSyndicate/kenzer-templates
+CVE-2020-13942 - https://github.com/CLincat/vulcat
CVE-2020-13942 - https://github.com/EdgeSecurityTeam/Vulnerability
CVE-2020-13942 - https://github.com/Elsfa7-110/kenzer-templates
CVE-2020-13942 - https://github.com/HimmelAward/Goby_POC
@@ -81284,6 +81662,7 @@ CVE-2020-13942 - https://github.com/yaunsky/Unomi-CVE-2020-13942
CVE-2020-13942 - https://github.com/zhzyker/vulmap
CVE-2020-13943 - https://github.com/ARPSyndicate/cvemon
CVE-2020-13943 - https://github.com/Live-Hack-CVE/CVE-2020-13943
+CVE-2020-13943 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2020-13943 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2020-13945 - https://github.com/ARPSyndicate/cvemon
CVE-2020-13945 - https://github.com/ARPSyndicate/kenzer-templates
@@ -81794,6 +82173,7 @@ CVE-2020-14356 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2020-14356 - https://github.com/knd06/linux-kernel-exploitation
CVE-2020-14356 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-14356 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-14356 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-14356 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-14361 - https://github.com/Live-Hack-CVE/CVE-2020-14361
CVE-2020-14362 - https://github.com/Live-Hack-CVE/CVE-2020-14362
@@ -81871,6 +82251,7 @@ CVE-2020-14381 - https://github.com/nanopathi/linux-4.19.72_CVE-2020-14381
CVE-2020-14381 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-14381 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2020-14381 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-14381 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-14381 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-14383 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2020-14384 - https://github.com/404notf0und/CVE-Flow
@@ -81911,6 +82292,7 @@ CVE-2020-14386 - https://github.com/source-xu/docker-vuls
CVE-2020-14386 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2020-14386 - https://github.com/taielab/awesome-hacking-lists
CVE-2020-14386 - https://github.com/teamssix/container-escape-check
+CVE-2020-14386 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-14386 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-14389 - https://github.com/Live-Hack-CVE/CVE-2020-14389
CVE-2020-14390 - https://github.com/ZIllR0/Routers
@@ -82708,6 +83090,7 @@ CVE-2020-14882 - https://github.com/Singhsanjeev617/A-Red-Teamer-diaries
CVE-2020-14882 - https://github.com/SouthWind0/southwind0.github.io
CVE-2020-14882 - https://github.com/Threekiii/Awesome-Exploit
CVE-2020-14882 - https://github.com/Threekiii/Awesome-POC
+CVE-2020-14882 - https://github.com/Threekiii/Awesome-Redteam
CVE-2020-14882 - https://github.com/Threekiii/Vulhub-Reproduce
CVE-2020-14882 - https://github.com/Umarovm/-Patched-McMaster-University-Blind-Command-Injection
CVE-2020-14882 - https://github.com/Weik1/Artillery
@@ -83849,6 +84232,7 @@ CVE-2020-16119 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2020-16119 - https://github.com/knd06/linux-kernel-exploitation
CVE-2020-16119 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-16119 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-16119 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-16119 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-1612 - https://github.com/zev3n/Ubuntu-Gnome-privilege-escalation
CVE-2020-16122 - https://github.com/Live-Hack-CVE/CVE-2020-16122
@@ -84791,6 +85175,7 @@ CVE-2020-17527 - https://github.com/forse01/CVE-2020-17527-Tomcat
CVE-2020-17527 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2020-17527 - https://github.com/pctF/vulnerable-app
CVE-2020-17527 - https://github.com/scordero1234/java_sec_demo-main
+CVE-2020-17527 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2020-17527 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2020-1753 - https://github.com/20142995/pocsuite3
CVE-2020-1753 - https://github.com/Live-Hack-CVE/CVE-2020-1753
@@ -85019,6 +85404,7 @@ CVE-2020-1934 - https://github.com/vshaliii/Vegeta1-Vulhub-Walkthrough
CVE-2020-1935 - https://github.com/mklmfane/betvictor
CVE-2020-1935 - https://github.com/mo-xiaoxi/HDiff
CVE-2020-1935 - https://github.com/raner/projo
+CVE-2020-1935 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2020-1935 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2020-19360 - https://github.com/0day404/vulnerability-poc
CVE-2020-19360 - https://github.com/20142995/Goby
@@ -85219,6 +85605,7 @@ CVE-2020-1938 - https://github.com/threedr3am/learnjavabug
CVE-2020-1938 - https://github.com/tpt11fb/AttackTomcat
CVE-2020-1938 - https://github.com/uuuuuuuzi/BugRepairsuggestions
CVE-2020-1938 - https://github.com/veo/vscan
+CVE-2020-1938 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2020-1938 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2020-1938 - https://github.com/w4fz5uck5/CVE-2020-1938-Clean-Version
CVE-2020-1938 - https://github.com/weeka10/-hktalent-TOP
@@ -85720,6 +86107,7 @@ CVE-2020-21534 - https://github.com/ARPSyndicate/cvemon
CVE-2020-21535 - https://github.com/Live-Hack-CVE/CVE-2020-21535
CVE-2020-21551 - https://github.com/Creamy-Chicken-Soup/writeups-about-analysis-CVEs-and-Exploits-on-the-Windows
CVE-2020-21551 - https://github.com/SpikySabra/Kernel-Cactus
+CVE-2020-21551 - https://github.com/TheMalwareGuardian/Awesome-Bootkits-Rootkits-Development
CVE-2020-21585 - https://github.com/EdgeSecurityTeam/Vulnerability
CVE-2020-21585 - https://github.com/tzwlhack/Vulnerability
CVE-2020-2159 - https://github.com/Live-Hack-CVE/CVE-2020-2159
@@ -86247,6 +86635,7 @@ CVE-2020-24490 - https://github.com/sereok3/buffer-overflow-writeups
CVE-2020-24490 - https://github.com/sgxgsx/BlueToolkit
CVE-2020-24490 - https://github.com/shannonmullins/hopp
CVE-2020-24490 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-24490 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-24490 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-24492 - https://github.com/DNTYO/F5_Vulnerability
CVE-2020-24493 - https://github.com/DNTYO/F5_Vulnerability
@@ -86793,6 +87182,7 @@ CVE-2020-25220 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2020-25220 - https://github.com/knd06/linux-kernel-exploitation
CVE-2020-25220 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-25220 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-25220 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-25220 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-25221 - https://github.com/404notf0und/CVE-Flow
CVE-2020-25221 - https://github.com/ARPSyndicate/cvemon
@@ -87210,6 +87600,7 @@ CVE-2020-25540 - https://github.com/superlink996/chunqiuyunjingbachang
CVE-2020-25540 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
CVE-2020-25540 - https://github.com/xuetusummer/Penetration_Testing_POC
CVE-2020-2555 - https://github.com/0x727/JNDIExploit
+CVE-2020-2555 - https://github.com/0xMarcio/cve
CVE-2020-2555 - https://github.com/0xT11/CVE-POC
CVE-2020-2555 - https://github.com/0xn0ne/weblogicScanner
CVE-2020-2555 - https://github.com/20142995/Goby
@@ -87480,6 +87871,7 @@ CVE-2020-25657 - https://github.com/ARPSyndicate/cvemon
CVE-2020-25657 - https://github.com/alexcowperthwaite/PasskeyScanner
CVE-2020-25658 - https://github.com/ARPSyndicate/cvemon
CVE-2020-25658 - https://github.com/AdiRashkes/python-tda-bug-hunt-0
+CVE-2020-25658 - https://github.com/seal-community/patches
CVE-2020-25659 - https://github.com/ARPSyndicate/cvemon
CVE-2020-25659 - https://github.com/AdiRashkes/python-tda-bug-hunt-2
CVE-2020-25659 - https://github.com/alexcowperthwaite/PasskeyScanner
@@ -88091,6 +88483,7 @@ CVE-2020-26939 - https://github.com/ARPSyndicate/cvemon
CVE-2020-26939 - https://github.com/Anonymous-Phunter/PHunter
CVE-2020-26939 - https://github.com/CGCL-codes/PHunter
CVE-2020-26939 - https://github.com/IkerSaint/VULNAPP-vulnerable-app
+CVE-2020-26939 - https://github.com/LibHunter/LibHunter
CVE-2020-26939 - https://github.com/box/box-java-sdk
CVE-2020-26939 - https://github.com/pctF/vulnerable-app
CVE-2020-2694 - https://github.com/20142995/Goby
@@ -88167,6 +88560,7 @@ CVE-2020-27193 - https://github.com/deepakdba/cve_checklist
CVE-2020-27193 - https://github.com/radtek/cve_checklist
CVE-2020-27194 - https://github.com/ARPSyndicate/cvemon
CVE-2020-27194 - https://github.com/Al1ex/LinuxEelvation
+CVE-2020-27194 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2020-27194 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2020-27194 - https://github.com/OrangeGzY/security-research-learning
CVE-2020-27194 - https://github.com/XiaozaYa/CVE-Recording
@@ -88189,6 +88583,7 @@ CVE-2020-27194 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2020-27194 - https://github.com/scannells/exploits
CVE-2020-27194 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2020-27194 - https://github.com/willinin/CVE-2020-27194-exp
+CVE-2020-27194 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-27194 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-27194 - https://github.com/xmzyshypnc/CVE-2020-27194
CVE-2020-27199 - https://github.com/9lyph/CVE-2020-27199
@@ -88444,6 +88839,7 @@ CVE-2020-27786 - https://github.com/kiks7/CVE-2020-27786-Kernel-Exploit
CVE-2020-27786 - https://github.com/knd06/linux-kernel-exploitation
CVE-2020-27786 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-27786 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-27786 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-27786 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-27787 - https://github.com/Live-Hack-CVE/CVE-2020-27787
CVE-2020-27788 - https://github.com/Live-Hack-CVE/CVE-2020-27788
@@ -88783,6 +89179,7 @@ CVE-2020-2805 - https://github.com/alphaSeclab/sec-daily-2020
CVE-2020-28052 - https://github.com/ARPSyndicate/cvemon
CVE-2020-28052 - https://github.com/Anonymous-Phunter/PHunter
CVE-2020-28052 - https://github.com/CGCL-codes/PHunter
+CVE-2020-28052 - https://github.com/LibHunter/LibHunter
CVE-2020-28052 - https://github.com/Live-Hack-CVE/CVE-2020-2805
CVE-2020-28052 - https://github.com/Live-Hack-CVE/CVE-2020-28052
CVE-2020-28052 - https://github.com/alphaSeclab/sec-daily-2020
@@ -88910,6 +89307,7 @@ CVE-2020-28343 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2020-28343 - https://github.com/knd06/linux-kernel-exploitation
CVE-2020-28343 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-28343 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-28343 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-28343 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-28347 - https://github.com/ARPSyndicate/cvemon
CVE-2020-28347 - https://github.com/rdomanski/Exploits_and_Advisories
@@ -89043,6 +89441,7 @@ CVE-2020-28588 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2020-28588 - https://github.com/knd06/linux-kernel-exploitation
CVE-2020-28588 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-28588 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-28588 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-28588 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-28589 - https://github.com/Live-Hack-CVE/CVE-2020-28589
CVE-2020-28590 - https://github.com/Live-Hack-CVE/CVE-2020-28590
@@ -89171,6 +89570,7 @@ CVE-2020-2880 - https://github.com/MrTuxracer/advisories
CVE-2020-2881 - https://github.com/ARPSyndicate/cvemon
CVE-2020-2881 - https://github.com/MrTuxracer/advisories
CVE-2020-2883 - https://github.com/0x727/JNDIExploit
+CVE-2020-2883 - https://github.com/0xMarcio/cve
CVE-2020-2883 - https://github.com/0xT11/CVE-POC
CVE-2020-2883 - https://github.com/0xdu/WLExploit
CVE-2020-2883 - https://github.com/0xn0ne/weblogicScanner
@@ -89934,6 +90334,7 @@ CVE-2020-3452 - https://github.com/drizzt-do-urden-da-drow/CISCO
CVE-2020-3452 - https://github.com/dwisiswant0/awesome-oneliner-bugbounty
CVE-2020-3452 - https://github.com/faisalfs10x/Cisco-CVE-2020-3452-shodan-scanner
CVE-2020-3452 - https://github.com/faisalfs10x/dirty-scripts
+CVE-2020-3452 - https://github.com/fierceoj/ShonyDanza
CVE-2020-3452 - https://github.com/foulenzer/CVE-2020-3452
CVE-2020-3452 - https://github.com/fuzzlove/Cisco-ASA-FTD-Web-Services-Traversal
CVE-2020-3452 - https://github.com/grim3/CVE-2020-3452
@@ -90576,6 +90977,7 @@ CVE-2020-36180 - https://github.com/ARPSyndicate/cvemon
CVE-2020-36180 - https://github.com/Al1ex/Al1ex
CVE-2020-36180 - https://github.com/Al1ex/CVE-2020-36179
CVE-2020-36180 - https://github.com/Live-Hack-CVE/CVE-2020-36180
+CVE-2020-36180 - https://github.com/enomothem/PenTestNote
CVE-2020-36180 - https://github.com/seal-community/patches
CVE-2020-36181 - https://github.com/Al1ex/Al1ex
CVE-2020-36181 - https://github.com/Al1ex/CVE-2020-36179
@@ -90586,6 +90988,7 @@ CVE-2020-36182 - https://github.com/Al1ex/Al1ex
CVE-2020-36182 - https://github.com/Al1ex/CVE-2020-36179
CVE-2020-36182 - https://github.com/Anonymous-Phunter/PHunter
CVE-2020-36182 - https://github.com/CGCL-codes/PHunter
+CVE-2020-36182 - https://github.com/LibHunter/LibHunter
CVE-2020-36182 - https://github.com/Live-Hack-CVE/CVE-2020-36182
CVE-2020-36182 - https://github.com/seal-community/patches
CVE-2020-36183 - https://github.com/Live-Hack-CVE/CVE-2020-36183
@@ -90917,6 +91320,7 @@ CVE-2020-3680 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2020-3680 - https://github.com/knd06/linux-kernel-exploitation
CVE-2020-3680 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2020-3680 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-3680 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-3680 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-36825 - https://github.com/NaInSec/CVE-LIST
CVE-2020-36825 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -91010,6 +91414,7 @@ CVE-2020-3950 - https://github.com/lnick2023/nicenice
CVE-2020-3950 - https://github.com/mirchr/security-research
CVE-2020-3950 - https://github.com/qazbnm456/awesome-cve-poc
CVE-2020-3950 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
+CVE-2020-3952 - https://github.com/0xMarcio/cve
CVE-2020-3952 - https://github.com/0xMrNiko/Awesome-Red-Teaming
CVE-2020-3952 - https://github.com/0xT11/CVE-POC
CVE-2020-3952 - https://github.com/20142995/sectool
@@ -91925,6 +92330,7 @@ CVE-2020-5902 - https://github.com/elinakrmova/RedTeam-Tools
CVE-2020-5902 - https://github.com/emtee40/win-pentest-tools
CVE-2020-5902 - https://github.com/f5devcentral/cve-2020-5902-ioc-bigip-checker
CVE-2020-5902 - https://github.com/faisalfs10x/F5-BIG-IP-CVE-2020-5902-shodan-scanner
+CVE-2020-5902 - https://github.com/fierceoj/ShonyDanza
CVE-2020-5902 - https://github.com/freeFV/CVE-2020-5902-fofa-scan
CVE-2020-5902 - https://github.com/freeFV/CVE-2020-6308-mass-exploiter
CVE-2020-5902 - https://github.com/gaahrdner/starred
@@ -92392,6 +92798,7 @@ CVE-2020-6425 - https://github.com/Live-Hack-CVE/CVE-2020-6425
CVE-2020-6425 - https://github.com/allpaca/chrome-sbx-db
CVE-2020-6427 - https://github.com/ARPSyndicate/cvemon
CVE-2020-6427 - https://github.com/ferdinandmudjialim/metasploit-cve-search
+CVE-2020-6427 - https://github.com/tunnelcat/metasploit-cve-search
CVE-2020-6431 - https://github.com/Live-Hack-CVE/CVE-2020-6431
CVE-2020-6432 - https://github.com/Live-Hack-CVE/CVE-2020-6432
CVE-2020-6433 - https://github.com/Live-Hack-CVE/CVE-2020-6433
@@ -93395,6 +93802,7 @@ CVE-2020-8012 - https://github.com/wetw0rk/Exploit-Development
CVE-2020-8013 - https://github.com/Live-Hack-CVE/CVE-2020-8013
CVE-2020-8016 - https://github.com/Live-Hack-CVE/CVE-2020-8016
CVE-2020-8017 - https://github.com/Live-Hack-CVE/CVE-2020-8017
+CVE-2020-8022 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2020-8022 - https://github.com/vincent-deng/veracode-container-security-finding-parser
CVE-2020-8023 - https://github.com/404notf0und/CVE-Flow
CVE-2020-8023 - https://github.com/ARPSyndicate/cvemon
@@ -93430,6 +93838,7 @@ CVE-2020-8116 - https://github.com/AleBekk/DependencyCheckParser
CVE-2020-8116 - https://github.com/ossf-cve-benchmark/CVE-2020-8116
CVE-2020-8124 - https://github.com/seal-community/patches
CVE-2020-8130 - https://github.com/ARPSyndicate/cvemon
+CVE-2020-8130 - https://github.com/m-mizutani/octovy
CVE-2020-8130 - https://github.com/m-mizutani/triview
CVE-2020-8130 - https://github.com/wxianfeng/hanzi_to_pinyin
CVE-2020-8135 - https://github.com/ossf-cve-benchmark/CVE-2020-8135
@@ -94109,6 +94518,7 @@ CVE-2020-8597 - https://github.com/WinMin/Protocol-Vul
CVE-2020-8597 - https://github.com/YIXINSHUWU/Penetration_Testing_POC
CVE-2020-8597 - https://github.com/ZTK-009/Penetration_PoC
CVE-2020-8597 - https://github.com/developer3000S/PoC-in-GitHub
+CVE-2020-8597 - https://github.com/dointisme/CVE-2020-8597
CVE-2020-8597 - https://github.com/hasee2018/Penetration_Testing_POC
CVE-2020-8597 - https://github.com/hectorgie/PoC-in-GitHub
CVE-2020-8597 - https://github.com/hktalent/bug-bounty
@@ -94426,6 +94836,7 @@ CVE-2020-8835 - https://github.com/0xT11/CVE-POC
CVE-2020-8835 - https://github.com/ARPSyndicate/cvemon
CVE-2020-8835 - https://github.com/Al1ex/LinuxEelvation
CVE-2020-8835 - https://github.com/De4dCr0w/Linux-kernel-EoP-exp
+CVE-2020-8835 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2020-8835 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2020-8835 - https://github.com/KatsuragiCSL/Presentations-Blogs-Papers-Tutorials-Books
CVE-2020-8835 - https://github.com/OrangeGzY/security-research-learning
@@ -94455,6 +94866,7 @@ CVE-2020-8835 - https://github.com/snappyJack/Rick_write_exp_CVE-2020-8835
CVE-2020-8835 - https://github.com/snorez/ebpf-fuzzer
CVE-2020-8835 - https://github.com/soosmile/POC
CVE-2020-8835 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2020-8835 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2020-8835 - https://github.com/xairy/linux-kernel-exploitation
CVE-2020-8835 - https://github.com/xmzyshypnc/CVE-2020-27194
CVE-2020-8835 - https://github.com/yoniko/gctf21_ebpf
@@ -94475,6 +94887,7 @@ CVE-2020-8840 - https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
CVE-2020-8840 - https://github.com/EchoGin404/-
CVE-2020-8840 - https://github.com/EchoGin404/gongkaishouji
CVE-2020-8840 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
+CVE-2020-8840 - https://github.com/LibHunter/LibHunter
CVE-2020-8840 - https://github.com/Mr-xn/Penetration_Testing_POC
CVE-2020-8840 - https://github.com/NetW0rK1le3r/awesome-hacking-lists
CVE-2020-8840 - https://github.com/OWASP/www-project-ide-vulscanner
@@ -95122,6 +95535,7 @@ CVE-2020-9484 - https://github.com/soosmile/POC
CVE-2020-9484 - https://github.com/taielab/awesome-hacking-lists
CVE-2020-9484 - https://github.com/tdtc7/qps
CVE-2020-9484 - https://github.com/threedr3am/tomcat-cluster-session-sync-exp
+CVE-2020-9484 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2020-9484 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2020-9484 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
CVE-2020-9484 - https://github.com/woods-sega/woodswiki
@@ -95238,6 +95652,7 @@ CVE-2020-9546 - https://github.com/ARPSyndicate/cvemon
CVE-2020-9546 - https://github.com/Anonymous-Phunter/PHunter
CVE-2020-9546 - https://github.com/CGCL-codes/PHunter
CVE-2020-9546 - https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
+CVE-2020-9546 - https://github.com/LibHunter/LibHunter
CVE-2020-9546 - https://github.com/OWASP/www-project-ide-vulscanner
CVE-2020-9546 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
CVE-2020-9546 - https://github.com/lnick2023/nicenice
@@ -95908,6 +96323,7 @@ CVE-2021-0340 - https://github.com/zecool/cve
CVE-2021-0341 - https://github.com/ARPSyndicate/cvemon
CVE-2021-0341 - https://github.com/Anonymous-Phunter/PHunter
CVE-2021-0341 - https://github.com/CGCL-codes/PHunter
+CVE-2021-0341 - https://github.com/LibHunter/LibHunter
CVE-2021-0341 - https://github.com/NicheToolkit/rest-toolkit
CVE-2021-0341 - https://github.com/TinyNiko/android_bulletin_notes
CVE-2021-0341 - https://github.com/au-abd/python-stuff
@@ -96017,6 +96433,7 @@ CVE-2021-0399 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-0399 - https://github.com/nipund513/Exploiting-UAF-by-Ret2bpf-in-Android-Kernel-CVE-2021-0399-
CVE-2021-0399 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2021-0399 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-0399 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-0399 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-0404 - https://github.com/ARPSyndicate/cvemon
CVE-2021-0404 - https://github.com/pokerfacett/MY_CVE_CREDIT
@@ -96441,6 +96858,7 @@ CVE-2021-0920 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-0920 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-0920 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-0920 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-0920 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-0920 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-0928 - https://github.com/ARPSyndicate/cvemon
CVE-2021-0928 - https://github.com/NaInSec/CVE-PoC-in-GitHub
@@ -96494,6 +96912,7 @@ CVE-2021-1048 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-1048 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-1048 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-1048 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-1048 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-1048 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-1049 - https://github.com/ARPSyndicate/cvemon
CVE-2021-1049 - https://github.com/pokerfacett/MY_CVE_CREDIT
@@ -97266,6 +97685,7 @@ CVE-2021-1905 - https://github.com/soosmile/POC
CVE-2021-1905 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-1905 - https://github.com/trhacknon/Pocingit
CVE-2021-1905 - https://github.com/whoforget/CVE-POC
+CVE-2021-1905 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-1905 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-1905 - https://github.com/youwizard/CVE-POC
CVE-2021-1905 - https://github.com/zecool/cve
@@ -97297,6 +97717,7 @@ CVE-2021-1940 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-1940 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-1940 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-1940 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-1940 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-1940 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-1961 - https://github.com/ARPSyndicate/cvemon
CVE-2021-1961 - https://github.com/NaInSec/CVE-PoC-in-GitHub
@@ -97320,6 +97741,7 @@ CVE-2021-1961 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-1961 - https://github.com/tamirzb/CVE-2021-1961
CVE-2021-1961 - https://github.com/trhacknon/Pocingit
CVE-2021-1961 - https://github.com/whoforget/CVE-POC
+CVE-2021-1961 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-1961 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-1961 - https://github.com/youwizard/CVE-POC
CVE-2021-1961 - https://github.com/zecool/cve
@@ -97350,6 +97772,7 @@ CVE-2021-1968 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-1968 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-1968 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-1968 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-1968 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-1968 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-1969 - https://github.com/ARPSyndicate/cvemon
CVE-2021-1969 - https://github.com/kdn111/linux-kernel-exploitation
@@ -97362,6 +97785,7 @@ CVE-2021-1969 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-1969 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-1969 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-1969 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-1969 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-1969 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-1994 - https://github.com/ARPSyndicate/cvemon
CVE-2021-1994 - https://github.com/CVEDB/PoC-List
@@ -97382,6 +97806,7 @@ CVE-2021-20016 - https://github.com/Ostorlab/KEV
CVE-2021-20016 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2021-20016 - https://github.com/r0eXpeR/supplier
CVE-2021-20016 - https://github.com/triw0lf/Security-Matters-22
+CVE-2021-20021 - https://github.com/CVEDB/awesome-cve-repo
CVE-2021-20021 - https://github.com/Ostorlab/KEV
CVE-2021-20021 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2021-20021 - https://github.com/SUPRAAA-1337/CVE-2021-20021
@@ -97515,6 +97940,7 @@ CVE-2021-20167 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2021-20173 - https://github.com/ARPSyndicate/cvemon
CVE-2021-20190 - https://github.com/Anonymous-Phunter/PHunter
CVE-2021-20190 - https://github.com/CGCL-codes/PHunter
+CVE-2021-20190 - https://github.com/LibHunter/LibHunter
CVE-2021-20190 - https://github.com/seal-community/patches
CVE-2021-20191 - https://github.com/ARPSyndicate/cvemon
CVE-2021-20193 - https://github.com/ARPSyndicate/cvemon
@@ -97580,6 +98006,7 @@ CVE-2021-20226 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-20226 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-20226 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-20226 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-20226 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-20226 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-20227 - https://github.com/ARPSyndicate/cvemon
CVE-2021-20228 - https://github.com/equinor/appsec-owasptop10wrkshp
@@ -97882,6 +98309,7 @@ CVE-2021-2109 - https://github.com/Astrogeorgeonethree/Starred
CVE-2021-2109 - https://github.com/Astrogeorgeonethree/Starred2
CVE-2021-2109 - https://github.com/Atem1988/Starred
CVE-2021-2109 - https://github.com/BrittanyKuhn/javascript-tutorial
+CVE-2021-2109 - https://github.com/CLincat/vulcat
CVE-2021-2109 - https://github.com/CVEDB/PoC-List
CVE-2021-2109 - https://github.com/Drun1baby/JavaSecurityLearning
CVE-2021-2109 - https://github.com/EdgeSecurityTeam/Vulnerability
@@ -98293,6 +98721,7 @@ CVE-2021-21315 - https://github.com/20142995/pocsuite3
CVE-2021-21315 - https://github.com/ARPSyndicate/cvemon
CVE-2021-21315 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2021-21315 - https://github.com/CITIZENDOT/CS547-CVEs
+CVE-2021-21315 - https://github.com/CLincat/vulcat
CVE-2021-21315 - https://github.com/Elsfa7-110/kenzer-templates
CVE-2021-21315 - https://github.com/FB-Sec/exploits
CVE-2021-21315 - https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC
@@ -98611,6 +99040,7 @@ CVE-2021-21551 - https://github.com/PwnAwan/EXP-401-OSEE
CVE-2021-21551 - https://github.com/SYRTI/POC_to_review
CVE-2021-21551 - https://github.com/SpikySabra/Kernel-Cactus
CVE-2021-21551 - https://github.com/SyncroScripting/Artichoke_Consulting
+CVE-2021-21551 - https://github.com/TheMalwareGuardian/Awesome-Bootkits-Rootkits-Development
CVE-2021-21551 - https://github.com/WhooAmii/POC_to_review
CVE-2021-21551 - https://github.com/alfarom256/MCP-PoC
CVE-2021-21551 - https://github.com/anquanscan/sec-tools
@@ -98809,6 +99239,7 @@ CVE-2021-21972 - https://github.com/Awrrays/FrameVul
CVE-2021-21972 - https://github.com/B1anda0/CVE-2021-21972
CVE-2021-21972 - https://github.com/BugBlocker/lotus-scripts
CVE-2021-21972 - https://github.com/ByZain/CVE-2021-21972
+CVE-2021-21972 - https://github.com/CLincat/vulcat
CVE-2021-21972 - https://github.com/CVEDB/PoC-List
CVE-2021-21972 - https://github.com/CVEDB/awesome-cve-repo
CVE-2021-21972 - https://github.com/CVEDB/top
@@ -99591,6 +100022,7 @@ CVE-2021-22204 - https://github.com/xhref/OSCP
CVE-2021-22204 - https://github.com/youwizard/CVE-POC
CVE-2021-22204 - https://github.com/zecool/cve
CVE-2021-22205 - https://github.com/0x0021h/expbox
+CVE-2021-22205 - https://github.com/0xMarcio/cve
CVE-2021-22205 - https://github.com/0xget/cve-2001-1473
CVE-2021-22205 - https://github.com/0xn0ne/simple-scanner
CVE-2021-22205 - https://github.com/20142995/Goby
@@ -99630,6 +100062,7 @@ CVE-2021-22205 - https://github.com/Seals6/CVE-2021-22205
CVE-2021-22205 - https://github.com/SexyBeast233/SecBooks
CVE-2021-22205 - https://github.com/Threekiii/Awesome-Exploit
CVE-2021-22205 - https://github.com/Threekiii/Awesome-POC
+CVE-2021-22205 - https://github.com/Threekiii/Awesome-Redteam
CVE-2021-22205 - https://github.com/Threekiii/Vulhub-Reproduce
CVE-2021-22205 - https://github.com/WhooAmii/POC_to_review
CVE-2021-22205 - https://github.com/X1pe0/Automated-Gitlab-RCE
@@ -99778,6 +100211,7 @@ CVE-2021-22555 - https://github.com/DrewSC13/Linpeas
CVE-2021-22555 - https://github.com/EGI-Federation/SVG-advisories
CVE-2021-22555 - https://github.com/Ha0-Y/LinuxKernelExploits
CVE-2021-22555 - https://github.com/Ha0-Y/kernel-exploit-cve
+CVE-2021-22555 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2021-22555 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2021-22555 - https://github.com/JoneyJunior/cve-2021-22555
CVE-2021-22555 - https://github.com/Metarget/awesome-cloud-native-security
@@ -99842,6 +100276,7 @@ CVE-2021-22555 - https://github.com/veritas501/CVE-2021-22555-PipeVersion
CVE-2021-22555 - https://github.com/veritas501/pipe-primitive
CVE-2021-22555 - https://github.com/whoforget/CVE-POC
CVE-2021-22555 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
+CVE-2021-22555 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-22555 - https://github.com/x90hack/vulnerabilty_lab
CVE-2021-22555 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-22555 - https://github.com/xuetusummer/Penetration_Testing_POC
@@ -100269,6 +100704,7 @@ CVE-2021-23134 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-23134 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-23134 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-23134 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-23134 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-23134 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-23166 - https://github.com/ARPSyndicate/cvemon
CVE-2021-23169 - https://github.com/ARPSyndicate/cvemon
@@ -100712,6 +101148,7 @@ CVE-2021-24122 - https://github.com/SexyBeast233/SecBooks
CVE-2021-24122 - https://github.com/Threekiii/Awesome-POC
CVE-2021-24122 - https://github.com/d4n-sec/d4n-sec.github.io
CVE-2021-24122 - https://github.com/mklmfane/betvictor
+CVE-2021-24122 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2021-24122 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2021-24139 - https://github.com/El-Palomo/EVM1
CVE-2021-2414 - https://github.com/20142995/sectool
@@ -101300,6 +101737,7 @@ CVE-2021-25120 - https://github.com/ARPSyndicate/cvemon
CVE-2021-25120 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2021-25122 - https://github.com/ARPSyndicate/cvemon
CVE-2021-25122 - https://github.com/DNTYO/F5_Vulnerability
+CVE-2021-25122 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2021-25122 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2021-25155 - https://github.com/ARPSyndicate/cvemon
CVE-2021-25162 - https://github.com/k0mi-tg/CVE-POC
@@ -101430,6 +101868,7 @@ CVE-2021-25329 - https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
CVE-2021-25329 - https://github.com/Live-Hack-CVE/CVE-2021-25329
CVE-2021-25329 - https://github.com/mklmfane/betvictor
CVE-2021-25329 - https://github.com/raner/projo
+CVE-2021-25329 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2021-25329 - https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
CVE-2021-25337 - https://github.com/Ostorlab/KEV
CVE-2021-25337 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
@@ -101446,6 +101885,7 @@ CVE-2021-25369 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-25369 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-25369 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-25369 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-25369 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-25369 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-25370 - https://github.com/ARPSyndicate/cvemon
CVE-2021-25370 - https://github.com/Ostorlab/KEV
@@ -101460,6 +101900,7 @@ CVE-2021-25370 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-25370 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-25370 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-25370 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-25370 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-25370 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-25371 - https://github.com/Ostorlab/KEV
CVE-2021-25371 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
@@ -101560,6 +102001,7 @@ CVE-2021-25646 - https://github.com/Astrogeorgeonethree/Starred
CVE-2021-25646 - https://github.com/Astrogeorgeonethree/Starred2
CVE-2021-25646 - https://github.com/Atem1988/Starred
CVE-2021-25646 - https://github.com/Awrrays/FrameVul
+CVE-2021-25646 - https://github.com/CLincat/vulcat
CVE-2021-25646 - https://github.com/EdgeSecurityTeam/Vulnerability
CVE-2021-25646 - https://github.com/Elsfa7-110/kenzer-templates
CVE-2021-25646 - https://github.com/FDlucifer/firece-fish
@@ -101816,6 +102258,7 @@ CVE-2021-2608 - https://github.com/20142995/Goby
CVE-2021-2608 - https://github.com/ExpLangcn/FuYao-Go
CVE-2021-26084 - https://github.com/0day404/vulnerability-poc
CVE-2021-26084 - https://github.com/0x727/ShuiZe_0x727
+CVE-2021-26084 - https://github.com/0xMarcio/cve
CVE-2021-26084 - https://github.com/0xMrNiko/Awesome-Red-Teaming
CVE-2021-26084 - https://github.com/0xf4n9x/CVE-2021-26084
CVE-2021-26084 - https://github.com/0xsyr0/OSCP
@@ -101908,6 +102351,7 @@ CVE-2021-26084 - https://github.com/dock0d1/CVE-2021-26084_Confluence
CVE-2021-26084 - https://github.com/dorkerdevil/CVE-2021-26084
CVE-2021-26084 - https://github.com/elinakrmova/RedTeam-Tools
CVE-2021-26084 - https://github.com/emtee40/win-pentest-tools
+CVE-2021-26084 - https://github.com/enomothem/PenTestNote
CVE-2021-26084 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups
CVE-2021-26084 - https://github.com/h3v0x/CVE-2021-26084_Confluence
CVE-2021-26084 - https://github.com/hack-parthsharma/Pentest-Tools
@@ -102002,6 +102446,7 @@ CVE-2021-26085 - https://github.com/d4n-sec/d4n-sec.github.io
CVE-2021-26085 - https://github.com/e-hakson/OSCP
CVE-2021-26085 - https://github.com/eljosep/OSCP-Guide
CVE-2021-26085 - https://github.com/emadshanab/Some-BugBounty-Tips-from-my-Twitter-feed
+CVE-2021-26085 - https://github.com/enomothem/PenTestNote
CVE-2021-26085 - https://github.com/k0mi-tg/CVE-POC
CVE-2021-26085 - https://github.com/kgwanjala/oscp-cheatsheet
CVE-2021-26085 - https://github.com/manas3c/CVE-POC
@@ -102229,6 +102674,7 @@ CVE-2021-26341 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-26341 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-26341 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-26341 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-26341 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-26341 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-26401 - https://github.com/ARPSyndicate/cvemon
CVE-2021-26411 - https://github.com/ARPSyndicate/cvemon
@@ -102384,6 +102830,7 @@ CVE-2021-26708 - https://github.com/soosmile/POC
CVE-2021-26708 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-26708 - https://github.com/trhacknon/Pocingit
CVE-2021-26708 - https://github.com/whoforget/CVE-POC
+CVE-2021-26708 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-26708 - https://github.com/x90hack/vulnerabilty_lab
CVE-2021-26708 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-26708 - https://github.com/xuetusummer/Penetration_Testing_POC
@@ -103446,6 +103893,7 @@ CVE-2021-27363 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-27363 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-27363 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-27363 - https://github.com/teresaweber685/book_list
+CVE-2021-27363 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-27363 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-27364 - https://github.com/ARPSyndicate/cvemon
CVE-2021-27364 - https://github.com/aaronxie55/Presentation2_Markdown
@@ -103463,9 +103911,11 @@ CVE-2021-27364 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-27364 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-27364 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-27364 - https://github.com/teresaweber685/book_list
+CVE-2021-27364 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-27364 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-27365 - https://github.com/ARPSyndicate/cvemon
CVE-2021-27365 - https://github.com/EGI-Federation/SVG-advisories
+CVE-2021-27365 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2021-27365 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2021-27365 - https://github.com/aaronxie55/Presentation2_Markdown
CVE-2021-27365 - https://github.com/bollwarm/SecToolSet
@@ -103484,6 +103934,7 @@ CVE-2021-27365 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-27365 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-27365 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-27365 - https://github.com/teresaweber685/book_list
+CVE-2021-27365 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-27365 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-27370 - https://github.com/ajmalabubakkr/CVE
CVE-2021-27403 - https://github.com/ARPSyndicate/cvemon
@@ -104239,6 +104690,7 @@ CVE-2021-28663 - https://github.com/soosmile/POC
CVE-2021-28663 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-28663 - https://github.com/trhacknon/Pocingit
CVE-2021-28663 - https://github.com/whoforget/CVE-POC
+CVE-2021-28663 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-28663 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-28663 - https://github.com/youwizard/CVE-POC
CVE-2021-28663 - https://github.com/zecool/cve
@@ -104685,6 +105137,7 @@ CVE-2021-29657 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-29657 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-29657 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-29657 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-29657 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-29657 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-29663 - https://github.com/cptsticky/A-0day-Per-Day-Keeps-The-Cope-Away
CVE-2021-29752 - https://github.com/p1ay8y3ar/cve_monitor
@@ -105198,6 +105651,7 @@ CVE-2021-3064 - https://github.com/Lazykakarot1/Learn-365
CVE-2021-3064 - https://github.com/PwnAwan/MindMaps2
CVE-2021-3064 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups
CVE-2021-3064 - https://github.com/harsh-bothra/learn365
+CVE-2021-30640 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2021-30641 - https://github.com/ARPSyndicate/cvemon
CVE-2021-30641 - https://github.com/PierreChrd/py-projet-tut
CVE-2021-30641 - https://github.com/Totes5706/TotesHTB
@@ -105797,6 +106251,7 @@ CVE-2021-31267 - https://github.com/RNBBarrett/CrewAI-examples
CVE-2021-3129 - https://github.com/0day404/vulnerability-poc
CVE-2021-3129 - https://github.com/0day666/Vulnerability-verification
CVE-2021-3129 - https://github.com/0nion1/CVE-2021-3129
+CVE-2021-3129 - https://github.com/0xMarcio/cve
CVE-2021-3129 - https://github.com/0xStrygwyr/OSCP-Guide
CVE-2021-3129 - https://github.com/0xZipp0/OSCP
CVE-2021-3129 - https://github.com/0xaniketB/HackTheBox-Horizontall
@@ -105966,6 +106421,7 @@ CVE-2021-31439 - https://github.com/WinMin/Protocol-Vul
CVE-2021-31440 - https://github.com/ARPSyndicate/cvemon
CVE-2021-31440 - https://github.com/Al1ex/LinuxEelvation
CVE-2021-31440 - https://github.com/ChoKyuWon/exploit_articles
+CVE-2021-31440 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2021-31440 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2021-31440 - https://github.com/XiaozaYa/CVE-Recording
CVE-2021-31440 - https://github.com/adavarski/HomeLab-Proxmox-k8s-DevSecOps-playground
@@ -106935,6 +107391,7 @@ CVE-2021-32606 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-32606 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-32606 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-32606 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-32606 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-32606 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-32615 - https://github.com/2lambda123/CVE-mitre
CVE-2021-32615 - https://github.com/2lambda123/Windows10Exploits
@@ -107215,6 +107672,7 @@ CVE-2021-33034 - https://github.com/zecool/cve
CVE-2021-33035 - https://github.com/ARPSyndicate/cvemon
CVE-2021-33036 - https://github.com/ARPSyndicate/cvemon
CVE-2021-33037 - https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
+CVE-2021-33037 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2021-3304 - https://github.com/ExpLangcn/FuYao-Go
CVE-2021-33044 - https://github.com/20142995/Goby
CVE-2021-33044 - https://github.com/APPHIK/cam
@@ -107723,6 +108181,7 @@ CVE-2021-33909 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2021-33909 - https://github.com/sfowl/deep-directory
CVE-2021-33909 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-33909 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
+CVE-2021-33909 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-33909 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-33909 - https://github.com/xuetusummer/Penetration_Testing_POC
CVE-2021-33910 - https://github.com/ARPSyndicate/cvemon
@@ -108199,6 +108658,7 @@ CVE-2021-34523 - https://github.com/triw0lf/Security-Matters-22
CVE-2021-34523 - https://github.com/weeka10/-hktalent-TOP
CVE-2021-34527 - https://github.com/0x6d69636b/windows_hardening
CVE-2021-34527 - https://github.com/0x727/usefull-elevation-of-privilege
+CVE-2021-34527 - https://github.com/0xMarcio/cve
CVE-2021-34527 - https://github.com/0xStrygwyr/OSCP-Guide
CVE-2021-34527 - https://github.com/0xZipp0/OSCP
CVE-2021-34527 - https://github.com/0xaniketB/HackTheBox-Driver
@@ -108517,6 +108977,7 @@ CVE-2021-34866 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-34866 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-34866 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-34866 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-34866 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-34866 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-3487 - https://github.com/ARPSyndicate/cvemon
CVE-2021-3487 - https://github.com/fluidattacks/makes
@@ -108530,6 +108991,7 @@ CVE-2021-3490 - https://github.com/0xsyr0/OSCP
CVE-2021-3490 - https://github.com/20142995/sectool
CVE-2021-3490 - https://github.com/ARPSyndicate/cvemon
CVE-2021-3490 - https://github.com/Al1ex/LinuxEelvation
+CVE-2021-3490 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2021-3490 - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
CVE-2021-3490 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2021-3490 - https://github.com/Mr-xn/Penetration_Testing_POC
@@ -108566,6 +109028,7 @@ CVE-2021-3490 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-3490 - https://github.com/trhacknon/Pocingit
CVE-2021-3490 - https://github.com/whoforget/CVE-POC
CVE-2021-3490 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
+CVE-2021-3490 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-3490 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-3490 - https://github.com/xuetusummer/Penetration_Testing_POC
CVE-2021-3490 - https://github.com/youwizard/CVE-POC
@@ -108593,10 +109056,12 @@ CVE-2021-3492 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-3492 - https://github.com/synacktiv/CVE-2021-3492
CVE-2021-3492 - https://github.com/trhacknon/Pocingit
CVE-2021-3492 - https://github.com/whoforget/CVE-POC
+CVE-2021-3492 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-3492 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-3492 - https://github.com/youwizard/CVE-POC
CVE-2021-3492 - https://github.com/zecool/cve
CVE-2021-3493 - https://github.com/0day404/vulnerability-poc
+CVE-2021-3493 - https://github.com/0xMarcio/cve
CVE-2021-3493 - https://github.com/0xMat10/eJPT_Prep
CVE-2021-3493 - https://github.com/0xWhoami35/root-kernel
CVE-2021-3493 - https://github.com/0xsyr0/OSCP
@@ -108615,6 +109080,7 @@ CVE-2021-3493 - https://github.com/EdgeSecurityTeam/Vulnerability
CVE-2021-3493 - https://github.com/GhostTroops/TOP
CVE-2021-3493 - https://github.com/GibzB/THM-Captured-Rooms
CVE-2021-3493 - https://github.com/H0j3n/EzpzCheatSheet
+CVE-2021-3493 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2021-3493 - https://github.com/Ishan3011/CVE-2021-3493
CVE-2021-3493 - https://github.com/JERRY123S/all-poc
CVE-2021-3493 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -108689,6 +109155,7 @@ CVE-2021-3493 - https://github.com/txuswashere/OSCP
CVE-2021-3493 - https://github.com/tzwlhack/Vulnerability
CVE-2021-3493 - https://github.com/weeka10/-hktalent-TOP
CVE-2021-3493 - https://github.com/whoforget/CVE-POC
+CVE-2021-3493 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-3493 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-3493 - https://github.com/xhref/OSCP
CVE-2021-3493 - https://github.com/xuetusummer/Penetration_Testing_POC
@@ -109174,6 +109641,7 @@ CVE-2021-3573 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-3573 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-3573 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-3573 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-3573 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-3573 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-3574 - https://github.com/ARPSyndicate/cvemon
CVE-2021-3574 - https://github.com/ZhanyongTang/NISL-BugDetection
@@ -109278,6 +109746,7 @@ CVE-2021-3609 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-3609 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-3609 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-3609 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-3609 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-3609 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-36090 - https://github.com/ARPSyndicate/cvemon
CVE-2021-36090 - https://github.com/CodeIntelligenceTesting/jazzer
@@ -109342,6 +109811,7 @@ CVE-2021-3625 - https://github.com/whoforget/CVE-POC
CVE-2021-3625 - https://github.com/youwizard/CVE-POC
CVE-2021-3626 - https://github.com/ExpLangcn/FuYao-Go
CVE-2021-36260 - https://github.com/0day404/vulnerability-poc
+CVE-2021-36260 - https://github.com/0xMarcio/cve
CVE-2021-36260 - https://github.com/1f3lse/taiE
CVE-2021-36260 - https://github.com/20142995/Goby
CVE-2021-36260 - https://github.com/20142995/sectool
@@ -109579,6 +110049,7 @@ CVE-2021-36749 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2021-36749 - https://github.com/ArrestX/--POC
CVE-2021-36749 - https://github.com/Awrrays/FrameVul
CVE-2021-36749 - https://github.com/BrucessKING/CVE-2021-36749
+CVE-2021-36749 - https://github.com/CLincat/vulcat
CVE-2021-36749 - https://github.com/HimmelAward/Goby_POC
CVE-2021-36749 - https://github.com/Ilovewomen/db_script_v2
CVE-2021-36749 - https://github.com/Ilovewomen/db_script_v2_2
@@ -109980,6 +110451,7 @@ CVE-2021-3715 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-3715 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-3715 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-3715 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-3715 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-3715 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-37152 - https://github.com/ARPSyndicate/cvemon
CVE-2021-37152 - https://github.com/SecurityAnalysts/CVE-2021-37152
@@ -110561,6 +111033,7 @@ CVE-2021-38646 - https://github.com/ARPSyndicate/cvemon
CVE-2021-38646 - https://github.com/Ostorlab/KEV
CVE-2021-38646 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2021-38646 - https://github.com/Spacial/awesome-csirt
+CVE-2021-38647 - https://github.com/0xMarcio/cve
CVE-2021-38647 - https://github.com/ARPSyndicate/cvemon
CVE-2021-38647 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2021-38647 - https://github.com/AlteredSecurity/CVE-2021-38647
@@ -111135,6 +111608,7 @@ CVE-2021-39815 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-39815 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-39815 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-39815 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-39815 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-39815 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-39823 - https://github.com/ARPSyndicate/cvemon
CVE-2021-39829 - https://github.com/0xCyberY/CVE-T4PDF
@@ -111359,6 +111833,7 @@ CVE-2021-4034 - https://github.com/GibzB/THM-Captured-Rooms
CVE-2021-4034 - https://github.com/H3arn/hackergame-2022-writeup
CVE-2021-4034 - https://github.com/HadessCS/Awesome-Privilege-Escalation
CVE-2021-4034 - https://github.com/HattMobb/TryHackMe-Bugle-Machine-Writeup-Walkthrough
+CVE-2021-4034 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2021-4034 - https://github.com/HellGateCorp/pwnkit
CVE-2021-4034 - https://github.com/HrishitJoshi/CVE-2021-4034
CVE-2021-4034 - https://github.com/IBM-Cloud/vpc-ha-iac
@@ -112433,6 +112908,7 @@ CVE-2021-41073 - https://github.com/0ptyx/cve-2024-0582
CVE-2021-41073 - https://github.com/ARPSyndicate/cvemon
CVE-2021-41073 - https://github.com/Ch4nc3n/PublicExploitation
CVE-2021-41073 - https://github.com/DarkFunct/CVE_Exploits
+CVE-2021-41073 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2021-41073 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2021-41073 - https://github.com/NaInSec/CVE-PoC-in-GitHub
CVE-2021-41073 - https://github.com/SYRTI/POC_to_review
@@ -112457,6 +112933,7 @@ CVE-2021-41073 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-41073 - https://github.com/star-sg/CVE
CVE-2021-41073 - https://github.com/trhacknon/CVE2
CVE-2021-41073 - https://github.com/trhacknon/Pocingit
+CVE-2021-41073 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-41073 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-41073 - https://github.com/zecool/cve
CVE-2021-41073 - https://github.com/zzcentury/PublicExploitation
@@ -112472,6 +112949,7 @@ CVE-2021-41078 - https://github.com/trhacknon/Pocingit
CVE-2021-41078 - https://github.com/zecool/cve
CVE-2021-41079 - https://github.com/ARPSyndicate/cvemon
CVE-2021-41079 - https://github.com/chnzzh/OpenSSL-CVE-lib
+CVE-2021-41079 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2021-41081 - https://github.com/ARPSyndicate/cvemon
CVE-2021-41081 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2021-41081 - https://github.com/soosmile/POC
@@ -112917,6 +113395,7 @@ CVE-2021-41511 - https://github.com/vidvansh/CVE-2021-41511
CVE-2021-41526 - https://github.com/RonnieSalomonsen/My-CVEs
CVE-2021-41526 - https://github.com/pawlokk/mindmanager-poc
CVE-2021-4154 - https://github.com/ARPSyndicate/cvemon
+CVE-2021-4154 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2021-4154 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2021-4154 - https://github.com/Markakd/CVE-2021-4154
CVE-2021-4154 - https://github.com/Markakd/DirtyCred
@@ -113515,6 +113994,7 @@ CVE-2021-42008 - https://github.com/0xdevil/CVE-2021-42008
CVE-2021-42008 - https://github.com/ARPSyndicate/cvemon
CVE-2021-42008 - https://github.com/Al1ex/LinuxEelvation
CVE-2021-42008 - https://github.com/BachoSeven/stellestelline
+CVE-2021-42008 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2021-42008 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2021-42008 - https://github.com/NaInSec/CVE-PoC-in-GitHub
CVE-2021-42008 - https://github.com/SYRTI/POC_to_review
@@ -113537,6 +114017,7 @@ CVE-2021-42008 - https://github.com/numanturle/CVE-2021-42008
CVE-2021-42008 - https://github.com/soosmile/POC
CVE-2021-42008 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-42008 - https://github.com/trhacknon/Pocingit
+CVE-2021-42008 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-42008 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-42008 - https://github.com/zecool/cve
CVE-2021-42013 - https://github.com/0day404/vulnerability-poc
@@ -113721,6 +114202,7 @@ CVE-2021-4204 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-4204 - https://github.com/tr3ee/CVE-2021-4204
CVE-2021-4204 - https://github.com/trhacknon/Pocingit
CVE-2021-4204 - https://github.com/whoforget/CVE-POC
+CVE-2021-4204 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-4204 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-4204 - https://github.com/xuetusummer/Penetration_Testing_POC
CVE-2021-4204 - https://github.com/youwizard/CVE-POC
@@ -114269,6 +114751,7 @@ CVE-2021-42327 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2021-42327 - https://github.com/soosmile/POC
CVE-2021-42327 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-42327 - https://github.com/trhacknon/Pocingit
+CVE-2021-42327 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-42327 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-42327 - https://github.com/zecool/cve
CVE-2021-42337 - https://github.com/aalexpereira/pipelines-tricks
@@ -114820,6 +115303,7 @@ CVE-2021-43267 - https://github.com/0x0021h/expbox
CVE-2021-43267 - https://github.com/ARPSyndicate/cvemon
CVE-2021-43267 - https://github.com/Al1ex/LinuxEelvation
CVE-2021-43267 - https://github.com/DarkSprings/CVE-2021-43267-POC
+CVE-2021-43267 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2021-43267 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2021-43267 - https://github.com/aixcc-public/challenge-001-exemplar
CVE-2021-43267 - https://github.com/bcoles/kasld
@@ -114840,6 +115324,7 @@ CVE-2021-43267 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2021-43267 - https://github.com/ohnonoyesyes/CVE-2021-43267
CVE-2021-43267 - https://github.com/soosmile/POC
CVE-2021-43267 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-43267 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-43267 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-43267 - https://github.com/zzhacked/CVE-2021-43267
CVE-2021-4328 - https://github.com/ExpLangcn/FuYao-Go
@@ -114849,6 +115334,7 @@ CVE-2021-43287 - https://github.com/20142995/pocsuite3
CVE-2021-43287 - https://github.com/ARPSyndicate/cvemon
CVE-2021-43287 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2021-43287 - https://github.com/ArrestX/--POC
+CVE-2021-43287 - https://github.com/CLincat/vulcat
CVE-2021-43287 - https://github.com/HimmelAward/Goby_POC
CVE-2021-43287 - https://github.com/KayCHENvip/vulnerability-poc
CVE-2021-43287 - https://github.com/Miraitowa70/POC-Notes
@@ -115112,6 +115598,7 @@ CVE-2021-43797 - https://github.com/cezapata/appconfiguration-sample
CVE-2021-43798 - https://github.com/0day404/vulnerability-poc
CVE-2021-43798 - https://github.com/0x783kb/Security-operation-book
CVE-2021-43798 - https://github.com/0xAwali/Virtual-Host
+CVE-2021-43798 - https://github.com/0xMarcio/cve
CVE-2021-43798 - https://github.com/20142995/Goby
CVE-2021-43798 - https://github.com/20142995/pocsuite3
CVE-2021-43798 - https://github.com/20142995/sectool
@@ -115428,6 +115915,7 @@ CVE-2021-43975 - https://github.com/ARPSyndicate/cvemon
CVE-2021-43976 - https://github.com/ARPSyndicate/cvemon
CVE-2021-43980 - https://github.com/ARPSyndicate/cvemon
CVE-2021-43980 - https://github.com/sr-monika/sprint-rest
+CVE-2021-43980 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2021-43997 - https://github.com/espressif/esp-idf-sbom
CVE-2021-44001 - https://github.com/0xCyberY/CVE-T4PDF
CVE-2021-44001 - https://github.com/ARPSyndicate/cvemon
@@ -115811,6 +116299,7 @@ CVE-2021-44228 - https://github.com/Lejeremiah/docker_images
CVE-2021-44228 - https://github.com/LemonCraftRu/JndiRemover
CVE-2021-44228 - https://github.com/LeonardoE95/yt-it
CVE-2021-44228 - https://github.com/Lercas/CVE_scoring
+CVE-2021-44228 - https://github.com/LibHunter/LibHunter
CVE-2021-44228 - https://github.com/Liderbord/Log4j-Security
CVE-2021-44228 - https://github.com/LinkMJB/log4shell_scanner
CVE-2021-44228 - https://github.com/Live-Hack-CVE/CVE-2021-4104
@@ -116293,6 +116782,7 @@ CVE-2021-44228 - https://github.com/eljosep/OSCP-Guide
CVE-2021-44228 - https://github.com/emadshanab/Nuclei-Templates-Collection
CVE-2021-44228 - https://github.com/emilywang0/CVE_testing_VULN
CVE-2021-44228 - https://github.com/emilywang0/MergeBase_test_vuln
+CVE-2021-44228 - https://github.com/enomothem/PenTestNote
CVE-2021-44228 - https://github.com/erickrr-bd/TekiumLog4jApp
CVE-2021-44228 - https://github.com/ericmedina024/JndiLookupRemover
CVE-2021-44228 - https://github.com/erikschippers/Log4J-Hyper-V-Script
@@ -117348,6 +117838,7 @@ CVE-2021-44733 - https://github.com/pjlantz/optee-qemu
CVE-2021-44733 - https://github.com/soosmile/POC
CVE-2021-44733 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2021-44733 - https://github.com/trhacknon/Pocingit
+CVE-2021-44733 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-44733 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-44733 - https://github.com/zecool/cve
CVE-2021-44735 - https://github.com/defensor/CVE-2021-44735
@@ -117500,6 +117991,7 @@ CVE-2021-44906 - https://github.com/seal-community/patches
CVE-2021-44906 - https://github.com/trong0dn/eth-todo-list
CVE-2021-44909 - https://github.com/g1thub3r1st4/CVE-2021-44909
CVE-2021-44910 - https://github.com/dockererr/CVE-2021-44910_SpringBlade
+CVE-2021-44910 - https://github.com/enomothem/PenTestNote
CVE-2021-44915 - https://github.com/superlink996/chunqiuyunjingbachang
CVE-2021-44916 - https://github.com/ARPSyndicate/cvemon
CVE-2021-44956 - https://github.com/ARPSyndicate/cvemon
@@ -117633,6 +118125,7 @@ CVE-2021-45046 - https://github.com/HackJava/Log4j2
CVE-2021-45046 - https://github.com/HynekPetrak/log4shell-finder
CVE-2021-45046 - https://github.com/ITninja04/awesome-stars
CVE-2021-45046 - https://github.com/JERRY123S/all-poc
+CVE-2021-45046 - https://github.com/LibHunter/LibHunter
CVE-2021-45046 - https://github.com/LoliKingdom/NukeJndiLookupFromLog4j
CVE-2021-45046 - https://github.com/MLX15/log4j-scan
CVE-2021-45046 - https://github.com/Maelstromage/Log4jSherlock
@@ -118163,6 +118656,7 @@ CVE-2021-45608 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2021-45608 - https://github.com/knd06/linux-kernel-exploitation
CVE-2021-45608 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2021-45608 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2021-45608 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2021-45608 - https://github.com/xairy/linux-kernel-exploitation
CVE-2021-45733 - https://github.com/ARPSyndicate/cvemon
CVE-2021-45733 - https://github.com/pjqwudi/my_vuln
@@ -118974,6 +119468,7 @@ CVE-2022-0185 - https://github.com/EGI-Federation/SVG-advisories
CVE-2022-0185 - https://github.com/GhostTroops/TOP
CVE-2022-0185 - https://github.com/Ha0-Y/LinuxKernelExploits
CVE-2022-0185 - https://github.com/Ha0-Y/kernel-exploit-cve
+CVE-2022-0185 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-0185 - https://github.com/JERRY123S/all-poc
CVE-2022-0185 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-0185 - https://github.com/Metarget/metarget
@@ -119035,6 +119530,7 @@ CVE-2022-0185 - https://github.com/veritas501/CVE-2022-0185-PipeVersion
CVE-2022-0185 - https://github.com/veritas501/pipe-primitive
CVE-2022-0185 - https://github.com/weeka10/-hktalent-TOP
CVE-2022-0185 - https://github.com/whoforget/CVE-POC
+CVE-2022-0185 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-0185 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-0185 - https://github.com/xuetusummer/Penetration_Testing_POC
CVE-2022-0185 - https://github.com/youwizard/CVE-POC
@@ -119329,6 +119825,7 @@ CVE-2022-0435 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2022-0435 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-0435 - https://github.com/teresaweber685/book_list
CVE-2022-0435 - https://github.com/whoforget/CVE-POC
+CVE-2022-0435 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-0435 - https://github.com/wlswotmd/CVE-2022-0435
CVE-2022-0435 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-0435 - https://github.com/youwizard/CVE-POC
@@ -119587,6 +120084,7 @@ CVE-2022-0543 - https://github.com/zyylhn/zscan
CVE-2022-0547 - https://github.com/ARPSyndicate/cvemon
CVE-2022-0554 - https://github.com/ARPSyndicate/cvemon
CVE-2022-0557 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-0557 - https://github.com/AggressiveUser/AggressiveUser
CVE-2022-0557 - https://github.com/Enes4xd/Enes4xd
CVE-2022-0557 - https://github.com/cr0ss2018/cr0ss2018
CVE-2022-0557 - https://github.com/enesamaafkolan/enesamaafkolan
@@ -119604,6 +120102,7 @@ CVE-2022-0563 - https://github.com/amartingarcia/kubernetes-cks-training
CVE-2022-0563 - https://github.com/cdupuis/image-api
CVE-2022-0563 - https://github.com/denoslab/ensf400-lab10-ssc
CVE-2022-0563 - https://github.com/fokypoky/places-list
+CVE-2022-0563 - https://github.com/m-pasima/CI-CD-Security-image-scan
CVE-2022-0563 - https://github.com/mauraneh/WIK-DPS-TP02
CVE-2022-0563 - https://github.com/testing-felickz/docker-scout-demo
CVE-2022-0563 - https://github.com/toyhoshi/helm
@@ -120029,6 +120528,7 @@ CVE-2022-0847 - https://github.com/Gustavo-Nogueira/Dirty-Pipe-Exploits
CVE-2022-0847 - https://github.com/Ha0-Y/LinuxKernelExploits
CVE-2022-0847 - https://github.com/Ha0-Y/kernel-exploit-cve
CVE-2022-0847 - https://github.com/HadessCS/Awesome-Privilege-Escalation
+CVE-2022-0847 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-0847 - https://github.com/IHenakaarachchi/debian11-dirty_pipe-patcher
CVE-2022-0847 - https://github.com/ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit
CVE-2022-0847 - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
@@ -120287,6 +120787,7 @@ CVE-2022-0847 - https://github.com/wechicken456/Linux-kernel
CVE-2022-0847 - https://github.com/weeka10/-hktalent-TOP
CVE-2022-0847 - https://github.com/whoami-chmod777/Hacking-Articles-Linux-Privilege-Escalation-
CVE-2022-0847 - https://github.com/whoforget/CVE-POC
+CVE-2022-0847 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-0847 - https://github.com/wpressly/exploitations
CVE-2022-0847 - https://github.com/x90hack/vulnerabilty_lab
CVE-2022-0847 - https://github.com/xairy/linux-kernel-exploitation
@@ -120448,6 +120949,7 @@ CVE-2022-0995 - https://github.com/CVEDB/awesome-cve-repo
CVE-2022-0995 - https://github.com/CVEDB/top
CVE-2022-0995 - https://github.com/Ch4nc3n/PublicExploitation
CVE-2022-0995 - https://github.com/GhostTroops/TOP
+CVE-2022-0995 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-0995 - https://github.com/JERRY123S/all-poc
CVE-2022-0995 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-0995 - https://github.com/Metarget/metarget
@@ -120483,6 +120985,7 @@ CVE-2022-0995 - https://github.com/tanjiti/sec_profile
CVE-2022-0995 - https://github.com/trhacknon/Pocingit
CVE-2022-0995 - https://github.com/weeka10/-hktalent-TOP
CVE-2022-0995 - https://github.com/whoforget/CVE-POC
+CVE-2022-0995 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-0995 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-0995 - https://github.com/xuetusummer/Penetration_Testing_POC
CVE-2022-0995 - https://github.com/youwizard/CVE-POC
@@ -120537,6 +121040,7 @@ CVE-2022-1015 - https://github.com/0range1337/CVE-2022-1015
CVE-2022-1015 - https://github.com/ARPSyndicate/cvemon
CVE-2022-1015 - https://github.com/EGI-Federation/SVG-advisories
CVE-2022-1015 - https://github.com/H4K6/CVE-2023-0179-PoC
+CVE-2022-1015 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-1015 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-1015 - https://github.com/Mr-xn/Penetration_Testing_POC
CVE-2022-1015 - https://github.com/NaInSec/CVE-PoC-in-GitHub
@@ -120576,6 +121080,7 @@ CVE-2022-1015 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-1015 - https://github.com/trhacknon/Pocingit
CVE-2022-1015 - https://github.com/wechicken456/Linux-kernel
CVE-2022-1015 - https://github.com/whoforget/CVE-POC
+CVE-2022-1015 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-1015 - https://github.com/wlswotmd/CVE-2022-1015
CVE-2022-1015 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-1015 - https://github.com/xuetusummer/Penetration_Testing_POC
@@ -120596,6 +121101,7 @@ CVE-2022-1016 - https://github.com/knd06/linux-kernel-exploitation
CVE-2022-1016 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2022-1016 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-1016 - https://github.com/wechicken456/Linux-kernel
+CVE-2022-1016 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-1016 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-1016 - https://github.com/yaobinwen/robin_on_rails
CVE-2022-1016 - https://github.com/zanezhub/CVE-2022-1015-1016
@@ -120796,6 +121302,7 @@ CVE-2022-1163 - https://github.com/AggressiveUser/AggressiveUser.github.io
CVE-2022-1166 - https://github.com/ARPSyndicate/cvemon
CVE-2022-1168 - https://github.com/ARPSyndicate/cvemon
CVE-2022-1168 - https://github.com/ARPSyndicate/kenzer-templates
+CVE-2022-1172 - https://github.com/Joe1sn/Joe1sn
CVE-2022-1175 - https://github.com/ARPSyndicate/cvemon
CVE-2022-1175 - https://github.com/Greenwolf/CVE-2022-1175
CVE-2022-1175 - https://github.com/NaInSec/CVE-PoC-in-GitHub
@@ -120995,6 +121502,7 @@ CVE-2022-1388 - https://github.com/0day404/vulnerability-poc
CVE-2022-1388 - https://github.com/0x783kb/Security-operation-book
CVE-2022-1388 - https://github.com/0x7eTeam/CVE-2022-1388-PocExp
CVE-2022-1388 - https://github.com/0xAgun/CVE-2022-1388
+CVE-2022-1388 - https://github.com/0xMarcio/cve
CVE-2022-1388 - https://github.com/0xf4n9x/CVE-2022-1388
CVE-2022-1388 - https://github.com/20142995/Goby
CVE-2022-1388 - https://github.com/20142995/pocsuite3
@@ -121272,6 +121780,7 @@ CVE-2022-1527 - https://github.com/ARPSyndicate/cvemon
CVE-2022-1527 - https://github.com/agrawalsmart7/scodescanner
CVE-2022-1528 - https://github.com/ARPSyndicate/cvemon
CVE-2022-1529 - https://github.com/mistymntncop/CVE-2022-1802
+CVE-2022-1530 - https://github.com/AggressiveUser/AggressiveUser
CVE-2022-1532 - https://github.com/ARPSyndicate/cvemon
CVE-2022-1532 - https://github.com/agrawalsmart7/scodescanner
CVE-2022-1537 - https://github.com/ARPSyndicate/cvemon
@@ -121297,6 +121806,7 @@ CVE-2022-1586 - https://github.com/vulnersCom/vulners-sbom-parser
CVE-2022-1587 - https://github.com/ARPSyndicate/cvemon
CVE-2022-1587 - https://github.com/vulnersCom/vulners-sbom-parser
CVE-2022-1588 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-1588 - https://github.com/AggressiveUser/AggressiveUser
CVE-2022-1590 - https://github.com/karimhabush/cyberowl
CVE-2022-1591 - https://github.com/ARPSyndicate/cvemon
CVE-2022-1592 - https://github.com/ARPSyndicate/cvemon
@@ -121458,6 +121968,7 @@ CVE-2022-1786 - https://github.com/knd06/linux-kernel-exploitation
CVE-2022-1786 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2022-1786 - https://github.com/scratchadams/Heap-Resources
CVE-2022-1786 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2022-1786 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-1786 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-1787 - https://github.com/ARPSyndicate/cvemon
CVE-2022-1793 - https://github.com/ARPSyndicate/cvemon
@@ -121646,6 +122157,7 @@ CVE-2022-1972 - https://github.com/randorisec/CVE-2022-1972-infoleak-PoC
CVE-2022-1972 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-1972 - https://github.com/trhacknon/Pocingit
CVE-2022-1972 - https://github.com/whoforget/CVE-POC
+CVE-2022-1972 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-1972 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-1972 - https://github.com/xuetusummer/Penetration_Testing_POC
CVE-2022-1972 - https://github.com/youwizard/CVE-POC
@@ -121664,6 +122176,7 @@ CVE-2022-2000000 - https://github.com/clj-holmes/clj-watson
CVE-2022-20001 - https://github.com/Live-Hack-CVE/CVE-2022-20001
CVE-2022-20004 - https://github.com/ARPSyndicate/cvemon
CVE-2022-20004 - https://github.com/CVEDB/PoC-List
+CVE-2022-20004 - https://github.com/CVEDB/awesome-cve-repo
CVE-2022-20004 - https://github.com/Live-Hack-CVE/CVE-2022-2000
CVE-2022-20004 - https://github.com/NaInSec/CVE-PoC-in-GitHub
CVE-2022-20004 - https://github.com/SYRTI/POC_to_review
@@ -121679,6 +122192,7 @@ CVE-2022-20004 - https://github.com/youwizard/CVE-POC
CVE-2022-20004 - https://github.com/zecool/cve
CVE-2022-20005 - https://github.com/ARPSyndicate/cvemon
CVE-2022-20005 - https://github.com/CVEDB/PoC-List
+CVE-2022-20005 - https://github.com/CVEDB/awesome-cve-repo
CVE-2022-20005 - https://github.com/Live-Hack-CVE/CVE-2022-2000
CVE-2022-20005 - https://github.com/NaInSec/CVE-PoC-in-GitHub
CVE-2022-20005 - https://github.com/SYRTI/POC_to_review
@@ -121701,6 +122215,7 @@ CVE-2022-20006 - https://github.com/rajbhx/Awesome-Android-Security-Clone
CVE-2022-20006 - https://github.com/saeidshirazi/awesome-android-security
CVE-2022-20007 - https://github.com/ARPSyndicate/cvemon
CVE-2022-20007 - https://github.com/CVEDB/PoC-List
+CVE-2022-20007 - https://github.com/CVEDB/awesome-cve-repo
CVE-2022-20007 - https://github.com/Live-Hack-CVE/CVE-2022-2000
CVE-2022-20007 - https://github.com/NaInSec/CVE-PoC-in-GitHub
CVE-2022-20007 - https://github.com/SYRTI/POC_to_review
@@ -121781,6 +122296,7 @@ CVE-2022-20122 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2022-20122 - https://github.com/knd06/linux-kernel-exploitation
CVE-2022-20122 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2022-20122 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2022-20122 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-20122 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-20124 - https://github.com/ARPSyndicate/cvemon
CVE-2022-20124 - https://github.com/Live-Hack-CVE/CVE-2022-20124
@@ -121911,6 +122427,7 @@ CVE-2022-20186 - https://github.com/s1204-inspect/CVE-2022-20186_CTXZ
CVE-2022-20186 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-20186 - https://github.com/trhacknon/Pocingit
CVE-2022-20186 - https://github.com/whoforget/CVE-POC
+CVE-2022-20186 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-20186 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-20186 - https://github.com/youwizard/CVE-POC
CVE-2022-20186 - https://github.com/zecool/cve
@@ -122201,6 +122718,7 @@ CVE-2022-2068 - https://github.com/tianocore-docs/ThirdPartySecurityAdvisories
CVE-2022-20685 - https://github.com/T-JN/Research-the-Model-of-Increasing-Reliability-of-the-Intrusion-Detection-System
CVE-2022-20698 - https://github.com/ARPSyndicate/cvemon
CVE-2022-20698 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2022-20699 - https://github.com/0xMarcio/cve
CVE-2022-20699 - https://github.com/ARPSyndicate/cvemon
CVE-2022-20699 - https://github.com/Audiobahn/CVE-2022-20699
CVE-2022-20699 - https://github.com/CVEDB/awesome-cve-repo
@@ -122275,6 +122793,7 @@ CVE-2022-2078 - https://github.com/knd06/linux-kernel-exploitation
CVE-2022-2078 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2022-2078 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2022-2078 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2022-2078 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-2078 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-20784 - https://github.com/karimhabush/cyberowl
CVE-2022-20785 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -123030,6 +123549,7 @@ CVE-2022-21887 - https://github.com/trhacknon/Pocingit
CVE-2022-21887 - https://github.com/whoforget/CVE-POC
CVE-2022-21887 - https://github.com/youwizard/CVE-POC
CVE-2022-21887 - https://github.com/zecool/cve
+CVE-2022-21894 - https://github.com/0xMarcio/cve
CVE-2022-21894 - https://github.com/ARPSyndicate/cvemon
CVE-2022-21894 - https://github.com/ASkyeye/CVE-2022-21894-Payload
CVE-2022-21894 - https://github.com/CVEDB/awesome-cve-repo
@@ -123083,6 +123603,7 @@ CVE-2022-21906 - https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of
CVE-2022-21906 - https://github.com/nu11secur1ty/CVE-mitre
CVE-2022-21906 - https://github.com/nu11secur1ty/CVE-nu11secur1ty
CVE-2022-21906 - https://github.com/nu11secur1ty/Windows10Exploits
+CVE-2022-21907 - https://github.com/0xMarcio/cve
CVE-2022-21907 - https://github.com/0xmaximus/Home-Demolisher
CVE-2022-21907 - https://github.com/20142995/sectool
CVE-2022-21907 - https://github.com/2lambda123/CVE-mitre
@@ -123339,6 +123860,7 @@ CVE-2022-22005 - https://github.com/Creamy-Chicken-Soup/writeups-about-analysis-
CVE-2022-22012 - https://github.com/ARPSyndicate/cvemon
CVE-2022-22017 - https://github.com/ARPSyndicate/cvemon
CVE-2022-2202 - https://github.com/CrossC2/CrossC2Kit
+CVE-2022-2202 - https://github.com/m-mizutani/octovy
CVE-2022-22022 - https://github.com/ARPSyndicate/cvemon
CVE-2022-22022 - https://github.com/Cruxer8Mech/Idk
CVE-2022-22022 - https://github.com/NaInSec/CVE-PoC-in-GitHub
@@ -123412,6 +123934,7 @@ CVE-2022-22057 - https://github.com/knd06/linux-kernel-exploitation
CVE-2022-22057 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2022-22057 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2022-22057 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2022-22057 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-22057 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-2206 - https://github.com/ARPSyndicate/cvemon
CVE-2022-22063 - https://github.com/k0mi-tg/CVE-POC
@@ -123745,6 +124268,7 @@ CVE-2022-22718 - https://github.com/youwizard/CVE-POC
CVE-2022-22718 - https://github.com/zecool/cve
CVE-2022-22719 - https://github.com/8ctorres/SIND-Practicas
CVE-2022-22719 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-22719 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-22719 - https://github.com/PierreChrd/py-projet-tut
CVE-2022-22719 - https://github.com/Totes5706/TotesHTB
CVE-2022-22719 - https://github.com/bioly230/THM_Skynet
@@ -123753,6 +124277,7 @@ CVE-2022-22719 - https://github.com/kasem545/vulnsearch
CVE-2022-22720 - https://github.com/8ctorres/SIND-Practicas
CVE-2022-22720 - https://github.com/ARPSyndicate/cvemon
CVE-2022-22720 - https://github.com/Benasin/CVE-2022-22720
+CVE-2022-22720 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-22720 - https://github.com/PierreChrd/py-projet-tut
CVE-2022-22720 - https://github.com/Totes5706/TotesHTB
CVE-2022-22720 - https://github.com/bioly230/THM_Skynet
@@ -123761,6 +124286,7 @@ CVE-2022-22720 - https://github.com/kasem545/vulnsearch
CVE-2022-22720 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2022-22721 - https://github.com/8ctorres/SIND-Practicas
CVE-2022-22721 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-22721 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-22721 - https://github.com/PierreChrd/py-projet-tut
CVE-2022-22721 - https://github.com/Totes5706/TotesHTB
CVE-2022-22721 - https://github.com/bioly230/THM_Skynet
@@ -124176,6 +124702,7 @@ CVE-2022-22947 - https://github.com/dbgee/CVE-2022-22947
CVE-2022-22947 - https://github.com/debug4you/CVE-2022-22947
CVE-2022-22947 - https://github.com/dingxiao77/-cve-2022-22947-
CVE-2022-22947 - https://github.com/dravenww/curated-article
+CVE-2022-22947 - https://github.com/enomothem/PenTestNote
CVE-2022-22947 - https://github.com/expzhizhuo/Burp_VulPscan
CVE-2022-22947 - https://github.com/fbion/CVE-2022-22947
CVE-2022-22947 - https://github.com/flying0er/CVE-2022-22947-goby
@@ -125399,6 +125926,7 @@ CVE-2022-23222 - https://github.com/CVEDB/top
CVE-2022-23222 - https://github.com/Ch4nc3n/PublicExploitation
CVE-2022-23222 - https://github.com/FridayOrtiz/CVE-2022-23222
CVE-2022-23222 - https://github.com/GhostTroops/TOP
+CVE-2022-23222 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-23222 - https://github.com/JERRY123S/all-poc
CVE-2022-23222 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-23222 - https://github.com/KayCHENvip/vulnerability-poc
@@ -125443,6 +125971,7 @@ CVE-2022-23222 - https://github.com/tr3ee/CVE-2022-23222
CVE-2022-23222 - https://github.com/trhacknon/Pocingit
CVE-2022-23222 - https://github.com/weeka10/-hktalent-TOP
CVE-2022-23222 - https://github.com/whoforget/CVE-POC
+CVE-2022-23222 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-23222 - https://github.com/wxrdnx/bpf_exploit_template
CVE-2022-23222 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-23222 - https://github.com/xuetusummer/Penetration_Testing_POC
@@ -126044,6 +126573,7 @@ CVE-2022-23940 - https://github.com/youwizard/CVE-POC
CVE-2022-23940 - https://github.com/zecool/cve
CVE-2022-23942 - https://github.com/karimhabush/cyberowl
CVE-2022-23943 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-23943 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-23943 - https://github.com/PierreChrd/py-projet-tut
CVE-2022-23943 - https://github.com/Totes5706/TotesHTB
CVE-2022-23943 - https://github.com/bioly230/THM_Skynet
@@ -126543,6 +127073,7 @@ CVE-2022-24354 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2022-24354 - https://github.com/knd06/linux-kernel-exploitation
CVE-2022-24354 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2022-24354 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2022-24354 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-24354 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-24355 - https://github.com/ARPSyndicate/cvemon
CVE-2022-24355 - https://github.com/Tig3rHu/Awesome_IOT_Vul_lib
@@ -127132,6 +127663,7 @@ CVE-2022-24891 - https://github.com/razermuse/enum_cvss
CVE-2022-24893 - https://github.com/ARPSyndicate/cvemon
CVE-2022-24893 - https://github.com/pokerfacett/MY_CVE_CREDIT
CVE-2022-24899 - https://github.com/ARPSyndicate/kenzer-templates
+CVE-2022-24899 - https://github.com/AggressiveUser/AggressiveUser
CVE-2022-24900 - https://github.com/ARPSyndicate/kenzer-templates
CVE-2022-24903 - https://github.com/ARPSyndicate/cvemon
CVE-2022-24903 - https://github.com/EGI-Federation/SVG-advisories
@@ -127908,6 +128440,7 @@ CVE-2022-25636 - https://github.com/CVEDB/top
CVE-2022-25636 - https://github.com/Ch4nc3n/PublicExploitation
CVE-2022-25636 - https://github.com/EGI-Federation/SVG-advisories
CVE-2022-25636 - https://github.com/GhostTroops/TOP
+CVE-2022-25636 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-25636 - https://github.com/JERRY123S/all-poc
CVE-2022-25636 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-25636 - https://github.com/Meowmycks/OSCPprep-Cute
@@ -127955,6 +128488,7 @@ CVE-2022-25636 - https://github.com/veritas501/CVE-2022-25636-PipeVersion
CVE-2022-25636 - https://github.com/veritas501/pipe-primitive
CVE-2022-25636 - https://github.com/weeka10/-hktalent-TOP
CVE-2022-25636 - https://github.com/whoforget/CVE-POC
+CVE-2022-25636 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-25636 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-25636 - https://github.com/xuetusummer/Penetration_Testing_POC
CVE-2022-25636 - https://github.com/yaobinwen/robin_on_rails
@@ -127979,6 +128513,7 @@ CVE-2022-25640 - https://github.com/youwizard/CVE-POC
CVE-2022-25640 - https://github.com/zecool/cve
CVE-2022-25647 - https://github.com/ARPSyndicate/cvemon
CVE-2022-25647 - https://github.com/CGCL-codes/PHunter
+CVE-2022-25647 - https://github.com/LibHunter/LibHunter
CVE-2022-25647 - https://github.com/hinat0y/Dataset1
CVE-2022-25647 - https://github.com/hinat0y/Dataset10
CVE-2022-25647 - https://github.com/hinat0y/Dataset11
@@ -128005,6 +128540,7 @@ CVE-2022-25757 - https://github.com/ARPSyndicate/cvemon
CVE-2022-25757 - https://github.com/leveryd/go-sec-code
CVE-2022-25758 - https://github.com/seal-community/patches
CVE-2022-25761 - https://github.com/claroty/opcua-exploit-framework
+CVE-2022-25762 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2022-25765 - https://github.com/ARPSyndicate/cvemon
CVE-2022-25765 - https://github.com/Anogota/Precious-
CVE-2022-25765 - https://github.com/Atsukoro1/PDFKitExploit
@@ -128086,6 +128622,7 @@ CVE-2022-25845 - https://github.com/trhacknon/Pocingit
CVE-2022-25845 - https://github.com/whoforget/CVE-POC
CVE-2022-25845 - https://github.com/youwizard/CVE-POC
CVE-2022-25845 - https://github.com/zecool/cve
+CVE-2022-2585 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-2585 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-2585 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2022-2585 - https://github.com/greek0x0/2022-LPE-UAF
@@ -128104,6 +128641,7 @@ CVE-2022-25858 - https://github.com/ARPSyndicate/cvemon
CVE-2022-25858 - https://github.com/Naruse-developer/Miku_Theme
CVE-2022-25858 - https://github.com/Naruse-developer/Warframe_theme
CVE-2022-2586 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-2586 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-2586 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-2586 - https://github.com/NaInSec/CVE-PoC-in-GitHub
CVE-2022-2586 - https://github.com/Snoopy-Sec/Localroot-ALL-CVE
@@ -128129,6 +128667,7 @@ CVE-2022-2586 - https://github.com/sniper404ghostxploit/CVE-2022-2586
CVE-2022-2586 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-2586 - https://github.com/substing/internal_ctf
CVE-2022-2586 - https://github.com/whoforget/CVE-POC
+CVE-2022-2586 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-2586 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-2586 - https://github.com/youwizard/CVE-POC
CVE-2022-2586 - https://github.com/zecool/cve
@@ -128160,6 +128699,7 @@ CVE-2022-2588 - https://github.com/Etoile1024/Pentest-Common-Knowledge
CVE-2022-2588 - https://github.com/GhostTroops/TOP
CVE-2022-2588 - https://github.com/Ha0-Y/LinuxKernelExploits
CVE-2022-2588 - https://github.com/Ha0-Y/kernel-exploit-cve
+CVE-2022-2588 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-2588 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-2588 - https://github.com/Markakd/CVE-2022-2588
CVE-2022-2588 - https://github.com/Markakd/DirtyCred
@@ -128285,6 +128825,7 @@ CVE-2022-2601 - https://github.com/rhboot/shim-review
CVE-2022-2601 - https://github.com/seal-community/patches
CVE-2022-2601 - https://github.com/vathpela/shim-review
CVE-2022-2602 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-2602 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-2602 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-2602 - https://github.com/LukeGix/CVE-2022-2602
CVE-2022-2602 - https://github.com/Mr-xn/Penetration_Testing_POC
@@ -128309,6 +128850,7 @@ CVE-2022-2602 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-2602 - https://github.com/th3-5had0w/CVE-2022-2602-Study
CVE-2022-2602 - https://github.com/wechicken456/Linux-kernel
CVE-2022-2602 - https://github.com/whoforget/CVE-POC
+CVE-2022-2602 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-2602 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-2602 - https://github.com/youwizard/CVE-POC
CVE-2022-26049 - https://github.com/ARPSyndicate/cvemon
@@ -128470,6 +129012,7 @@ CVE-2022-26134 - https://github.com/dabaibuai/dabai
CVE-2022-26134 - https://github.com/demining/Log4j-Vulnerability
CVE-2022-26134 - https://github.com/e-hakson/OSCP
CVE-2022-26134 - https://github.com/eljosep/OSCP-Guide
+CVE-2022-26134 - https://github.com/enomothem/PenTestNote
CVE-2022-26134 - https://github.com/f4yd4-s3c/cve-2022-26134
CVE-2022-26134 - https://github.com/getastra/hypejab
CVE-2022-26134 - https://github.com/getdrive/PoC
@@ -128702,6 +129245,7 @@ CVE-2022-26171 - https://github.com/nu11secur1ty/CVE-nu11secur1ty
CVE-2022-26171 - https://github.com/nu11secur1ty/Windows10Exploits
CVE-2022-2618 - https://github.com/ARPSyndicate/cvemon
CVE-2022-26180 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-26180 - https://github.com/AggressiveUser/AggressiveUser
CVE-2022-26186 - https://github.com/ARPSyndicate/cvemon
CVE-2022-26186 - https://github.com/ExploitPwner/Totolink-CVE-2022-Exploits
CVE-2022-26201 - https://github.com/ARPSyndicate/cvemon
@@ -128843,6 +129387,7 @@ CVE-2022-26373 - https://github.com/ARPSyndicate/cvemon
CVE-2022-26377 - https://github.com/ARPSyndicate/cvemon
CVE-2022-26377 - https://github.com/Awrrays/FrameVul
CVE-2022-26377 - https://github.com/ByteXenon/IP-Security-Database
+CVE-2022-26377 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-26377 - https://github.com/Totes5706/TotesHTB
CVE-2022-26377 - https://github.com/bioly230/THM_Skynet
CVE-2022-26377 - https://github.com/firatesatoglu/shodanSearch
@@ -128854,6 +129399,7 @@ CVE-2022-2639 - https://github.com/0day404/vulnerability-poc
CVE-2022-2639 - https://github.com/20142995/sectool
CVE-2022-2639 - https://github.com/ARPSyndicate/cvemon
CVE-2022-2639 - https://github.com/EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639
+CVE-2022-2639 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-2639 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-2639 - https://github.com/KayCHENvip/vulnerability-poc
CVE-2022-2639 - https://github.com/Miraitowa70/POC-Notes
@@ -129575,6 +130121,7 @@ CVE-2022-27254 - https://github.com/weeka10/-hktalent-TOP
CVE-2022-27254 - https://github.com/whoforget/CVE-POC
CVE-2022-27254 - https://github.com/youwizard/CVE-POC
CVE-2022-27254 - https://github.com/zecool/cve
+CVE-2022-27255 - https://github.com/0xMarcio/cve
CVE-2022-27255 - https://github.com/ARPSyndicate/cvemon
CVE-2022-27255 - https://github.com/CVEDB/PoC-List
CVE-2022-27255 - https://github.com/CVEDB/awesome-cve-repo
@@ -129845,6 +130392,7 @@ CVE-2022-27666 - https://github.com/CVEDB/awesome-cve-repo
CVE-2022-27666 - https://github.com/CVEDB/top
CVE-2022-27666 - https://github.com/Ch4nc3n/PublicExploitation
CVE-2022-27666 - https://github.com/GhostTroops/TOP
+CVE-2022-27666 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-27666 - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
CVE-2022-27666 - https://github.com/JERRY123S/all-poc
CVE-2022-27666 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
@@ -129878,6 +130426,7 @@ CVE-2022-27666 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-27666 - https://github.com/trhacknon/Pocingit
CVE-2022-27666 - https://github.com/weeka10/-hktalent-TOP
CVE-2022-27666 - https://github.com/whoforget/CVE-POC
+CVE-2022-27666 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-27666 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-27666 - https://github.com/xuetusummer/Penetration_Testing_POC
CVE-2022-27666 - https://github.com/youwizard/CVE-POC
@@ -130330,6 +130879,7 @@ CVE-2022-2833 - https://github.com/5angjun/5angjun
CVE-2022-2833 - https://github.com/ARPSyndicate/cvemon
CVE-2022-28330 - https://github.com/8ctorres/SIND-Practicas
CVE-2022-28330 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-28330 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-28330 - https://github.com/firatesatoglu/shodanSearch
CVE-2022-28330 - https://github.com/kasem545/vulnsearch
CVE-2022-28331 - https://github.com/ARPSyndicate/cvemon
@@ -130636,12 +131186,14 @@ CVE-2022-28607 - https://github.com/k0imet/pyfetch
CVE-2022-2861 - https://github.com/karimhabush/cyberowl
CVE-2022-28614 - https://github.com/8ctorres/SIND-Practicas
CVE-2022-28614 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-28614 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-28614 - https://github.com/Totes5706/TotesHTB
CVE-2022-28614 - https://github.com/bioly230/THM_Skynet
CVE-2022-28614 - https://github.com/firatesatoglu/shodanSearch
CVE-2022-28614 - https://github.com/kasem545/vulnsearch
CVE-2022-28615 - https://github.com/8ctorres/SIND-Practicas
CVE-2022-28615 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-28615 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-28615 - https://github.com/Totes5706/TotesHTB
CVE-2022-28615 - https://github.com/bioly230/THM_Skynet
CVE-2022-28615 - https://github.com/firatesatoglu/shodanSearch
@@ -131318,6 +131870,7 @@ CVE-2022-29399 - https://github.com/ARPSyndicate/cvemon
CVE-2022-29399 - https://github.com/d1tto/IoT-vuln
CVE-2022-29404 - https://github.com/8ctorres/SIND-Practicas
CVE-2022-29404 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-29404 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-29404 - https://github.com/Totes5706/TotesHTB
CVE-2022-29404 - https://github.com/bioly230/THM_Skynet
CVE-2022-29404 - https://github.com/firatesatoglu/shodanSearch
@@ -131367,6 +131920,7 @@ CVE-2022-2946 - https://github.com/ARPSyndicate/cvemon
CVE-2022-2946 - https://github.com/ExpLangcn/FuYao-Go
CVE-2022-29464 - https://github.com/0day404/vulnerability-poc
CVE-2022-29464 - https://github.com/0xAgun/CVE-2022-29464
+CVE-2022-29464 - https://github.com/0xMarcio/cve
CVE-2022-29464 - https://github.com/20142995/Goby
CVE-2022-29464 - https://github.com/20142995/pocsuite3
CVE-2022-29464 - https://github.com/2lambda123/panopticon-unattributed
@@ -131585,6 +132139,7 @@ CVE-2022-29582 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-29582 - https://github.com/tr3ss/gofetch
CVE-2022-29582 - https://github.com/trhacknon/Pocingit
CVE-2022-29582 - https://github.com/whoforget/CVE-POC
+CVE-2022-29582 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-29582 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-29582 - https://github.com/youwizard/CVE-POC
CVE-2022-29582 - https://github.com/zecool/cve
@@ -131877,6 +132432,7 @@ CVE-2022-30065 - https://github.com/stkcat/awe-base-images
CVE-2022-30067 - https://github.com/ARPSyndicate/cvemon
CVE-2022-30067 - https://github.com/Tonaram/DSS-BufferOverflow
CVE-2022-30073 - https://github.com/ARPSyndicate/kenzer-templates
+CVE-2022-30075 - https://github.com/0xMarcio/cve
CVE-2022-30075 - https://github.com/ARPSyndicate/cvemon
CVE-2022-30075 - https://github.com/CVEDB/awesome-cve-repo
CVE-2022-30075 - https://github.com/CVEDB/top
@@ -132456,6 +133012,7 @@ CVE-2022-30552 - https://github.com/ARPSyndicate/cvemon
CVE-2022-30552 - https://github.com/H4lo/awesome-IoT-security-article
CVE-2022-30556 - https://github.com/8ctorres/SIND-Practicas
CVE-2022-30556 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-30556 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-30556 - https://github.com/Totes5706/TotesHTB
CVE-2022-30556 - https://github.com/bioly230/THM_Skynet
CVE-2022-30556 - https://github.com/firatesatoglu/shodanSearch
@@ -133364,6 +133921,7 @@ CVE-2022-31806 - https://github.com/ARPSyndicate/cvemon
CVE-2022-31806 - https://github.com/ic3sw0rd/Codesys_V2_Vulnerability
CVE-2022-31813 - https://github.com/8ctorres/SIND-Practicas
CVE-2022-31813 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-31813 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-31813 - https://github.com/Totes5706/TotesHTB
CVE-2022-31813 - https://github.com/bioly230/THM_Skynet
CVE-2022-31813 - https://github.com/firatesatoglu/shodanSearch
@@ -133700,6 +134258,7 @@ CVE-2022-32239 - https://github.com/Live-Hack-CVE/CVE-2022-32239
CVE-2022-32250 - https://github.com/ARPSyndicate/cvemon
CVE-2022-32250 - https://github.com/Decstor5/2022-32250LPE
CVE-2022-32250 - https://github.com/EGI-Federation/SVG-advisories
+CVE-2022-32250 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-32250 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-32250 - https://github.com/Mr-xn/Penetration_Testing_POC
CVE-2022-32250 - https://github.com/NaInSec/CVE-PoC-in-GitHub
@@ -133728,6 +134287,7 @@ CVE-2022-32250 - https://github.com/substing/internal_ctf
CVE-2022-32250 - https://github.com/theori-io/CVE-2022-32250-exploit
CVE-2022-32250 - https://github.com/trhacknon/Pocingit
CVE-2022-32250 - https://github.com/whoforget/CVE-POC
+CVE-2022-32250 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-32250 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-32250 - https://github.com/xuetusummer/Penetration_Testing_POC
CVE-2022-32250 - https://github.com/youwizard/CVE-POC
@@ -134427,6 +134987,7 @@ CVE-2022-34265 - https://github.com/lions2012/Penetration_Testing_POC
CVE-2022-34265 - https://github.com/manas3c/CVE-POC
CVE-2022-34265 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2022-34265 - https://github.com/qwqoro/GPN-Hackathon
+CVE-2022-34265 - https://github.com/seal-community/patches
CVE-2022-34265 - https://github.com/simonepetruzzi/WebSecurityProject
CVE-2022-34265 - https://github.com/t0m4too/t0m4to
CVE-2022-34265 - https://github.com/traumatising/CVE-2022-34265
@@ -134703,11 +135264,13 @@ CVE-2022-34913 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2022-34913 - https://github.com/skinnyrad/Trophies
CVE-2022-34913 - https://github.com/whoforget/CVE-POC
CVE-2022-34913 - https://github.com/youwizard/CVE-POC
+CVE-2022-34918 - https://github.com/0xMarcio/cve
CVE-2022-34918 - https://github.com/0xStrygwyr/OSCP-Guide
CVE-2022-34918 - https://github.com/0xZipp0/OSCP
CVE-2022-34918 - https://github.com/0xsyr0/OSCP
CVE-2022-34918 - https://github.com/20142995/sectool
CVE-2022-34918 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-34918 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2022-34918 - https://github.com/IdanBanani/ELF-Injection-Shellcode-Bridgehead
CVE-2022-34918 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
CVE-2022-34918 - https://github.com/Ly0nt4r/OSCP
@@ -134757,6 +135320,7 @@ CVE-2022-34918 - https://github.com/trhacknon/Pocingit
CVE-2022-34918 - https://github.com/txuswashere/OSCP
CVE-2022-34918 - https://github.com/veritas501/CVE-2022-34918
CVE-2022-34918 - https://github.com/whoforget/CVE-POC
+CVE-2022-34918 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-34918 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-34918 - https://github.com/xhref/OSCP
CVE-2022-34918 - https://github.com/xuetusummer/Penetration_Testing_POC
@@ -135673,6 +136237,7 @@ CVE-2022-36350 - https://github.com/karimhabush/cyberowl
CVE-2022-36358 - https://github.com/karimhabush/cyberowl
CVE-2022-36359 - https://github.com/ARPSyndicate/cvemon
CVE-2022-36359 - https://github.com/motoyasu-saburi/reported_vulnerability
+CVE-2022-36359 - https://github.com/seal-community/patches
CVE-2022-36361 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2022-36362 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2022-36363 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -135822,6 +136387,7 @@ CVE-2022-36752 - https://github.com/skinnyrad/Trophies
CVE-2022-36752 - https://github.com/whoforget/CVE-POC
CVE-2022-36752 - https://github.com/youwizard/CVE-POC
CVE-2022-36760 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-36760 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-36760 - https://github.com/bioly230/THM_Skynet
CVE-2022-36760 - https://github.com/firatesatoglu/shodanSearch
CVE-2022-36760 - https://github.com/karimhabush/cyberowl
@@ -136269,6 +136835,7 @@ CVE-2022-37434 - https://github.com/youwizard/CVE-POC
CVE-2022-37434 - https://github.com/zecool/cve
CVE-2022-37436 - https://github.com/8ctorres/SIND-Practicas
CVE-2022-37436 - https://github.com/ARPSyndicate/cvemon
+CVE-2022-37436 - https://github.com/EzeTauil/Maquina-Upload
CVE-2022-37436 - https://github.com/bioly230/THM_Skynet
CVE-2022-37436 - https://github.com/firatesatoglu/shodanSearch
CVE-2022-37436 - https://github.com/karimhabush/cyberowl
@@ -137201,6 +137768,7 @@ CVE-2022-39944 - https://github.com/yycunhua/4ra1n
CVE-2022-39947 - https://github.com/Threekiii/CVE
CVE-2022-39950 - https://github.com/Live-Hack-CVE/CVE-2022-39950
CVE-2022-39951 - https://github.com/karimhabush/cyberowl
+CVE-2022-39952 - https://github.com/0xMarcio/cve
CVE-2022-39952 - https://github.com/1f3lse/taiE
CVE-2022-39952 - https://github.com/ARPSyndicate/cvemon
CVE-2022-39952 - https://github.com/ARPSyndicate/kenzer-templates
@@ -137552,6 +138120,7 @@ CVE-2022-40674 - https://github.com/whoforget/CVE-POC
CVE-2022-40674 - https://github.com/youwizard/CVE-POC
CVE-2022-40676 - https://github.com/karimhabush/cyberowl
CVE-2022-40684 - https://github.com/0day404/vulnerability-poc
+CVE-2022-40684 - https://github.com/0xMarcio/cve
CVE-2022-40684 - https://github.com/20142995/sectool
CVE-2022-40684 - https://github.com/ARPSyndicate/cvemon
CVE-2022-40684 - https://github.com/ARPSyndicate/kenzer-templates
@@ -137744,6 +138313,7 @@ CVE-2022-4096 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2022-40975 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2022-40982 - https://github.com/EGI-Federation/SVG-advisories
CVE-2022-40982 - https://github.com/bcoles/kasld
+CVE-2022-40982 - https://github.com/codexlynx/hardware-attacks-state-of-the-art
CVE-2022-40982 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2022-40982 - https://github.com/giterlizzi/secdb-feeds
CVE-2022-40982 - https://github.com/hughsie/python-uswid
@@ -137978,6 +138548,7 @@ CVE-2022-41218 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2022-41218 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2022-41218 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-41218 - https://github.com/whoforget/CVE-POC
+CVE-2022-41218 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-41218 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-41218 - https://github.com/youwizard/CVE-POC
CVE-2022-41218 - https://github.com/zecool/cve
@@ -138496,6 +139067,7 @@ CVE-2022-42252 - https://github.com/ARPSyndicate/cvemon
CVE-2022-42252 - https://github.com/fernandoreb/dependency-check-springboot
CVE-2022-42252 - https://github.com/sr-monika/sprint-rest
CVE-2022-42252 - https://github.com/tanjiti/sec_profile
+CVE-2022-42252 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2022-4230 - https://github.com/ARPSyndicate/cvemon
CVE-2022-42330 - https://github.com/karimhabush/cyberowl
CVE-2022-42331 - https://github.com/ARPSyndicate/cvemon
@@ -138579,6 +139151,7 @@ CVE-2022-42703 - https://github.com/pray77/CVE-2023-3640
CVE-2022-42703 - https://github.com/pray77/SCTF2023_kernelpwn
CVE-2022-42703 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-42703 - https://github.com/veritas501/hbp_attack_demo
+CVE-2022-42703 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-42703 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-42710 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups
CVE-2022-42710 - https://github.com/rootxyash/learn365days
@@ -138708,6 +139281,7 @@ CVE-2022-42889 - https://github.com/Threekiii/Awesome-POC
CVE-2022-42889 - https://github.com/Vamckis/Container-Security
CVE-2022-42889 - https://github.com/Vulnmachines/text4shell-CVE-2022-42889
CVE-2022-42889 - https://github.com/WFS-Mend/vtrade-common
+CVE-2022-42889 - https://github.com/Whoopsunix/PPPVULNS
CVE-2022-42889 - https://github.com/XRSec/AWVS-Update
CVE-2022-42889 - https://github.com/Y4tacker/JavaSec
CVE-2022-42889 - https://github.com/aaronm-sysdig/text4shell-docker
@@ -138795,6 +139369,7 @@ CVE-2022-42895 - https://github.com/khanhnd123/linux-kernel-exploitation
CVE-2022-42895 - https://github.com/knd06/linux-kernel-exploitation
CVE-2022-42895 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2022-42895 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2022-42895 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-42895 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-42896 - https://github.com/ARPSyndicate/cvemon
CVE-2022-42896 - https://github.com/Satheesh575555/linux-4.19.72_CVE-2022-42896
@@ -138813,6 +139388,7 @@ CVE-2022-42896 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2022-42896 - https://github.com/nidhi7598/linux-4.1.15_CVE-2022-42896
CVE-2022-42896 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2022-42896 - https://github.com/ssr-111/linux-kernel-exploitation
+CVE-2022-42896 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-42896 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-42898 - https://github.com/ARPSyndicate/cvemon
CVE-2022-42898 - https://github.com/VeerMuchandi/s3c-springboot-demo
@@ -139194,6 +139770,7 @@ CVE-2022-44268 - https://github.com/dai5z/LBAS
CVE-2022-44268 - https://github.com/daniellemonika/CSCE-5552-Prying-Eyes
CVE-2022-44268 - https://github.com/doyensec/imagemagick-security-policy-evaluator
CVE-2022-44268 - https://github.com/duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC
+CVE-2022-44268 - https://github.com/enomothem/PenTestNote
CVE-2022-44268 - https://github.com/entr0pie/CVE-2022-44268
CVE-2022-44268 - https://github.com/fanbyprinciple/ImageMagick-lfi-poc
CVE-2022-44268 - https://github.com/jnschaeffer/cve-2022-44268-detector
@@ -139543,6 +140120,7 @@ CVE-2022-4543 - https://github.com/ndk191/linux-kernel-exploitation
CVE-2022-4543 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2022-4543 - https://github.com/ssr-111/linux-kernel-exploitation
CVE-2022-4543 - https://github.com/sunichi/cve-2022-4543-wrapper
+CVE-2022-4543 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2022-4543 - https://github.com/xairy/linux-kernel-exploitation
CVE-2022-45436 - https://github.com/ARPSyndicate/cvemon
CVE-2022-45436 - https://github.com/damodarnaik/CVE-2022-45436
@@ -141475,6 +142053,7 @@ CVE-2023-2002 - https://github.com/hktalent/TOP
CVE-2023-2002 - https://github.com/lrh2000/CVE-2023-2002
CVE-2023-2002 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-20020 - https://github.com/Live-Hack-CVE/CVE-2023-20020
+CVE-2023-20025 - https://github.com/CVEDB/awesome-cve-repo
CVE-2023-20025 - https://github.com/lnversed/CVE-2023-20025
CVE-2023-20025 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-20028 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -141569,6 +142148,7 @@ CVE-2023-20198 - https://github.com/W01fh4cker/CVE-2023-20198-RCE
CVE-2023-20198 - https://github.com/XRSec/AWVS-Update
CVE-2023-20198 - https://github.com/ZephrFish/CVE-2023-20198-Checker
CVE-2023-20198 - https://github.com/ZephrFish/Cisco-IOS-XE-Scanner
+CVE-2023-20198 - https://github.com/aleff-github/aleff-github
CVE-2023-20198 - https://github.com/aleff-github/my-flipper-shits
CVE-2023-20198 - https://github.com/alekos3/CVE_2023_20198_Detector
CVE-2023-20198 - https://github.com/alekos3/CVE_2023_20198_Remediator
@@ -141636,6 +142216,7 @@ CVE-2023-20273 - https://github.com/H4lo/awesome-IoT-security-article
CVE-2023-20273 - https://github.com/Ostorlab/KEV
CVE-2023-20273 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2023-20273 - https://github.com/Shadow0ps/CVE-2023-20198-Scanner
+CVE-2023-20273 - https://github.com/aleff-github/aleff-github
CVE-2023-20273 - https://github.com/aleff-github/my-flipper-shits
CVE-2023-20273 - https://github.com/cadencejames/Check-HttpServerStatus
CVE-2023-20273 - https://github.com/f1tao/awesome-iot-security-resource
@@ -141688,6 +142269,7 @@ CVE-2023-20593 - https://github.com/sbaresearch/stop-zenbleed-win
CVE-2023-20593 - https://github.com/speed47/spectre-meltdown-checker
CVE-2023-20593 - https://github.com/w1redch4d/windowz2-bleed
CVE-2023-20598 - https://github.com/hfiref0x/KDU
+CVE-2023-20598 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-20634 - https://github.com/ARPSyndicate/cvemon
CVE-2023-20634 - https://github.com/Resery/Resery
CVE-2023-20635 - https://github.com/ARPSyndicate/cvemon
@@ -142333,6 +142915,7 @@ CVE-2023-21837 - https://github.com/hktalent/CVE-2023-21837
CVE-2023-21837 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-21837 - https://github.com/thiscodecc/thiscodecc
CVE-2023-21838 - https://github.com/r00t4dm/r00t4dm
+CVE-2023-21839 - https://github.com/0xMarcio/cve
CVE-2023-21839 - https://github.com/0xn0ne/simple-scanner
CVE-2023-21839 - https://github.com/20142995/pocsuite3
CVE-2023-21839 - https://github.com/20142995/sectool
@@ -142432,7 +143015,9 @@ CVE-2023-21979 - https://github.com/hktalent/TOP
CVE-2023-21979 - https://github.com/trganda/starrlist
CVE-2023-21980 - https://github.com/scmanjarrez/CVEScannerV2
CVE-2023-21987 - https://github.com/AtonceInventions/Hypervisor
+CVE-2023-21987 - https://github.com/husseinmuhaisen/Hypervisor
CVE-2023-21991 - https://github.com/AtonceInventions/Hypervisor
+CVE-2023-21991 - https://github.com/husseinmuhaisen/Hypervisor
CVE-2023-22006 - https://github.com/motoyasu-saburi/reported_vulnerability
CVE-2023-2203 - https://github.com/em1ga3l/cve-publicationdate-extractor
CVE-2023-2203222 - https://github.com/em1ga3l/cve-publicationdate-extractor
@@ -142644,6 +143229,7 @@ CVE-2023-22527 - https://github.com/ReAbout/web-sec
CVE-2023-22527 - https://github.com/RevoltSecurities/CVE-2023-22527
CVE-2023-22527 - https://github.com/Sudistark/patch-diff-CVE-2023-22527
CVE-2023-22527 - https://github.com/Threekiii/Awesome-POC
+CVE-2023-22527 - https://github.com/Threekiii/Awesome-Redteam
CVE-2023-22527 - https://github.com/Threekiii/CVE
CVE-2023-22527 - https://github.com/Threekiii/Vulhub-Reproduce
CVE-2023-22527 - https://github.com/Tropinene/Yscanner
@@ -142968,6 +143554,7 @@ CVE-2023-23397 - https://github.com/abrahim7112/Vulnerability-checking-program-f
CVE-2023-23397 - https://github.com/ahmedkhlief/CVE-2023-23397-POC
CVE-2023-23397 - https://github.com/ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook
CVE-2023-23397 - https://github.com/alecdhuse/Lantern-Shark
+CVE-2023-23397 - https://github.com/aleff-github/aleff-github
CVE-2023-23397 - https://github.com/aleff-github/my-flipper-shits
CVE-2023-23397 - https://github.com/alicangnll/CVE-2023-23397
CVE-2023-23397 - https://github.com/alsaeroth/CVE-2023-23397-POC
@@ -143128,6 +143715,7 @@ CVE-2023-23576 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-23583 - https://github.com/EGI-Federation/SVG-advisories
CVE-2023-23583 - https://github.com/Mav3r1ck0x1/CVE-2023-23583-Reptar-
CVE-2023-23583 - https://github.com/blazcode/INTEL-SA-00950
+CVE-2023-23583 - https://github.com/codexlynx/hardware-attacks-state-of-the-art
CVE-2023-23583 - https://github.com/giterlizzi/secdb-feeds
CVE-2023-23583 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-23583 - https://github.com/speed47/spectre-meltdown-checker
@@ -143138,6 +143726,7 @@ CVE-2023-23590 - https://github.com/VulnTotal-Team/Vehicle-Security
CVE-2023-23590 - https://github.com/VulnTotal-Team/vehicle_cves
CVE-2023-23595 - https://github.com/ARPSyndicate/cvemon
CVE-2023-23595 - https://github.com/colemanjp/XXE-Vulnerability-in-Bluecat-Device-Registration-Portal-DRP
+CVE-2023-23607 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-23614 - https://github.com/4n4nk3/4n4nk3
CVE-2023-23614 - https://github.com/ARPSyndicate/cvemon
CVE-2023-23618 - https://github.com/9069332997/session-1-full-stack
@@ -143203,6 +143792,7 @@ CVE-2023-23752 - https://github.com/Archan6el/Devvortex-Writeup-HackTheBox
CVE-2023-23752 - https://github.com/BearClaw96/Joomla-v4.x-Unauthenticated-information-disclosure
CVE-2023-23752 - https://github.com/BugBlocker/lotus-scripts
CVE-2023-23752 - https://github.com/C1ph3rX13/CVE-2023-23752
+CVE-2023-23752 - https://github.com/CLincat/vulcat
CVE-2023-23752 - https://github.com/CVEDB/PoC-List
CVE-2023-23752 - https://github.com/CVEDB/awesome-cve-repo
CVE-2023-23752 - https://github.com/CVEDB/top
@@ -143554,6 +144144,7 @@ CVE-2023-24573 - https://github.com/ARPSyndicate/cvemon
CVE-2023-24573 - https://github.com/ycdxsb/ycdxsb
CVE-2023-2458 - https://github.com/zhchbin/zhchbin
CVE-2023-24580 - https://github.com/ARPSyndicate/cvemon
+CVE-2023-24580 - https://github.com/seal-community/patches
CVE-2023-24609 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-24610 - https://github.com/abbisQQ/CVE-2023-24610
CVE-2023-24610 - https://github.com/hktalent/TOP
@@ -143710,6 +144301,7 @@ CVE-2023-25143 - https://github.com/dlehgus1023/dlehgus1023
CVE-2023-25152 - https://github.com/ARPSyndicate/cvemon
CVE-2023-25157 - https://github.com/0x2458bughunt/CVE-2023-25157
CVE-2023-25157 - https://github.com/0x783kb/Security-operation-book
+CVE-2023-25157 - https://github.com/0xMarcio/cve
CVE-2023-25157 - https://github.com/20142995/sectool
CVE-2023-25157 - https://github.com/7imbitz/CVE-2023-25157-checker
CVE-2023-25157 - https://github.com/Awrrays/FrameVul
@@ -143872,6 +144464,7 @@ CVE-2023-25690 - https://github.com/ARPSyndicate/cvemon
CVE-2023-25690 - https://github.com/CVEDB/awesome-cve-repo
CVE-2023-25690 - https://github.com/CVEDB/top
CVE-2023-25690 - https://github.com/EGI-Federation/SVG-advisories
+CVE-2023-25690 - https://github.com/EzeTauil/Maquina-Upload
CVE-2023-25690 - https://github.com/GGontijo/CTF-s
CVE-2023-25690 - https://github.com/GhostTroops/TOP
CVE-2023-25690 - https://github.com/H4lo/awesome-IoT-security-article
@@ -144157,6 +144750,7 @@ CVE-2023-26396 - https://github.com/kohnakagawa/kohnakagawa
CVE-2023-2640 - https://github.com/0xWhoami35/root-kernel
CVE-2023-2640 - https://github.com/0xsyr0/OSCP
CVE-2023-2640 - https://github.com/Ev3rPalestine/Analytics-HTB-Walkthrough
+CVE-2023-2640 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2023-2640 - https://github.com/K5LK/CVE-2023-2640-32629
CVE-2023-2640 - https://github.com/Kiosec/Linux-Exploitation
CVE-2023-2640 - https://github.com/Nkipohcs/CVE-2023-2640-CVE-2023-32629
@@ -144553,6 +145147,7 @@ CVE-2023-27502 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-2752 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-27520 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-27522 - https://github.com/ARPSyndicate/cvemon
+CVE-2023-27522 - https://github.com/EzeTauil/Maquina-Upload
CVE-2023-27522 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-27522 - https://github.com/xonoxitron/cpe2cve
CVE-2023-27524 - https://github.com/0day404/vulnerability-poc
@@ -144920,6 +145515,7 @@ CVE-2023-2825 - https://github.com/johe123qwe/github-trending
CVE-2023-2825 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-28250 - https://github.com/BenjiTrapp/cisa-known-vuln-scraper
CVE-2023-28250 - https://github.com/BenjiTrapp/cve-prio-marble
+CVE-2023-28252 - https://github.com/0xMarcio/cve
CVE-2023-28252 - https://github.com/726232111/CVE-2023-28252
CVE-2023-28252 - https://github.com/ARPSyndicate/cvemon
CVE-2023-28252 - https://github.com/CVEDB/awesome-cve-repo
@@ -145179,6 +145775,7 @@ CVE-2023-28708 - https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
CVE-2023-28708 - https://github.com/fernandoreb/dependency-check-springboot
CVE-2023-28708 - https://github.com/scordero1234/java_sec_demo-main
CVE-2023-28708 - https://github.com/trganda/dockerv
+CVE-2023-28708 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2023-28709 - https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
CVE-2023-28709 - https://github.com/seal-community/patches
CVE-2023-2871 - https://github.com/zeze-zeze/WindowsKernelVuln
@@ -145388,6 +145985,7 @@ CVE-2023-29343 - https://github.com/johe123qwe/github-trending
CVE-2023-29343 - https://github.com/lions2012/Penetration_Testing_POC
CVE-2023-29343 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-29345 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-29357 - https://github.com/0xMarcio/cve
CVE-2023-29357 - https://github.com/CVEDB/awesome-cve-repo
CVE-2023-29357 - https://github.com/CVEDB/top
CVE-2023-29357 - https://github.com/Chocapikk/CVE-2023-29357
@@ -145406,6 +146004,9 @@ CVE-2023-29357 - https://github.com/netlas-io/netlas-dorks
CVE-2023-29357 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-29357 - https://github.com/tanjiti/sec_profile
CVE-2023-29357 - https://github.com/whitfieldsdad/cisa_kev
+CVE-2023-29360 - https://github.com/CVEDB/awesome-cve-repo
+CVE-2023-29360 - https://github.com/CVEDB/top
+CVE-2023-29360 - https://github.com/GhostTroops/TOP
CVE-2023-29360 - https://github.com/Nero22k/cve-2023-29360
CVE-2023-29360 - https://github.com/Ostorlab/KEV
CVE-2023-29360 - https://github.com/cvefeed/cvefeed.io
@@ -145854,6 +146455,7 @@ CVE-2023-31070 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-31071 - https://github.com/hackintoanetwork/hackintoanetwork
CVE-2023-31072 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-31099 - https://github.com/tanjiti/sec_profile
+CVE-2023-31122 - https://github.com/EzeTauil/Maquina-Upload
CVE-2023-31122 - https://github.com/arsenalzp/apch-operator
CVE-2023-31122 - https://github.com/klemakle/audit-pentest-BOX
CVE-2023-31122 - https://github.com/xonoxitron/cpe2cve
@@ -146139,6 +146741,7 @@ CVE-2023-32173 - https://github.com/0vercl0k/pwn2own2023-miami
CVE-2023-32174 - https://github.com/0vercl0k/pwn2own2023-miami
CVE-2023-32175 - https://github.com/dhn/dhn
CVE-2023-32183 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-32191 - https://github.com/tanjiti/sec_profile
CVE-2023-3221 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-32219 - https://github.com/1-tong/vehicle_cves
CVE-2023-32219 - https://github.com/Vu1nT0tal/Vehicle-Security
@@ -146378,6 +146981,7 @@ CVE-2023-32623 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-32629 - https://github.com/0xWhoami35/root-kernel
CVE-2023-32629 - https://github.com/0xsyr0/OSCP
CVE-2023-32629 - https://github.com/Ev3rPalestine/Analytics-HTB-Walkthrough
+CVE-2023-32629 - https://github.com/HaxorSecInfec/autoroot.sh
CVE-2023-32629 - https://github.com/K5LK/CVE-2023-2640-32629
CVE-2023-32629 - https://github.com/Kiosec/Linux-Exploitation
CVE-2023-32629 - https://github.com/Nkipohcs/CVE-2023-2640-CVE-2023-32629
@@ -146581,6 +147185,7 @@ CVE-2023-33101 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-33103 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-33104 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-33105 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-33105 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-33106 - https://github.com/Ostorlab/KEV
CVE-2023-33106 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2023-33106 - https://github.com/RENANZG/My-Forensics
@@ -146818,6 +147423,7 @@ CVE-2023-33676 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-33677 - https://github.com/ASR511-OO7/CVE-2023-33677
CVE-2023-33677 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-33677 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2023-33693 - https://github.com/ernestang98/win-exploits
CVE-2023-33725 - https://github.com/Contrast-Security-OSS/Burptrast
CVE-2023-33725 - https://github.com/demomm/burptrast
CVE-2023-33730 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -147095,6 +147701,7 @@ CVE-2023-34330 - https://github.com/chnzzh/Redfish-CVE-lib
CVE-2023-3434 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-34349 - https://github.com/another1024/another1024
CVE-2023-34355 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-34362 - https://github.com/0xMarcio/cve
CVE-2023-34362 - https://github.com/0xdead8ead-randori/cve_search_msf
CVE-2023-34362 - https://github.com/ARPSyndicate/cvemon
CVE-2023-34362 - https://github.com/BenjiTrapp/cisa-known-vuln-scraper
@@ -147387,6 +147994,7 @@ CVE-2023-35132 - https://github.com/kip93/kip93
CVE-2023-35133 - https://github.com/kip93/kip93
CVE-2023-3514 - https://github.com/star-sg/CVE
CVE-2023-3515 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-3519 - https://github.com/0xMarcio/cve
CVE-2023-3519 - https://github.com/Aicks/Citrix-CVE-2023-3519
CVE-2023-3519 - https://github.com/BishopFox/CVE-2023-3519
CVE-2023-3519 - https://github.com/CVEDB/awesome-cve-repo
@@ -147849,6 +148457,7 @@ CVE-2023-36728 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-3673 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-36735 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-36741 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-36745 - https://github.com/0xMarcio/cve
CVE-2023-36745 - https://github.com/CVEDB/awesome-cve-repo
CVE-2023-36745 - https://github.com/CVEDB/top
CVE-2023-36745 - https://github.com/GhostTroops/TOP
@@ -148000,6 +148609,7 @@ CVE-2023-36884 - https://github.com/Maxwitat/CVE-2023-36884-Scripts-for-Intune-R
CVE-2023-36884 - https://github.com/Ostorlab/KEV
CVE-2023-36884 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
CVE-2023-36884 - https://github.com/ToddMaxey/CVE-2023-36884
+CVE-2023-36884 - https://github.com/aleff-github/aleff-github
CVE-2023-36884 - https://github.com/aleff-github/my-flipper-shits
CVE-2023-36884 - https://github.com/bkzk/cisco-email-filters
CVE-2023-36884 - https://github.com/deepinstinct/Storm0978-RomCom-Campaign
@@ -148562,6 +149172,7 @@ CVE-2023-38545 - https://github.com/dbrugman/CVE-2023-38545-POC
CVE-2023-38545 - https://github.com/fatmo666/CVE-2023-38545-libcurl-SOCKS5-heap-buffer-overflow
CVE-2023-38545 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-38545 - https://github.com/imfht/CVE-2023-38545
+CVE-2023-38545 - https://github.com/industrial-edge/iih-essentials-development-kit
CVE-2023-38545 - https://github.com/izj007/wechat
CVE-2023-38545 - https://github.com/kherrick/lobsters
CVE-2023-38545 - https://github.com/malinkamedok/devops_sandbox
@@ -148573,6 +149184,7 @@ CVE-2023-38545 - https://github.com/vanigori/CVE-2023-38545-sample
CVE-2023-38545 - https://github.com/whoami13apt/files2
CVE-2023-38546 - https://github.com/alex-grandson/docker-python-example
CVE-2023-38546 - https://github.com/fokypoky/places-list
+CVE-2023-38546 - https://github.com/industrial-edge/iih-essentials-development-kit
CVE-2023-38546 - https://github.com/malinkamedok/devops_sandbox
CVE-2023-38546 - https://github.com/testing-felickz/docker-scout-demo
CVE-2023-3855 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -149037,6 +149649,7 @@ CVE-2023-39807 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-39808 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-39809 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-39848 - https://github.com/AS-Mend-RenovateEE/RenovateEEDVWA
+CVE-2023-39848 - https://github.com/Abhitejabodapati/DVWA-SAST
CVE-2023-39848 - https://github.com/Blake384/DVWA
CVE-2023-39848 - https://github.com/BrunoiMesquita/DAMN-VULNERABLE-PHP-WEB-APPLICATION
CVE-2023-39848 - https://github.com/Bulnick/SCode
@@ -149048,6 +149661,7 @@ CVE-2023-39848 - https://github.com/HMPDocker/hmpdockertp
CVE-2023-39848 - https://github.com/HowAreYouChristian/crs
CVE-2023-39848 - https://github.com/HycCodeQL/DVWA
CVE-2023-39848 - https://github.com/Iamishfaq07/DVWA
+CVE-2023-39848 - https://github.com/Jackbling/DVWA
CVE-2023-39848 - https://github.com/Jun1u2/TestGR
CVE-2023-39848 - https://github.com/Kir-Scheluh/SSDLC-lab4-test
CVE-2023-39848 - https://github.com/LenninPeren/PruebaDVWA
@@ -149066,6 +149680,8 @@ CVE-2023-39848 - https://github.com/SCMOnboard100/Synergistic-Steel-Table
CVE-2023-39848 - https://github.com/Security-Test-Account/DVWA
CVE-2023-39848 - https://github.com/ShrutikaNakhale/DVWA2
CVE-2023-39848 - https://github.com/Slon12jr/DVWA
+CVE-2023-39848 - https://github.com/TINNI-Lal/DVWA
+CVE-2023-39848 - https://github.com/Yahyazaizi/application-test-security
CVE-2023-39848 - https://github.com/Zahidkhan1221/DWVA
CVE-2023-39848 - https://github.com/andersongodoy/DVWA-CORRIGIDO
CVE-2023-39848 - https://github.com/asmendio/RenovateEETest
@@ -149293,6 +149909,7 @@ CVE-2023-40370 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-4039 - https://github.com/GrigGM/05-virt-04-docker-hw
CVE-2023-4039 - https://github.com/bollwarm/SecToolSet
CVE-2023-4039 - https://github.com/fokypoky/places-list
+CVE-2023-4039 - https://github.com/m-pasima/CI-CD-Security-image-scan
CVE-2023-40403 - https://github.com/dlehgus1023/dlehgus1023
CVE-2023-4041 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-4042 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -149318,11 +149935,16 @@ CVE-2023-40537 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-40542 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-40544 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-40546 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-40546 - https://github.com/seal-community/patches
CVE-2023-40547 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-40547 - https://github.com/seal-community/patches
CVE-2023-40548 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-40549 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-40549 - https://github.com/seal-community/patches
CVE-2023-40550 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-40550 - https://github.com/seal-community/patches
CVE-2023-40551 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-40551 - https://github.com/seal-community/patches
CVE-2023-40556 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-40570 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-40571 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -149518,6 +150140,7 @@ CVE-2023-41128 - https://github.com/parkttule/parkttule
CVE-2023-41131 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-41136 - https://github.com/parkttule/parkttule
CVE-2023-41164 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-41164 - https://github.com/seal-community/patches
CVE-2023-41174 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-41179 - https://github.com/MiracleAnameke/Cybersecurity-Vulnerability-and-Exposure-Report
CVE-2023-41179 - https://github.com/Ostorlab/KEV
@@ -149904,9 +150527,11 @@ CVE-2023-42308 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-42320 - https://github.com/aixiao0621/Tenda
CVE-2023-42362 - https://github.com/Mr-n0b3dy/CVE-2023-42362
CVE-2023-42362 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2023-42363 - https://github.com/bcgov/jag-cdds
CVE-2023-42363 - https://github.com/cdupuis/aspnetapp
CVE-2023-42364 - https://github.com/cdupuis/aspnetapp
CVE-2023-42365 - https://github.com/cdupuis/aspnetapp
+CVE-2023-42366 - https://github.com/bcgov/jag-cdds
CVE-2023-42366 - https://github.com/cdupuis/aspnetapp
CVE-2023-4237 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-42374 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -150359,6 +150984,7 @@ CVE-2023-43655 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-43656 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-43659 - https://github.com/kip93/kip93
CVE-2023-43660 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-43662 - https://github.com/wy876/POC
CVE-2023-43665 - https://github.com/1wc/1wc
CVE-2023-43666 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-43667 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -150606,6 +151232,7 @@ CVE-2023-44309 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-4431 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-44310 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-44311 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-44313 - https://github.com/tanjiti/sec_profile
CVE-2023-44315 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-44324 - https://github.com/NaInSec/CVE-LIST
CVE-2023-44325 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -150659,6 +151286,7 @@ CVE-2023-44483 - https://github.com/phax/ph-xmldsig
CVE-2023-44484 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-44485 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-44486 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-44487 - https://github.com/0xMarcio/cve
CVE-2023-44487 - https://github.com/AlexRogalskiy/AlexRogalskiy
CVE-2023-44487 - https://github.com/Austnez/tools
CVE-2023-44487 - https://github.com/ByteHackr/CVE-2023-44487
@@ -150720,6 +151348,7 @@ CVE-2023-44487 - https://github.com/zhaohuabing/cve-agent
CVE-2023-44487 - https://github.com/zhaoolee/garss
CVE-2023-44488 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-4450 - https://github.com/Threekiii/Awesome-POC
+CVE-2023-4450 - https://github.com/bigblackhat/oFx
CVE-2023-4450 - https://github.com/chennbnbnb/JDoop-release
CVE-2023-4450 - https://github.com/hxysaury/saury-vulnhub
CVE-2023-4450 - https://github.com/ilikeoyt/CVE-2023-4450-Attack
@@ -151061,6 +151690,7 @@ CVE-2023-45664 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-45666 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-45667 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-4567 - https://github.com/chinocchio/EthicalHacking
+CVE-2023-45674 - https://github.com/OrenGitHub/dhscanner
CVE-2023-45675 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-45678 - https://github.com/runwuf/clickhouse-test
CVE-2023-4568 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -151100,6 +151730,7 @@ CVE-2023-45797 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-45798 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-45799 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-45801 - https://github.com/karimhabush/cyberowl
+CVE-2023-45802 - https://github.com/EzeTauil/Maquina-Upload
CVE-2023-45802 - https://github.com/arsenalzp/apch-operator
CVE-2023-45802 - https://github.com/karimhabush/cyberowl
CVE-2023-45802 - https://github.com/xonoxitron/cpe2cve
@@ -151466,6 +152097,7 @@ CVE-2023-46728 - https://github.com/MegaManSec/Squid-Security-Audit
CVE-2023-46728 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-46729 - https://github.com/aszx87410/blog
CVE-2023-46729 - https://github.com/tanjiti/sec_profile
+CVE-2023-46747 - https://github.com/0xMarcio/cve
CVE-2023-46747 - https://github.com/AliBrTab/CVE-2023-46747-POC
CVE-2023-46747 - https://github.com/CVEDB/awesome-cve-repo
CVE-2023-46747 - https://github.com/CVEDB/top
@@ -152367,6 +152999,7 @@ CVE-2023-4966 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detec
CVE-2023-4966 - https://github.com/RevoltSecurities/CVE-2023-4966
CVE-2023-4966 - https://github.com/Threekiii/Awesome-POC
CVE-2023-4966 - https://github.com/Threekiii/CVE
+CVE-2023-4966 - https://github.com/aleff-github/aleff-github
CVE-2023-4966 - https://github.com/aleff-github/my-flipper-shits
CVE-2023-4966 - https://github.com/byte4RR4Y/CVE-2023-4966
CVE-2023-4966 - https://github.com/certat/citrix-logchecker
@@ -152532,6 +153165,7 @@ CVE-2023-50131 - https://github.com/sajaljat/CVE-2023-50131
CVE-2023-50132 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-50132 - https://github.com/sajaljat/CVE-2023-50132
CVE-2023-5016 - https://github.com/20142995/pocsuite3
+CVE-2023-5016 - https://github.com/bayuncao/bayuncao
CVE-2023-50164 - https://github.com/AsfandAliMemon25/CVE-2023-50164Analysis-
CVE-2023-50164 - https://github.com/Marco-zcl/POC
CVE-2023-50164 - https://github.com/Thirukrishnan/CVE-2023-50164-Apache-Struts-RCE
@@ -152560,6 +153194,7 @@ CVE-2023-50168 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-50175 - https://github.com/a-zara-n/a-zara-n
CVE-2023-50175 - https://github.com/mute1008/mute1008
CVE-2023-50175 - https://github.com/mute1997/mute1997
+CVE-2023-5022 - https://github.com/bayuncao/bayuncao
CVE-2023-50220 - https://github.com/neutrinoguy/awesome-ics-writeups
CVE-2023-50220 - https://github.com/tanjiti/sec_profile
CVE-2023-50226 - https://github.com/jiayy/android_vuln_poc-exp
@@ -153256,6 +153891,7 @@ CVE-2023-52425 - https://github.com/TimoTielens/httpd-security
CVE-2023-52425 - https://github.com/egorvozhzhov/docker-test
CVE-2023-52425 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-52425 - https://github.com/fokypoky/places-list
+CVE-2023-52425 - https://github.com/m-pasima/CI-CD-Security-image-scan
CVE-2023-52426 - https://github.com/GrigGM/05-virt-04-docker-hw
CVE-2023-52426 - https://github.com/Murken-0/docker-vulnerabilities
CVE-2023-52426 - https://github.com/PaulZtx/docker_practice
@@ -153893,6 +154529,7 @@ CVE-2023-6654 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2023-6654 - https://github.com/qfmy1024/CVE-2023-6654
CVE-2023-6654 - https://github.com/tanjiti/sec_profile
CVE-2023-6655 - https://github.com/20142995/sectool
+CVE-2023-6656 - https://github.com/bayuncao/bayuncao
CVE-2023-6656 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2023-6660 - https://github.com/NaInSec/CVE-LIST
CVE-2023-6660 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -158924,6 +159561,8 @@ CVE-2024-0039 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-0040 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0041 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0043 - https://github.com/cisagov/vulnrichment
+CVE-2024-0044 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-0044 - https://github.com/tanjiti/sec_profile
CVE-2024-0054 - https://github.com/NaInSec/CVE-LIST
CVE-2024-0055 - https://github.com/NaInSec/CVE-LIST
CVE-2024-0056 - https://github.com/NaInSec/CVE-LIST
@@ -158960,6 +159599,7 @@ CVE-2024-0194 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0195 - https://github.com/Marco-zcl/POC
CVE-2024-0195 - https://github.com/Tropinene/Yscanner
CVE-2024-0195 - https://github.com/d4n-sec/d4n-sec.github.io
+CVE-2024-0195 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-0195 - https://github.com/tanjiti/sec_profile
CVE-2024-0195 - https://github.com/wjlin0/poc-doc
CVE-2024-0195 - https://github.com/wy876/POC
@@ -159097,6 +159737,7 @@ CVE-2024-0349 - https://github.com/ahmedvienna/CVEs-and-Vulnerabilities
CVE-2024-0350 - https://github.com/ahmedvienna/CVEs-and-Vulnerabilities
CVE-2024-0351 - https://github.com/ahmedvienna/CVEs-and-Vulnerabilities
CVE-2024-0352 - https://github.com/Tropinene/Yscanner
+CVE-2024-0352 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-0352 - https://github.com/tanjiti/sec_profile
CVE-2024-0365 - https://github.com/NaInSec/CVE-LIST
CVE-2024-0370 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -159220,6 +159861,7 @@ CVE-2024-0652 - https://github.com/Agampreet-Singh/CVE-2024-0652
CVE-2024-0652 - https://github.com/Agampreet-Singh/CVE-2024-25202
CVE-2024-0652 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0652 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-0654 - https://github.com/bayuncao/bayuncao
CVE-2024-0654 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0655 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0657 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -159280,6 +159922,7 @@ CVE-2024-0750 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0751 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0753 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0755 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-0757 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-0759 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0765 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0769 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -159356,6 +159999,8 @@ CVE-2024-0930 - https://github.com/yaoyue123/iot
CVE-2024-0931 - https://github.com/yaoyue123/iot
CVE-2024-0932 - https://github.com/yaoyue123/iot
CVE-2024-0935 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-0936 - https://github.com/bayuncao/bayuncao
+CVE-2024-0937 - https://github.com/bayuncao/bayuncao
CVE-2024-0939 - https://github.com/tanjiti/sec_profile
CVE-2024-0948 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0951 - https://github.com/NaInSec/CVE-LIST
@@ -159363,7 +160008,9 @@ CVE-2024-0953 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0953 - https://github.com/securitycipher/daily-bugbounty-writeups
CVE-2024-0957 - https://github.com/NaInSec/CVE-LIST
CVE-2024-0957 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-0959 - https://github.com/bayuncao/bayuncao
CVE-2024-0959 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-0960 - https://github.com/bayuncao/bayuncao
CVE-2024-0960 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0962 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-0963 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -159653,6 +160300,7 @@ CVE-2024-1417 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1420 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1423 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1431 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-1432 - https://github.com/bayuncao/bayuncao
CVE-2024-1432 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1433 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1441 - https://github.com/NaInSec/CVE-LIST
@@ -159839,6 +160487,7 @@ CVE-2024-1733 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1742 - https://github.com/NaInSec/CVE-LIST
CVE-2024-1743 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1746 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-1748 - https://github.com/bayuncao/bayuncao
CVE-2024-1748 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1749 - https://github.com/Srivishnu-p/CVEs-and-Vulnerabilities
CVE-2024-1749 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -159914,6 +160563,7 @@ CVE-2024-1871 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1874 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1874 - https://github.com/michalsvoboda76/batbadbut
CVE-2024-1874 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-1874 - https://github.com/tianstcht/tianstcht
CVE-2024-1875 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1876 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-1877 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -160002,6 +160652,7 @@ CVE-2024-20029 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-20030 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-20031 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-20032 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-20032 - https://github.com/tf2spi/dumpshell
CVE-2024-20033 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-20034 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-20036 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -160060,6 +160711,7 @@ CVE-2024-20337 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-20337 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-20337 - https://github.com/swagcraftedd/CVE-2024-20337-POC
CVE-2024-20338 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-20338 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-20345 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-20346 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-20353 - https://github.com/Spl0stus/CVE-2024-20353-CiscoASAandFTD
@@ -160098,6 +160750,7 @@ CVE-2024-2052 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2054 - https://github.com/Madan301/CVE-2024-2054
CVE-2024-2054 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-2054 - https://github.com/tanjiti/sec_profile
+CVE-2024-2057 - https://github.com/bayuncao/bayuncao
CVE-2024-2057 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2060 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2061 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -160465,6 +161118,7 @@ CVE-2024-2134 - https://github.com/Srivishnu-p/CVEs-and-Vulnerabilities
CVE-2024-2134 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-21341 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-21342 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-21345 - https://github.com/0xMarcio/cve
CVE-2024-21345 - https://github.com/FoxyProxys/CVE-2024-21345
CVE-2024-21345 - https://github.com/GhostTroops/TOP
CVE-2024-21345 - https://github.com/aneasystone/github-trending
@@ -160733,6 +161387,7 @@ CVE-2024-21672 - https://github.com/swagcrafted/CVE-2024-21672-POC
CVE-2024-21673 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-21674 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-21677 - https://github.com/NaInSec/CVE-LIST
+CVE-2024-21677 - https://github.com/enomothem/PenTestNote
CVE-2024-21677 - https://github.com/netlas-io/netlas-dorks
CVE-2024-21677 - https://github.com/tanjiti/sec_profile
CVE-2024-21683 - https://github.com/0xMarcio/cve
@@ -160743,6 +161398,7 @@ CVE-2024-21683 - https://github.com/W01fh4cker/CVE-2024-21683-RCE
CVE-2024-21683 - https://github.com/ZonghaoLi777/githubTrending
CVE-2024-21683 - https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server
CVE-2024-21683 - https://github.com/aneasystone/github-trending
+CVE-2024-21683 - https://github.com/enomothem/PenTestNote
CVE-2024-21683 - https://github.com/fireinrain/github-trending
CVE-2024-21683 - https://github.com/jafshare/GithubTrending
CVE-2024-21683 - https://github.com/johe123qwe/github-trending
@@ -160767,6 +161423,7 @@ CVE-2024-21733 - https://github.com/1N3/1N3
CVE-2024-21733 - https://github.com/Marco-zcl/POC
CVE-2024-21733 - https://github.com/Ostorlab/KEV
CVE-2024-21733 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-21733 - https://github.com/versio-io/product-lifecycle-security-api
CVE-2024-21733 - https://github.com/wjlin0/poc-doc
CVE-2024-21733 - https://github.com/wy876/POC
CVE-2024-21734 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -160935,6 +161592,7 @@ CVE-2024-21911 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-21919 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-21920 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2193 - https://github.com/NaInSec/CVE-LIST
+CVE-2024-2193 - https://github.com/codexlynx/hardware-attacks-state-of-the-art
CVE-2024-2193 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2193 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-2193 - https://github.com/uthrasri/CVE-2024-2193
@@ -161016,6 +161674,7 @@ CVE-2024-22120 - https://github.com/Threekiii/CVE
CVE-2024-22120 - https://github.com/W01fh4cker/CVE-2024-22120-RCE
CVE-2024-22120 - https://github.com/ZonghaoLi777/githubTrending
CVE-2024-22120 - https://github.com/aneasystone/github-trending
+CVE-2024-22120 - https://github.com/enomothem/PenTestNote
CVE-2024-22120 - https://github.com/fireinrain/github-trending
CVE-2024-22120 - https://github.com/johe123qwe/github-trending
CVE-2024-22120 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -161269,6 +161928,7 @@ CVE-2024-22551 - https://github.com/capture0x/My-CVE
CVE-2024-22567 - https://github.com/labesterOct/CVE-2024-22567
CVE-2024-22567 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-22569 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-2257 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-2258 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-22588 - https://github.com/QUICTester/QUICTester
CVE-2024-22588 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -161291,6 +161951,7 @@ CVE-2024-22640 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-22640 - https://github.com/zunak/CVE-2024-22640
CVE-2024-22641 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-22641 - https://github.com/zunak/CVE-2024-22641
+CVE-2024-22663 - https://github.com/Joe1sn/Joe1sn
CVE-2024-22667 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-22675 - https://github.com/l00neyhacker/CVE-2024-22675
CVE-2024-22676 - https://github.com/l00neyhacker/CVE-2024-22676
@@ -161510,6 +162171,7 @@ CVE-2024-23279 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-23280 - https://github.com/NaInSec/CVE-LIST
CVE-2024-23280 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-23281 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-23282 - https://github.com/dlehgus1023/dlehgus1023
CVE-2024-23283 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-23284 - https://github.com/NaInSec/CVE-LIST
CVE-2024-23284 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -161653,6 +162315,12 @@ CVE-2024-23672 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-23673 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-23689 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2369 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-2369 - https://github.com/tanjiti/sec_profile
+CVE-2024-23692 - https://github.com/Threekiii/CVE
+CVE-2024-23692 - https://github.com/enomothem/PenTestNote
+CVE-2024-23692 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-23692 - https://github.com/tanjiti/sec_profile
+CVE-2024-23692 - https://github.com/wy876/POC
CVE-2024-2370 - https://github.com/NaInSec/CVE-LIST
CVE-2024-2370 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-23721 - https://github.com/NaInSec/CVE-LIST
@@ -161806,6 +162474,7 @@ CVE-2024-2389 - https://github.com/Ostorlab/KEV
CVE-2024-2389 - https://github.com/RhinoSecurityLabs/CVEs
CVE-2024-2389 - https://github.com/YN1337/exploit
CVE-2024-2389 - https://github.com/adhikara13/CVE-2024-2389
+CVE-2024-2389 - https://github.com/enomothem/PenTestNote
CVE-2024-2389 - https://github.com/getdrive/PoC
CVE-2024-2389 - https://github.com/mayur-esh/vuln-liners
CVE-2024-2389 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -162160,6 +162829,7 @@ CVE-2024-24578 - https://github.com/NaInSec/CVE-LIST
CVE-2024-24579 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2459 - https://github.com/NaInSec/CVE-LIST
CVE-2024-24590 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-24590 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-24591 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-24592 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-24593 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -162269,6 +162939,7 @@ CVE-2024-24835 - https://github.com/NaInSec/CVE-LIST
CVE-2024-24835 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-24836 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-24838 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-2484 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-24840 - https://github.com/NaInSec/CVE-LIST
CVE-2024-24840 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-24845 - https://github.com/NaInSec/CVE-LIST
@@ -162329,6 +163000,7 @@ CVE-2024-24919 - https://github.com/Ostorlab/KEV
CVE-2024-24919 - https://github.com/Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN
CVE-2024-24919 - https://github.com/RevoltSecurities/CVE-2024-24919
CVE-2024-24919 - https://github.com/Rug4lo/CVE-2024-24919-Exploit
+CVE-2024-24919 - https://github.com/Threekiii/CVE
CVE-2024-24919 - https://github.com/Tim-Hoekstra/CVE-2024-24919
CVE-2024-24919 - https://github.com/Vulnpire/CVE-2024-24919
CVE-2024-24919 - https://github.com/YN1337/CVE-2024-24919
@@ -162336,7 +163008,9 @@ CVE-2024-24919 - https://github.com/am-eid/CVE-2024-24919
CVE-2024-24919 - https://github.com/bigb0x/CVE-2024-24919-Sniper
CVE-2024-24919 - https://github.com/birdlex/cve-2024-24919-checker
CVE-2024-24919 - https://github.com/c3rrberu5/CVE-2024-24919
+CVE-2024-24919 - https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap
CVE-2024-24919 - https://github.com/emanueldosreis/CVE-2024-24919
+CVE-2024-24919 - https://github.com/enomothem/PenTestNote
CVE-2024-24919 - https://github.com/eoslvs/CVE-2024-24919
CVE-2024-24919 - https://github.com/fernandobortotti/CVE-2024-24919
CVE-2024-24919 - https://github.com/gurudattch/CVE-2024-24919
@@ -162422,9 +163096,11 @@ CVE-2024-25101 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-25102 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-25103 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2511 - https://github.com/GrigGM/05-virt-04-docker-hw
+CVE-2024-2511 - https://github.com/bcgov/jag-cdds
CVE-2024-2511 - https://github.com/chnzzh/OpenSSL-CVE-lib
CVE-2024-2511 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-25110 - https://github.com/0xdea/advisories
+CVE-2024-25111 - https://github.com/MegaManSec/Squid-Security-Audit
CVE-2024-25118 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-25119 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-25120 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -162594,6 +163270,7 @@ CVE-2024-2535 - https://github.com/NaInSec/CVE-LIST
CVE-2024-2535 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-25350 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-25351 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-25359 - https://github.com/bayuncao/bayuncao
CVE-2024-25360 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-25366 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-25369 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -162753,6 +163430,7 @@ CVE-2024-25603 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2561 - https://github.com/NaInSec/CVE-LIST
CVE-2024-2561 - https://github.com/tanjiti/sec_profile
CVE-2024-25610 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-25617 - https://github.com/MegaManSec/Squid-Security-Audit
CVE-2024-25617 - https://github.com/NaInSec/CVE-LIST
CVE-2024-2562 - https://github.com/NaInSec/CVE-LIST
CVE-2024-25620 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -162827,6 +163505,7 @@ CVE-2024-25731 - https://github.com/actuator/com.cn.dq.ipc
CVE-2024-25731 - https://github.com/actuator/cve
CVE-2024-25731 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-25733 - https://github.com/hackintoanetwork/ARC-Browser-Address-Bar-Spoofing-PoC
+CVE-2024-25733 - https://github.com/hackintoanetwork/hackintoanetwork
CVE-2024-25733 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-25734 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-25735 - https://github.com/codeb0ss/CVE-2024-25735-PoC
@@ -162991,6 +163670,7 @@ CVE-2024-25993 - https://github.com/NaInSec/CVE-LIST
CVE-2024-26019 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-26026 - https://github.com/GRTMALDET/Big-IP-Next-CVE-2024-26026
CVE-2024-26026 - https://github.com/Threekiii/CVE
+CVE-2024-26026 - https://github.com/enomothem/PenTestNote
CVE-2024-26026 - https://github.com/netlas-io/netlas-dorks
CVE-2024-26026 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-26026 - https://github.com/passwa11/CVE-2024-26026
@@ -163129,6 +163809,11 @@ CVE-2024-26218 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-26218 - https://github.com/tanjiti/sec_profile
CVE-2024-2622 - https://github.com/NaInSec/CVE-LIST
CVE-2024-2622 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-26229 - https://github.com/0xMarcio/cve
+CVE-2024-26229 - https://github.com/GhostTroops/TOP
+CVE-2024-26229 - https://github.com/michredteam/PoC-26229
+CVE-2024-26229 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-26229 - https://github.com/tanjiti/sec_profile
CVE-2024-26246 - https://github.com/NaInSec/CVE-LIST
CVE-2024-26247 - https://github.com/NaInSec/CVE-LIST
CVE-2024-26247 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -163303,6 +163988,7 @@ CVE-2024-26598 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-26599 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-26600 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-26601 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-26602 - https://github.com/codexlynx/hardware-attacks-state-of-the-art
CVE-2024-26602 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-26603 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-26604 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -163510,6 +164196,7 @@ CVE-2024-27140 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2715 - https://github.com/NaInSec/CVE-LIST
CVE-2024-2716 - https://github.com/NaInSec/CVE-LIST
CVE-2024-2717 - https://github.com/NaInSec/CVE-LIST
+CVE-2024-27173 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-2718 - https://github.com/NaInSec/CVE-LIST
CVE-2024-27189 - https://github.com/NaInSec/CVE-LIST
CVE-2024-27189 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -163647,6 +164334,7 @@ CVE-2024-2728 - https://github.com/NaInSec/CVE-LIST
CVE-2024-27280 - https://github.com/lifeparticle/Ruby-Cheatsheet
CVE-2024-27281 - https://github.com/lifeparticle/Ruby-Cheatsheet
CVE-2024-27282 - https://github.com/lifeparticle/Ruby-Cheatsheet
+CVE-2024-27282 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-27283 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-27284 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-27285 - https://github.com/NaInSec/CVE-LIST
@@ -163664,6 +164352,7 @@ CVE-2024-27306 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-27310 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-27316 - https://github.com/Ampferl/poc_http2-continuation-flood
CVE-2024-27316 - https://github.com/DrewskyDev/H2Flood
+CVE-2024-27316 - https://github.com/EzeTauil/Maquina-Upload
CVE-2024-27316 - https://github.com/Vos68/HTTP2-Continuation-Flood-PoC
CVE-2024-27316 - https://github.com/aeyesec/CVE-2024-27316_poc
CVE-2024-27316 - https://github.com/lockness-Ko/CVE-2024-27316
@@ -163861,8 +164550,11 @@ CVE-2024-27804 - https://github.com/GhostTroops/TOP
CVE-2024-27804 - https://github.com/R00tkitSMM/CVE-2024-27804
CVE-2024-27804 - https://github.com/SnoopyTools/Rootkit-cve2024
CVE-2024-27804 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-27815 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-27822 - https://github.com/houjingyi233/macOS-iOS-system-security
CVE-2024-27830 - https://github.com/Joe12387/Joe12387
+CVE-2024-27830 - https://github.com/Joe12387/safari-canvas-fingerprinting-exploit
+CVE-2024-27834 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-27842 - https://github.com/tanjiti/sec_profile
CVE-2024-27900 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-27902 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -164221,6 +164913,9 @@ CVE-2024-28404 - https://github.com/NaInSec/CVE-LIST
CVE-2024-28404 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-28417 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-28418 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-28423 - https://github.com/bayuncao/bayuncao
+CVE-2024-28424 - https://github.com/bayuncao/bayuncao
+CVE-2024-28425 - https://github.com/bayuncao/bayuncao
CVE-2024-28429 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-28430 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-28431 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -164391,6 +165086,7 @@ CVE-2024-28834 - https://github.com/GitHubForSnap/ssmtp-gael
CVE-2024-28834 - https://github.com/GrigGM/05-virt-04-docker-hw
CVE-2024-28834 - https://github.com/NaInSec/CVE-LIST
CVE-2024-28834 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-28834 - https://github.com/m-pasima/CI-CD-Security-image-scan
CVE-2024-28835 - https://github.com/GitHubForSnap/ssmtp-gael
CVE-2024-28835 - https://github.com/GrigGM/05-virt-04-docker-hw
CVE-2024-28835 - https://github.com/NaInSec/CVE-LIST
@@ -164444,6 +165140,10 @@ CVE-2024-2896 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-28971 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-28978 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-28979 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-28995 - https://github.com/enomothem/PenTestNote
+CVE-2024-28995 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-28995 - https://github.com/tanjiti/sec_profile
+CVE-2024-28995 - https://github.com/wy876/POC
CVE-2024-29003 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29009 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29018 - https://github.com/NaInSec/CVE-LIST
@@ -164585,11 +165285,13 @@ CVE-2024-29197 - https://github.com/mansploit/CVE-2024-29197-exploit
CVE-2024-29197 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-29199 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29200 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29201 - https://github.com/Threekiii/Awesome-POC
CVE-2024-29201 - https://github.com/enomothem/PenTestNote
CVE-2024-29201 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-29201 - https://github.com/tanjiti/sec_profile
CVE-2024-29201 - https://github.com/wjlin0/poc-doc
CVE-2024-29201 - https://github.com/wy876/POC
+CVE-2024-29202 - https://github.com/Threekiii/Awesome-POC
CVE-2024-29202 - https://github.com/enomothem/PenTestNote
CVE-2024-29202 - https://github.com/tanjiti/sec_profile
CVE-2024-29202 - https://github.com/wjlin0/poc-doc
@@ -164657,6 +165359,7 @@ CVE-2024-29272 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-29273 - https://github.com/NaInSec/CVE-LIST
CVE-2024-29273 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29275 - https://github.com/NaInSec/CVE-LIST
+CVE-2024-29275 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-29278 - https://github.com/QDming/cve
CVE-2024-29278 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29278 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -164815,6 +165518,9 @@ CVE-2024-29810 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29811 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29812 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2982 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29824 - https://github.com/enomothem/PenTestNote
+CVE-2024-29824 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29824 - https://github.com/wy876/POC
CVE-2024-2983 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29832 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29833 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -164822,6 +165528,7 @@ CVE-2024-2984 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29844 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29849 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-29849 - https://github.com/sinsinology/CVE-2024-29849
+CVE-2024-29855 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-29857 - https://github.com/cdupuis/aspnetapp
CVE-2024-29858 - https://github.com/NaInSec/CVE-LIST
CVE-2024-29859 - https://github.com/NaInSec/CVE-LIST
@@ -164900,6 +165607,9 @@ CVE-2024-2996 - https://github.com/Srivishnu-p/CVEs-and-Vulnerabilities
CVE-2024-2996 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-2997 - https://github.com/Srivishnu-p/CVEs-and-Vulnerabilities
CVE-2024-2997 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29972 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29973 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29973 - https://github.com/wy876/POC
CVE-2024-2998 - https://github.com/Srivishnu-p/CVEs-and-Vulnerabilities
CVE-2024-2998 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-29981 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -164938,7 +165648,13 @@ CVE-2024-30056 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-30056 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3006 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3007 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-30078 - https://github.com/0xMarcio/cve
+CVE-2024-30078 - https://github.com/GhostTroops/TOP
+CVE-2024-30078 - https://github.com/enomothem/PenTestNote
+CVE-2024-30078 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-30078 - https://github.com/stryngs/edgedressing
CVE-2024-3008 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-30080 - https://github.com/tanjiti/sec_profile
CVE-2024-3009 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3010 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3011 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -164961,6 +165677,7 @@ CVE-2024-30203 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-30204 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-30205 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-30210 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-30212 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3022 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-30221 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-30222 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -164997,6 +165714,7 @@ CVE-2024-30255 - https://github.com/Vos68/HTTP2-Continuation-Flood-PoC
CVE-2024-30255 - https://github.com/blackmagic2023/Envoy-CPU-Exhaustion-Vulnerability-PoC
CVE-2024-30255 - https://github.com/lockness-Ko/CVE-2024-27316
CVE-2024-30255 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-30256 - https://github.com/OrenGitHub/dhscanner
CVE-2024-30260 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-30261 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-30262 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -165004,6 +165722,7 @@ CVE-2024-30263 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-30266 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-30269 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3027 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-30270 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3030 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3032 - https://github.com/Chocapikk/My-CVEs
CVE-2024-3034 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -165309,6 +166028,7 @@ CVE-2024-3094 - https://github.com/dparksports/detect_intrusion
CVE-2024-3094 - https://github.com/drdry2/CVE-2024-3094-EXPLOIT
CVE-2024-3094 - https://github.com/duytruongpham/duytruongpham
CVE-2024-3094 - https://github.com/emirkmo/xz-backdoor-github
+CVE-2024-3094 - https://github.com/enomothem/PenTestNote
CVE-2024-3094 - https://github.com/felipecosta09/cve-2024-3094
CVE-2024-3094 - https://github.com/fevar54/Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-
CVE-2024-3094 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -165419,6 +166139,7 @@ CVE-2024-31142 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-31156 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3116 - https://github.com/FoxyProxys/CVE-2024-3116
CVE-2024-3116 - https://github.com/TechieNeurons/CVE-2024-3116_RCE_in_pgadmin_8.4
+CVE-2024-3116 - https://github.com/enomothem/PenTestNote
CVE-2024-3116 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3116 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3116 - https://github.com/tanjiti/sec_profile
@@ -165430,6 +166151,7 @@ CVE-2024-31205 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-31207 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-31208 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-31209 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-31210 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-31213 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-31214 - https://github.com/nvn1729/advisories
CVE-2024-31215 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -165496,6 +166218,7 @@ CVE-2024-31492 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-31497 - https://github.com/HugoBond/CVE-2024-31497-POC
CVE-2024-31497 - https://github.com/PazDak/LoonSecurity
CVE-2024-31497 - https://github.com/ViktorNaum/CVE-2024-31497-POC
+CVE-2024-31497 - https://github.com/daedalus/BreakingECDSAwithLLL
CVE-2024-31497 - https://github.com/edutko/cve-2024-31497
CVE-2024-31497 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-31497 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -165558,6 +166281,7 @@ CVE-2024-31851 - https://github.com/Stuub/CVE-2024-31848-PoC
CVE-2024-31851 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-31852 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-31857 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-31861 - https://github.com/enomothem/PenTestNote
CVE-2024-31861 - https://github.com/tanjiti/sec_profile
CVE-2024-31864 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-31865 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -165589,6 +166313,9 @@ CVE-2024-31974 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-31975 - https://github.com/actuator/cve
CVE-2024-31976 - https://github.com/actuator/cve
CVE-2024-31977 - https://github.com/actuator/cve
+CVE-2024-31982 - https://github.com/tanjiti/sec_profile
+CVE-2024-320002 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-32002 - https://github.com/0xMarcio/cve
CVE-2024-32002 - https://github.com/10cks/CVE-2024-32002-EXP
CVE-2024-32002 - https://github.com/10cks/CVE-2024-32002-POC
CVE-2024-32002 - https://github.com/10cks/CVE-2024-32002-hulk
@@ -165648,6 +166375,7 @@ CVE-2024-32002 - https://github.com/kun-g/Scraping-Github-trending
CVE-2024-32002 - https://github.com/markuta/CVE-2024-32002
CVE-2024-32002 - https://github.com/markuta/hooky
CVE-2024-32002 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-32002 - https://github.com/p1tsi/misc
CVE-2024-32002 - https://github.com/pkjmesra/PKScreener
CVE-2024-32002 - https://github.com/safebuffer/CVE-2024-32002
CVE-2024-32002 - https://github.com/sampsonv/github-trending
@@ -165677,6 +166405,7 @@ CVE-2024-32018 - https://github.com/0xdea/advisories
CVE-2024-32018 - https://github.com/hnsecurity/vulns
CVE-2024-32020 - https://github.com/testing-felickz/docker-scout-demo
CVE-2024-32021 - https://github.com/testing-felickz/docker-scout-demo
+CVE-2024-32022 - https://github.com/OrenGitHub/dhscanner
CVE-2024-3203 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3204 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-32049 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -165689,10 +166418,12 @@ CVE-2024-32113 - https://github.com/Mr-xn/CVE-2024-32113
CVE-2024-32113 - https://github.com/Ostorlab/KEV
CVE-2024-32113 - https://github.com/Threekiii/CVE
CVE-2024-32113 - https://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit
+CVE-2024-32113 - https://github.com/enomothem/PenTestNote
CVE-2024-32113 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-32113 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-32113 - https://github.com/tanjiti/sec_profile
CVE-2024-32114 - https://github.com/Threekiii/CVE
+CVE-2024-32114 - https://github.com/enomothem/PenTestNote
CVE-2024-32114 - https://github.com/tanjiti/sec_profile
CVE-2024-3213 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-32136 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -165757,6 +166488,7 @@ CVE-2024-32638 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-32640 - https://github.com/0x3f3c/CVE-2024-32640-SQLI-MuraCMS
CVE-2024-32640 - https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS
CVE-2024-32640 - https://github.com/Threekiii/CVE
+CVE-2024-32640 - https://github.com/enomothem/PenTestNote
CVE-2024-32640 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-32640 - https://github.com/sammings/CVE-2024-32640
CVE-2024-32640 - https://github.com/tanjiti/sec_profile
@@ -165789,6 +166521,7 @@ CVE-2024-3272 - https://github.com/wy876/POC
CVE-2024-3272 - https://github.com/wy876/wiki
CVE-2024-32725 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-32728 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-3273 - https://github.com/0xMarcio/cve
CVE-2024-3273 - https://github.com/Chocapikk/CVE-2024-3273
CVE-2024-3273 - https://github.com/GhostTroops/TOP
CVE-2024-3273 - https://github.com/K3ysTr0K3R/CVE-2024-3273-EXPLOIT
@@ -166040,6 +166773,7 @@ CVE-2024-33905 - https://github.com/tanjiti/sec_profile
CVE-2024-33911 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-33911 - https://github.com/xbz0n/CVE-2024-33911
CVE-2024-3400 - https://github.com/0x0d3ad/CVE-2024-3400
+CVE-2024-3400 - https://github.com/0xMarcio/cve
CVE-2024-3400 - https://github.com/0xr2r/CVE-2024-3400-Palo-Alto-OS-Command-Injection
CVE-2024-3400 - https://github.com/AdaniKamal/CVE-2024-3400
CVE-2024-3400 - https://github.com/CONDITIONBLACK/CVE-2024-3400-POC
@@ -166065,6 +166799,7 @@ CVE-2024-3400 - https://github.com/ak1t4/CVE-2024-3400
CVE-2024-3400 - https://github.com/andrelia-hacks/CVE-2024-3400
CVE-2024-3400 - https://github.com/aneasystone/github-trending
CVE-2024-3400 - https://github.com/codeblueprint/CVE-2024-3400
+CVE-2024-3400 - https://github.com/enomothem/PenTestNote
CVE-2024-3400 - https://github.com/fatguru/dorks
CVE-2024-3400 - https://github.com/fireinrain/github-trending
CVE-2024-3400 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166181,6 +166916,8 @@ CVE-2024-34447 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-34448 - https://github.com/phulelouch/CVEs
CVE-2024-34449 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3445 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-34452 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-34452 - https://github.com/surajhacx/CVE-2024-34452
CVE-2024-34454 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3446 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-34460 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166437,6 +167174,10 @@ CVE-2024-36079 - https://github.com/DxRvs/vaultize_CVE-2024-36079
CVE-2024-36079 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-36104 - https://github.com/Co5mos/nuclei-tps
CVE-2024-36104 - https://github.com/Mr-xn/CVE-2024-32113
+CVE-2024-36104 - https://github.com/Threekiii/Awesome-POC
+CVE-2024-36104 - https://github.com/Threekiii/CVE
+CVE-2024-36104 - https://github.com/enomothem/PenTestNote
+CVE-2024-36104 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-36104 - https://github.com/tanjiti/sec_profile
CVE-2024-36104 - https://github.com/wy876/POC
CVE-2024-36104 - https://github.com/wy876/wiki
@@ -166452,6 +167193,7 @@ CVE-2024-3628 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3634 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3640 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-36405 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-36416 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-36426 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-36428 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-36428 - https://github.com/tanjiti/sec_profile
@@ -166460,10 +167202,14 @@ CVE-2024-36428 - https://github.com/wy876/wiki
CVE-2024-36437 - https://github.com/actuator/cve
CVE-2024-3645 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3652 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-36522 - https://github.com/Threekiii/CVE
+CVE-2024-36522 - https://github.com/enomothem/PenTestNote
+CVE-2024-36527 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-36586 - https://github.com/go-compile/security-advisories
CVE-2024-36587 - https://github.com/go-compile/security-advisories
CVE-2024-36588 - https://github.com/go-compile/security-advisories
CVE-2024-36589 - https://github.com/go-compile/security-advisories
+CVE-2024-36597 - https://github.com/wy876/POC
CVE-2024-3661 - https://github.com/a1xbit/DecloakingVPN
CVE-2024-3661 - https://github.com/apiverve/news-API
CVE-2024-3661 - https://github.com/bollwarm/SecToolSet
@@ -166474,7 +167220,15 @@ CVE-2024-3661 - https://github.com/leviathansecurity/TunnelVision
CVE-2024-3661 - https://github.com/tanjiti/sec_profile
CVE-2024-36673 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3668 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-36755 - https://github.com/YjjNJUPT/AsiaCCS2024_vul_report
+CVE-2024-36756 - https://github.com/YjjNJUPT/AsiaCCS2024_vul_report
+CVE-2024-36757 - https://github.com/YjjNJUPT/AsiaCCS2024_vul_report
+CVE-2024-36758 - https://github.com/YjjNJUPT/AsiaCCS2024_vul_report
+CVE-2024-36759 - https://github.com/YjjNJUPT/AsiaCCS2024_vul_report
CVE-2024-36795 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-36821 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-36837 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-36837 - https://github.com/tanjiti/sec_profile
CVE-2024-3686 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3687 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3688 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166498,12 +167252,19 @@ CVE-2024-3699 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3700 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3704 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3705 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-37051 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3706 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3707 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-37079 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-37079 - https://github.com/tanjiti/sec_profile
+CVE-2024-37080 - https://github.com/tanjiti/sec_profile
CVE-2024-3714 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3729 - https://github.com/chnzzh/OpenSSL-CVE-lib
+CVE-2024-37305 - https://github.com/chnzzh/OpenSSL-CVE-lib
+CVE-2024-37309 - https://github.com/chnzzh/OpenSSL-CVE-lib
CVE-2024-3735 - https://github.com/ahmedvienna/CVEs-and-Vulnerabilities
CVE-2024-3737 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-37393 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-37407 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3744 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3745 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166527,17 +167288,26 @@ CVE-2024-3770 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3772 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3772 - https://github.com/seal-community/patches
CVE-2024-3774 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-37742 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3775 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-37759 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3776 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3777 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3778 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-37791 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3781 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3782 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3783 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3784 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-37843 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3785 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3786 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-37880 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-37885 - https://github.com/LOURC0D3/LOURC0D3
+CVE-2024-37888 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-37889 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-37891 - https://github.com/PBorocz/raindrop-io-py
+CVE-2024-37894 - https://github.com/MegaManSec/Squid-Security-Audit
CVE-2024-3797 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3806 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3806 - https://github.com/tanjiti/sec_profile
@@ -166549,12 +167319,17 @@ CVE-2024-3817 - https://github.com/otms61/vex_dir
CVE-2024-3822 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3823 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3824 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-38276 - https://github.com/cli-ish/cli-ish
CVE-2024-3832 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3833 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3834 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-38355 - https://github.com/Y0ursTruly/Y0ursTruly
CVE-2024-3837 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-38379 - https://github.com/waspthebughunter/waspthebughunter
CVE-2024-3838 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3839 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-38395 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-38396 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3840 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3841 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3843 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166581,6 +167356,7 @@ CVE-2024-3892 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3895 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3897 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3914 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-3922 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-3928 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-3931 - https://github.com/2lambda123/cisagov-vulnrichment
CVE-2024-3931 - https://github.com/cisagov/vulnrichment
@@ -166618,6 +167394,7 @@ CVE-2024-4040 - https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC
CVE-2024-4040 - https://github.com/Y4tacker/JavaSec
CVE-2024-4040 - https://github.com/absholi7ly/absholi7ly
CVE-2024-4040 - https://github.com/airbus-cert/CVE-2024-4040
+CVE-2024-4040 - https://github.com/enomothem/PenTestNote
CVE-2024-4040 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4040 - https://github.com/getdrive/PoC
CVE-2024-4040 - https://github.com/gotr00t0day/CVE-2024-4040
@@ -166638,6 +167415,7 @@ CVE-2024-4058 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4059 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4060 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4064 - https://github.com/helloyhrr/IoT_vulnerability
+CVE-2024-4068 - https://github.com/seal-community/patches
CVE-2024-4083 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4085 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4086 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166668,6 +167446,8 @@ CVE-2024-4202 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4203 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4208 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4226 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-4231 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-4232 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-4233 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4234 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4235 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166692,6 +167472,7 @@ CVE-2024-4298 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4299 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4300 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4301 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-4313 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4317 - https://github.com/wiltondb/wiltondb
CVE-2024-4323 - https://github.com/d0rb/CVE-2024-4323
CVE-2024-4323 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -166714,6 +167495,7 @@ CVE-2024-4354 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4357 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4358 - https://github.com/GhostTroops/TOP
CVE-2024-4358 - https://github.com/Harydhk7/CVE-2024-4358
+CVE-2024-4358 - https://github.com/Ostorlab/KEV
CVE-2024-4358 - https://github.com/RevoltSecurities/CVE-2024-4358
CVE-2024-4358 - https://github.com/Sk1dr0wz/CVE-2024-4358_Mass_Exploit
CVE-2024-4358 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -166764,6 +167546,7 @@ CVE-2024-4445 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4451 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4468 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4473 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-4484 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-4488 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4489 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4493 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166798,6 +167581,7 @@ CVE-2024-4561 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4562 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4568 - https://github.com/bladchan/bladchan
CVE-2024-4577 - https://github.com/0x20c/CVE-2024-4577-nuclei
+CVE-2024-4577 - https://github.com/0xMarcio/cve
CVE-2024-4577 - https://github.com/0xsyr0/OSCP
CVE-2024-4577 - https://github.com/11whoami99/CVE-2024-4577
CVE-2024-4577 - https://github.com/Chocapikk/CVE-2024-4577
@@ -166805,13 +167589,19 @@ CVE-2024-4577 - https://github.com/GhostTroops/TOP
CVE-2024-4577 - https://github.com/Junp0/CVE-2024-4577
CVE-2024-4577 - https://github.com/K3ysTr0K3R/CVE-2024-4577-EXPLOIT
CVE-2024-4577 - https://github.com/K3ysTr0K3R/K3ysTr0K3R
+CVE-2024-4577 - https://github.com/Ostorlab/KEV
CVE-2024-4577 - https://github.com/Sysc4ll3r/CVE-2024-4577
CVE-2024-4577 - https://github.com/TAM-K592/CVE-2024-4577
+CVE-2024-4577 - https://github.com/Threekiii/Awesome-POC
+CVE-2024-4577 - https://github.com/Threekiii/CVE
CVE-2024-4577 - https://github.com/WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP
CVE-2024-4577 - https://github.com/Wh02m1/CVE-2024-4577
+CVE-2024-4577 - https://github.com/XiangDongCJC/CVE-2024-4577-PHP-CGI-RCE
CVE-2024-4577 - https://github.com/Yukiioz/CVE-2024-4577
CVE-2024-4577 - https://github.com/ZephrFish/CVE-2024-4577-PHP-RCE
+CVE-2024-4577 - https://github.com/bl4cksku11/CVE-2024-4577
CVE-2024-4577 - https://github.com/dbyMelina/CVE-2024-4577
+CVE-2024-4577 - https://github.com/enomothem/PenTestNote
CVE-2024-4577 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4577 - https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template
CVE-2024-4577 - https://github.com/it-t4mpan/check_cve_2024_4577.sh
@@ -166845,6 +167635,7 @@ CVE-2024-4596 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4599 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4600 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4601 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-4603 - https://github.com/bcgov/jag-cdds
CVE-2024-4603 - https://github.com/chnzzh/OpenSSL-CVE-lib
CVE-2024-4603 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4609 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166923,7 +167714,9 @@ CVE-2024-4853 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4854 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4855 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4858 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-4859 - https://github.com/JoshuaMart/JoshuaMart
CVE-2024-4859 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-4860 - https://github.com/JoshuaMart/JoshuaMart
CVE-2024-4860 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4865 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4871 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166933,6 +167726,7 @@ CVE-2024-48788 - https://github.com/mrobsidian1/CVE-2023-48788-Proof-of-concept-
CVE-2024-4891 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4893 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4894 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-4898 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-4903 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4923 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4925 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -166957,6 +167751,7 @@ CVE-2024-4956 - https://github.com/TypicalModMaker/CVE-2024-4956
CVE-2024-4956 - https://github.com/X1r0z/JettyFuzz
CVE-2024-4956 - https://github.com/banditzCyber0x/CVE-2024-4956
CVE-2024-4956 - https://github.com/codeb0ss/CVE-2024-4956-PoC
+CVE-2024-4956 - https://github.com/enomothem/PenTestNote
CVE-2024-4956 - https://github.com/erickfernandox/CVE-2024-4956
CVE-2024-4956 - https://github.com/fin3ss3g0d/CVE-2024-4956
CVE-2024-4956 - https://github.com/fin3ss3g0d/Shiro1Extractor
@@ -166974,6 +167769,8 @@ CVE-2024-4956 - https://github.com/wjlin0/poc-doc
CVE-2024-4956 - https://github.com/wy876/POC
CVE-2024-4956 - https://github.com/wy876/wiki
CVE-2024-4956 - https://github.com/xungzzz/CVE-2024-4956
+CVE-2024-4959 - https://github.com/JoshuaMart/JoshuaMart
+CVE-2024-4960 - https://github.com/JoshuaMart/JoshuaMart
CVE-2024-49606 - https://github.com/netlas-io/netlas-dorks
CVE-2024-4966 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-4978 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -167010,6 +167807,7 @@ CVE-2024-5112 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5113 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5114 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5187 - https://github.com/sunriseXu/sunriseXu
+CVE-2024-5208 - https://github.com/sev-hack/sev-hack
CVE-2024-5218 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5220 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5229 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -167017,6 +167815,7 @@ CVE-2024-5273 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5274 - https://github.com/kip93/kip93
CVE-2024-5326 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-5326 - https://github.com/truonghuuphuc/CVE-2024-5326-Poc
+CVE-2024-5346 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5359 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5360 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5361 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -167040,6 +167839,7 @@ CVE-2024-5542 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5555 - https://github.com/JohnnyBradvo/CVE-2024-5555
CVE-2024-5555 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-5585 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-5585 - https://github.com/tianstcht/tianstcht
CVE-2024-5599 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5613 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5637 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -167061,6 +167861,8 @@ CVE-2024-5774 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5775 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5785 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-5786 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-5791 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-6120 - https://github.com/fkie-cad/nvd-json-data-feeds
CVE-2024-6271 - https://github.com/Jokergazaa/zero-click-exploits
CVE-2024-65230 - https://github.com/nomi-sec/PoC-in-GitHub
CVE-2024-6666 - https://github.com/JohnnyBradvo/CVE-2024-6666
@@ -167077,6 +167879,7 @@ CVE-2104-4114 - https://github.com/likescam/APT_CyberCriminal_Campagin_Collectio
CVE-2104-4114 - https://github.com/likescam/CyberMonitor-APT_CyberCriminal_Campagin_Collections
CVE-2104-4114 - https://github.com/sumas/APT_CyberCriminal_Campagin_Collections
CVE-2106-2504 - https://github.com/ndk191/linux-kernel-exploitation
+CVE-2106-2504 - https://github.com/wkhnh06/linux-kernel-exploitation
CVE-2106-2504 - https://github.com/xairy/linux-kernel-exploitation
CVE-2121-44228 - https://github.com/NaInSec/CVE-PoC-in-GitHub
CVE-2121-44228 - https://github.com/WhooAmii/POC_to_review
diff --git a/references.txt b/references.txt
index b4b783e26..ac8651d65 100644
--- a/references.txt
+++ b/references.txt
@@ -2546,6 +2546,7 @@ CVE-2005-4874 - https://bugzilla.mozilla.org/show_bug.cgi?id=297078
CVE-2005-4890 - http://www.openwall.com/lists/oss-security/2014/10/20/9
CVE-2005-4890 - http://www.openwall.com/lists/oss-security/2014/10/21/1
CVE-2005-4900 - https://kc.mcafee.com/corporate/index?page=content&id=SB10340
+CVE-2006-0001 - http://www.computerterrorism.com/research/ct12-09-2006-2.htm
CVE-2006-0001 - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-054
CVE-2006-0002 - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-003
CVE-2006-0003 - https://www.exploit-db.com/exploits/2052
@@ -3801,6 +3802,7 @@ CVE-2006-3300 - https://www.exploit-db.com/exploits/1948
CVE-2006-3304 - https://www.exploit-db.com/exploits/1953
CVE-2006-3309 - https://www.exploit-db.com/exploits/1957
CVE-2006-3311 - http://securityreason.com/securityalert/1546
+CVE-2006-3311 - http://www.computerterrorism.com/research/ct12-09-2006.htm
CVE-2006-3313 - http://securityreason.com/securityalert/1168
CVE-2006-3315 - http://securityreason.com/securityalert/1176
CVE-2006-3317 - http://securityreason.com/securityalert/1173
@@ -5751,6 +5753,7 @@ CVE-2007-0029 - https://docs.microsoft.com/en-us/security-updates/securitybullet
CVE-2007-0030 - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-002
CVE-2007-0031 - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-002
CVE-2007-0033 - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-003
+CVE-2007-0034 - http://www.computerterrorism.com/research/ct09-01-2007.htm
CVE-2007-0034 - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-003
CVE-2007-0035 - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024
CVE-2007-0038 - http://securityreason.com/securityalert/2542
@@ -22495,6 +22498,7 @@ CVE-2012-6643 - http://packetstormsecurity.org/files/108489/clipbucket-sqlxss.tx
CVE-2012-6644 - http://packetstormsecurity.org/files/108489/clipbucket-sqlxss.txt
CVE-2012-6645 - http://drupal.org/node/1432318
CVE-2012-6658 - http://www.exploit-db.com/exploits/20063
+CVE-2012-6664 - https://www.exploit-db.com/exploits/41714
CVE-2012-6666 - https://www.exploit-db.com/exploits/37944
CVE-2012-6684 - http://co3k.org/blog/redcloth-unfixed-xss-en
CVE-2012-6684 - http://seclists.org/fulldisclosure/2014/Dec/50
@@ -25239,6 +25243,7 @@ CVE-2014-125035 - https://github.com/mrbobbybryant/Jobs-Plugin/commit/b8a56718b1
CVE-2014-125049 - https://vuldb.com/?id.217560
CVE-2014-125082 - https://github.com/nivit/redports/commit/fc2c1ea1b8d795094abb15ac73cab90830534e04
CVE-2014-125087 - https://github.com/jmurty/java-xmlbuilder/issues/6
+CVE-2014-125093 - https://vuldb.com/?id.222610
CVE-2014-1359 - http://packetstormsecurity.com/files/167630/launchd-Heap-Corruption.html
CVE-2014-1372 - https://code.google.com/p/google-security-research/issues/detail?id=18
CVE-2014-1401 - http://packetstormsecurity.com/files/125079
@@ -27160,6 +27165,7 @@ CVE-2014-5465 - http://packetstormsecurity.com/files/128024/WordPress-ShortCode-
CVE-2014-5465 - http://www.exploit-db.com/exploits/34436
CVE-2014-5468 - http://packetstormsecurity.com/files/128234/Railo-4.2.1-Remote-File-Inclusion.html
CVE-2014-5468 - http://www.exploit-db.com/exploits/34669
+CVE-2014-5470 - https://www.exploit-db.com/exploits/35549
CVE-2014-5471 - http://www.ubuntu.com/usn/USN-2358-1
CVE-2014-5472 - http://www.ubuntu.com/usn/USN-2358-1
CVE-2014-5507 - http://packetstormsecurity.com/files/128806/iBackup-10.0.0.32-Local-Privilege-Escalation.html
@@ -48257,6 +48263,7 @@ CVE-2018-10049 - https://pastebin.com/QbhRJp4q
CVE-2018-10050 - https://pastebin.com/UDEsFq3u
CVE-2018-10051 - https://pastebin.com/aQn3Cr2G
CVE-2018-10052 - https://pastebin.com/aeqYLK9u
+CVE-2018-10054 - https://github.com/h2database/h2database/issues/1225
CVE-2018-10054 - https://mthbernardes.github.io/rce/2018/03/14/abusing-h2-database-alias.html
CVE-2018-10054 - https://www.exploit-db.com/exploits/44422/
CVE-2018-10057 - http://www.openwall.com/lists/oss-security/2018/06/03/1
@@ -60439,6 +60446,7 @@ CVE-2019-25138 - https://blog.nintechnet.com/arbitrary-file-upload-vulnerability
CVE-2019-25139 - https://blog.nintechnet.com/unauthenticated-stored-xss-in-wordpress-coming-soon-page-and-maintenance-mode-plugin/
CVE-2019-25140 - https://blog.nintechnet.com/unauthenticated-stored-xss-in-wordpress-coming-soon-page-and-maintenance-mode-plugin/
CVE-2019-25141 - https://blog.nintechnet.com/critical-0day-vulnerability-fixed-in-wordpress-easy-wp-smtp-plugin/
+CVE-2019-25156 - https://vuldb.com/?id.244495
CVE-2019-2516 - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
CVE-2019-2517 - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
CVE-2019-2518 - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
@@ -62461,16 +62469,19 @@ CVE-2019-9506 - https://usn.ubuntu.com/4115-1/
CVE-2019-9506 - https://usn.ubuntu.com/4118-1/
CVE-2019-9510 - https://www.kb.cert.org/vuls/id/576688/
CVE-2019-9511 - https://kb.cert.org/vuls/id/605641/
+CVE-2019-9511 - https://usn.ubuntu.com/4099-1/
CVE-2019-9511 - https://www.oracle.com/security-alerts/cpujan2021.html
CVE-2019-9511 - https://www.oracle.com/security-alerts/cpuoct2020.html
CVE-2019-9511 - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
CVE-2019-9512 - https://kb.cert.org/vuls/id/605641/
CVE-2019-9513 - https://kb.cert.org/vuls/id/605641/
+CVE-2019-9513 - https://usn.ubuntu.com/4099-1/
CVE-2019-9513 - https://www.oracle.com/security-alerts/cpujan2021.html
CVE-2019-9513 - https://www.oracle.com/security-alerts/cpuoct2020.html
CVE-2019-9514 - https://kb.cert.org/vuls/id/605641/
CVE-2019-9515 - https://kb.cert.org/vuls/id/605641/
CVE-2019-9516 - https://kb.cert.org/vuls/id/605641/
+CVE-2019-9516 - https://usn.ubuntu.com/4099-1/
CVE-2019-9517 - https://kb.cert.org/vuls/id/605641/
CVE-2019-9517 - https://www.oracle.com/security-alerts/cpuapr2020.html
CVE-2019-9517 - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
@@ -67583,6 +67594,7 @@ CVE-2020-27349 - https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1899193
CVE-2020-2735 - https://www.oracle.com/security-alerts/cpuapr2020.html
CVE-2020-27350 - https://bugs.launchpad.net/bugs/1899193
CVE-2020-27351 - https://bugs.launchpad.net/bugs/1899193
+CVE-2020-27352 - https://bugs.launchpad.net/snapd/+bug/1910456
CVE-2020-27368 - https://github.com/swzhouu/CVE-2020-27368
CVE-2020-2737 - https://www.oracle.com/security-alerts/cpuapr2020.html
CVE-2020-27373 - https://nvermaa.medium.com/cve-on-radio-technology-d-4b65efa1ba5c
@@ -77037,6 +77049,7 @@ CVE-2021-3931 - https://huntr.dev/bounties/03b21d69-3bf5-4b2f-a2cf-872dd677a68f
CVE-2021-39312 - http://packetstormsecurity.com/files/165434/WordPress-The-True-Ranker-2.2.2-Arbitrary-File-Read.html
CVE-2021-39316 - http://packetstormsecurity.com/files/165146/WordPress-DZS-Zoomsounds-6.45-Arbitrary-File-Read.html
CVE-2021-39320 - https://wpscan.com/vulnerability/49ae1df0-d6d2-4cbb-9a9d-bf3599429875
+CVE-2021-39322 - https://wpvulndb.com/vulnerabilities/5e0bf0b6-9809-426b-b1d4-1fb653083b58
CVE-2021-39327 - http://packetstormsecurity.com/files/164420/WordPress-BulletProof-Security-5.1-Information-Disclosure.html
CVE-2021-39327 - https://www.exploit-db.com/exploits/50382
CVE-2021-39352 - http://packetstormsecurity.com/files/165207/WordPress-Catch-Themes-Demo-Import-1.6.1-Shell-Upload.html
@@ -85442,6 +85455,7 @@ CVE-2022-37771 - https://packetstormsecurity.com/files/167913/IObit-Malware-Figh
CVE-2022-37775 - http://genesys.com
CVE-2022-37775 - http://packetstormsecurity.com/files/168410/Genesys-PureConnect-Cross-Site-Scripting.html
CVE-2022-37781 - https://github.com/nu774/fdkaac/issues/54
+CVE-2022-37783 - http://www.openwall.com/lists/oss-security/2024/06/06/1
CVE-2022-37794 - https://github.com/anx0ing/CVE_demo/blob/main/2022/Library%20Management%20System%20with%20QR%20code%20Attendance%20and%20Auto%20Generate%20Library%20Card%20-%20SQL%20injections.md
CVE-2022-37797 - https://redmine.lighttpd.net/issues/3165
CVE-2022-37798 - https://github.com/Darry-lang1/vuln/tree/main/Tenda/AC1206/5
@@ -87191,6 +87205,7 @@ CVE-2022-45045 - https://vulncheck.com/blog/xiongmai-iot-exploitation
CVE-2022-4505 - https://huntr.dev/bounties/e36ca754-bb9f-4686-ad72-7fb849e97d92
CVE-2022-4506 - https://huntr.dev/bounties/f423d193-4ab0-4f03-ad90-25e4f02e7942
CVE-2022-45062 - https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/390
+CVE-2022-45063 - http://www.openwall.com/lists/oss-security/2024/06/17/1
CVE-2022-4507 - https://wpscan.com/vulnerability/93c61a70-5624-4c4d-ac3a-c598aec4f8b6
CVE-2022-4508 - https://wpscan.com/vulnerability/5101a979-7a53-40bf-8988-6347ef851eab
CVE-2022-4509 - https://wpscan.com/vulnerability/90baba2e-a64f-4725-b76c-3aed94b18910
@@ -87205,6 +87220,7 @@ CVE-2022-45132 - https://podalirius.net/en/articles/python-vulnerabilities-code-
CVE-2022-45144 - https://herolab.usd.de/security-advisories/usd-2022-0048/
CVE-2022-45163 - https://research.nccgroup.com/2022/11/17/cve-2022-45163/
CVE-2022-45163 - https://research.nccgroup.com/category/technical-advisory/
+CVE-2022-45168 - https://www.gruppotim.it/it/footer/red-team.html
CVE-2022-45169 - https://www.gruppotim.it/it/footer/red-team.html
CVE-2022-45170 - https://www.gruppotim.it/it/footer/red-team.html
CVE-2022-45171 - https://www.gruppotim.it/it/footer/red-team.html
@@ -87212,6 +87228,7 @@ CVE-2022-45172 - https://www.gruppotim.it/it/footer/red-team.html
CVE-2022-45173 - https://www.gruppotim.it/it/footer/red-team.html
CVE-2022-45174 - https://www.gruppotim.it/it/footer/red-team.html
CVE-2022-45175 - https://www.gruppotim.it/it/footer/red-team.html
+CVE-2022-45176 - https://www.gruppotim.it/it/footer/red-team.html
CVE-2022-45177 - https://www.gruppotim.it/it/footer/red-team.html
CVE-2022-45178 - https://www.gruppotim.it/it/footer/red-team.html
CVE-2022-45179 - https://www.gruppotim.it/it/footer/red-team.html
@@ -90535,6 +90552,8 @@ CVE-2023-2765 - https://github.com/eckert-lcc/cve/blob/main/Weaver%20oa.md
CVE-2023-2765 - https://vuldb.com/?id.229270
CVE-2023-27651 - https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27651/CVE%20detail.md
CVE-2023-27652 - https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27652/CVE%20detail.md
+CVE-2023-27653 - https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27653/CVE%20detail.md
+CVE-2023-27654 - https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27654/CVE%20detail.md
CVE-2023-27655 - https://forum.xpdfreader.com/viewtopic.php?t=42398
CVE-2023-27655 - https://github.com/keepinggg/poc/blob/main/poc_of_xpdf/id2
CVE-2023-27655 - https://github.com/keepinggg/poc/tree/main/poc_of_xpdf
@@ -91314,6 +91333,7 @@ CVE-2023-3148 - https://github.com/Peanut886/Vulnerability/blob/main/webray.com.
CVE-2023-31483 - https://github.com/CauldronDevelopmentLLC/cbang/issues/115
CVE-2023-31489 - https://github.com/FRRouting/frr/issues/13098
CVE-2023-3149 - https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-adminusermanage_userphp
+CVE-2023-3149 - https://vuldb.com/?id.231018
CVE-2023-31490 - https://github.com/FRRouting/frr/issues/13099
CVE-2023-31492 - http://packetstormsecurity.com/files/177091/ManageEngine-ADManager-Plus-Recovery-Password-Disclosure.html
CVE-2023-31492 - https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md
@@ -91789,6 +91809,7 @@ CVE-2023-33921 - http://seclists.org/fulldisclosure/2023/Jul/14
CVE-2023-3393 - https://huntr.dev/bounties/e4df9280-900a-407a-a07e-e7fef3345914
CVE-2023-3394 - https://huntr.dev/bounties/84bf3e85-cdeb-4b8d-9ea4-74156dbda83f
CVE-2023-33956 - https://github.com/kanboard/kanboard/security/advisories/GHSA-r36m-44gg-wxg2
+CVE-2023-3396 - https://vuldb.com/?id.232351
CVE-2023-33968 - https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr
CVE-2023-33969 - https://github.com/kanboard/kanboard/security/advisories/GHSA-8qvf-9847-gpc9
CVE-2023-33970 - https://github.com/kanboard/kanboard/security/advisories/GHSA-wfch-8rhv-v286
@@ -91996,6 +92017,7 @@ CVE-2023-35002 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-
CVE-2023-3501 - https://wpscan.com/vulnerability/d3fb4a2b-ed51-4654-b7c1-4b0f59cd1ecf
CVE-2023-35016 - https://www.ibm.com/support/pages/node/7014397
CVE-2023-35019 - https://www.ibm.com/support/pages/node/7014397
+CVE-2023-3505 - https://vuldb.com/?id.232953
CVE-2023-35055 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1761
CVE-2023-35056 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1761
CVE-2023-35057 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1821
@@ -92237,6 +92259,7 @@ CVE-2023-36820 - https://github.com/micronaut-projects/micronaut-security/securi
CVE-2023-36821 - https://github.com/louislam/uptime-kuma/security/advisories/GHSA-7grx-f945-mj96
CVE-2023-36822 - https://github.com/louislam/uptime-kuma/security/advisories/GHSA-vr8x-74pm-6vj7
CVE-2023-36828 - https://github.com/statamic/cms/security/advisories/GHSA-6r5g-cq4q-327g
+CVE-2023-3684 - https://vuldb.com/?id.234230
CVE-2023-36844 - http://packetstormsecurity.com/files/174397/Juniper-JunOS-SRX-EX-Remote-Code-Execution.html
CVE-2023-36844 - http://packetstormsecurity.com/files/174865/Juniper-SRX-Firewall-EX-Switch-Remote-Code-Execution.html
CVE-2023-36845 - http://packetstormsecurity.com/files/174397/Juniper-JunOS-SRX-EX-Remote-Code-Execution.html
@@ -92347,6 +92370,7 @@ CVE-2023-37475 - https://github.com/hamba/avro/security/advisories/GHSA-9x44-9pg
CVE-2023-37477 - https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-p9xf-74xh-mhw5
CVE-2023-37478 - https://github.com/pnpm/pnpm/security/advisories/GHSA-5r98-f33j-g8h7
CVE-2023-3752 - https://vuldb.com/?id.234422
+CVE-2023-3753 - https://vuldb.com/?id.234423
CVE-2023-37543 - https://medium.com/@hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed
CVE-2023-37569 - http://packetstormsecurity.com/files/174084/Emagic-Data-Center-Management-Suite-6.0-Remote-Command-Execution.html
CVE-2023-37581 - http://seclists.org/fulldisclosure/2023/Jul/43
@@ -92430,6 +92454,7 @@ CVE-2023-37833 - https://github.com/strik3r0x1/Vulns/blob/main/BAC%20leads%20to%
CVE-2023-37836 - https://github.com/thorfdbg/libjpeg/issues/87#BUG1
CVE-2023-37837 - https://github.com/thorfdbg/libjpeg/issues/87#BUG0
CVE-2023-3784 - https://seclists.org/fulldisclosure/2023/Jul/37
+CVE-2023-3784 - https://vuldb.com/?id.235051
CVE-2023-3784 - https://www.vulnerability-lab.com/get_content.php?id=2317
CVE-2023-37849 - https://heegong.github.io/posts/Local-privilege-escalation-in-Panda-Dome-VPN-for-Windows-Installer/
CVE-2023-3785 - https://seclists.org/fulldisclosure/2023/Jul/39
@@ -92499,6 +92524,7 @@ CVE-2023-38253 - https://github.com/tats/w3m/issues/271
CVE-2023-38286 - https://github.com/p1n93r/SpringBootAdmin-thymeleaf-SSTI
CVE-2023-3830 - https://vuldb.com/?id.235151
CVE-2023-38328 - https://www.gruppotim.it/it/footer/red-team.html
+CVE-2023-3833 - https://vuldb.com/?id.235159
CVE-2023-38334 - http://packetstormsecurity.com/files/173696/Omnis-Studio-10.22.00-Library-Unlock.html
CVE-2023-38334 - http://seclists.org/fulldisclosure/2023/Jul/42
CVE-2023-38334 - http://seclists.org/fulldisclosure/2023/Jul/43
@@ -94225,6 +94251,10 @@ CVE-2023-4911 - http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privi
CVE-2023-4911 - http://seclists.org/fulldisclosure/2023/Oct/11
CVE-2023-4911 - http://www.openwall.com/lists/oss-security/2023/10/03/2
CVE-2023-4911 - https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
+CVE-2023-49110 - https://r.sec-consult.com/kiuwan
+CVE-2023-49111 - https://r.sec-consult.com/kiuwan
+CVE-2023-49112 - https://r.sec-consult.com/kiuwan
+CVE-2023-49113 - https://r.sec-consult.com/kiuwan
CVE-2023-49114 - http://seclists.org/fulldisclosure/2024/Mar/10
CVE-2023-49114 - https://r.sec-consult.com/qognify
CVE-2023-4912 - https://gitlab.com/gitlab-org/gitlab/-/issues/424882
@@ -94440,6 +94470,7 @@ CVE-2023-5030 - https://github.com/husterdjx/cve/blob/main/sql1.md
CVE-2023-5033 - https://vuldb.com/?id.239877
CVE-2023-50358 - https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2024/2024-213941-1032
CVE-2023-5036 - https://huntr.dev/bounties/46881df7-eb41-4ce2-a78f-82de9bc4fc2d
+CVE-2023-50387 - https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/
CVE-2023-5041 - https://wpscan.com/vulnerability/45194442-6eea-4e07-85a5-4a1e2fde3523
CVE-2023-50422 - https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067/
CVE-2023-50423 - https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067/
@@ -95150,6 +95181,7 @@ CVE-2023-6576 - https://github.com/willchen0011/cve/blob/main/upload.md
CVE-2023-6577 - https://github.com/kpz-wm/cve/blob/main/Any_file_read.md
CVE-2023-6579 - http://packetstormsecurity.com/files/176124/osCommerce-4-SQL-Injection.html
CVE-2023-6580 - https://github.com/c2dc/cve-reported/blob/main/CVE-2023-6580/CVE-2023-6580.md
+CVE-2023-6581 - https://github.com/flyyue2001/cve/blob/main/D-LINK%20-DAR-7000_sql_workidajax.md
CVE-2023-6584 - https://wpscan.com/vulnerability/e528e3cd-a45c-4bf7-a37a-101f5c257acd/
CVE-2023-6585 - https://wpscan.com/vulnerability/757412f4-e4f8-4007-8e3b-639a72b33180/
CVE-2023-6591 - https://wpscan.com/vulnerability/f296de1c-b70b-4829-aba7-4afa24f64c51/
@@ -95399,6 +95431,7 @@ CVE-2024-0420 - https://wpscan.com/vulnerability/b6187ef8-70f4-4911-abd7-42bf6b7
CVE-2024-0421 - https://wpscan.com/vulnerability/587acc47-1966-4baf-a380-6aa479a97c82/
CVE-2024-0425 - https://github.com/mi2acle/forucmsvuln/blob/master/passwordreset.md
CVE-2024-0426 - https://github.com/mi2acle/forucmsvuln/blob/master/sqli.md
+CVE-2024-0427 - https://wpscan.com/vulnerability/1806fef3-d774-46e0-aa48-7a101495f4eb/
CVE-2024-0439 - https://huntr.com/bounties/7fc1b78e-7faf-4f40-961d-61e53dac81ce
CVE-2024-0440 - https://huntr.com/bounties/263fd7eb-f9a9-4578-9655-0e28c609272f
CVE-2024-0455 - https://huntr.com/bounties/07d83b49-7ebb-40d2-83fc-78381e3c5c9c
@@ -95592,6 +95625,7 @@ CVE-2024-1274 - https://wpscan.com/vulnerability/91dba45b-9930-4bfb-a7bf-903c468
CVE-2024-1279 - https://wpscan.com/vulnerability/4c537264-0c23-428e-9a11-7a9e74fb6b69/
CVE-2024-1290 - https://wpscan.com/vulnerability/a60187d4-9491-435a-bc36-8dd348a1ffa3/
CVE-2024-1292 - https://wpscan.com/vulnerability/56d4fc48-d0dc-4ac6-93cd-f64d4c3c5c07/
+CVE-2024-1295 - https://wpscan.com/vulnerability/3cffbeb0-545a-4002-b02c-0fa38cada1db/
CVE-2024-1306 - https://wpscan.com/vulnerability/c7ce2649-b2b0-43f4-994d-07b1023405e9/
CVE-2024-1307 - https://wpscan.com/vulnerability/bbc6cebd-e9bf-4b08-a474-f9312b3c0947/
CVE-2024-1309 - https://www.honeywell.com/us/en/product-security
@@ -95686,6 +95720,7 @@ CVE-2024-1928 - https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.c
CVE-2024-1929 - https://www.openwall.com/lists/oss-security/2024/03/04/2
CVE-2024-1930 - https://www.openwall.com/lists/oss-security/2024/03/04/2
CVE-2024-1932 - https://huntr.com/bounties/fefd711e-3bf0-4884-9acc-167649c1f9a2
+CVE-2024-1938 - https://issues.chromium.org/issues/324596281
CVE-2024-1956 - https://wpscan.com/vulnerability/d7034ac2-0098-48d2-9ba9-87e09b178f7d/
CVE-2024-1958 - https://wpscan.com/vulnerability/8be4ebcf-2b42-4b88-89a0-2df6dbf00b55/
CVE-2024-1962 - https://wpscan.com/vulnerability/469486d4-7677-4d66-83c0-a6b9ac7c503b/
@@ -95955,6 +95990,7 @@ CVE-2024-2189 - https://wpscan.com/vulnerability/b8661fbe-78b9-4d29-90bf-5b68af4
CVE-2024-21907 - https://alephsecurity.com/vulns/aleph-2018004
CVE-2024-21907 - https://security.snyk.io/vuln/SNYK-DOTNET-NEWTONSOFTJSON-2774678
CVE-2024-2193 - https://www.vusec.net/projects/ghostrace/
+CVE-2024-22002 - https://github.com/0xkickit/iCUE_DllHijack_LPE-CVE-2024-22002
CVE-2024-22049 - https://github.com/advisories/GHSA-5pq7-52mg-hr42
CVE-2024-22049 - https://github.com/jnunemaker/httparty/security/advisories/GHSA-5pq7-52mg-hr42
CVE-2024-22086 - https://github.com/hayyp/cherry/issues/1
@@ -95966,6 +96002,7 @@ CVE-2024-22108 - https://adepts.of0x.cc/gtbcc-pwned/
CVE-2024-22108 - https://x-c3ll.github.io/cves.html
CVE-2024-22120 - https://support.zabbix.com/browse/ZBX-24505
CVE-2024-22144 - https://patchstack.com/articles/critical-vulnerability-found-in-gotmls-plugin?_s_id=cve
+CVE-2024-2218 - https://wpscan.com/vulnerability/ecd615f7-946e-45af-a610-0654a243b1dc/
CVE-2024-22190 - https://github.com/gitpython-developers/GitPython/pull/1792
CVE-2024-22190 - https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-2mqj-m65w-jghx
CVE-2024-22191 - https://github.com/avo-hq/avo/security/advisories/GHSA-ghjv-mh6x-7q6h
@@ -96076,6 +96113,7 @@ CVE-2024-22852 - https://github.com/Beckaf/vunl/blob/main/D-Link/AC750/1/1.md
CVE-2024-22852 - https://www.dlink.com/en/security-bulletin/
CVE-2024-22853 - https://www.dlink.com/en/security-bulletin/
CVE-2024-22854 - https://tomekwasiak.pl/cve-2024-22854/
+CVE-2024-22855 - https://www.exploit-db.com/exploits/52025
CVE-2024-22856 - https://www.4rth4s.xyz/2024/04/cve-2024-22856-authenticated-blind-sql.html
CVE-2024-22857 - https://www.ebryx.com/blogs/arbitrary-code-execution-in-zlog-cve-2024-22857
CVE-2024-22859 - https://github.com/github/advisory-database/pull/3490
@@ -96162,6 +96200,7 @@ CVE-2024-23648 - https://github.com/pimcore/admin-ui-classic-bundle/security/adv
CVE-2024-23649 - https://github.com/LemmyNet/lemmy/security/advisories/GHSA-r64r-5h43-26qv
CVE-2024-2365 - https://github.com/ctflearner/Android_Findings/blob/main/Musicshelf/Weak_Hashing_Algorithms.md
CVE-2024-23655 - https://github.com/tutao/tutanota/security/advisories/GHSA-5h47-g927-629g
+CVE-2024-23656 - https://github.com/dexidp/dex/pull/2964
CVE-2024-23656 - https://github.com/dexidp/dex/security/advisories/GHSA-gr79-9v6v-gc9r
CVE-2024-23660 - https://secbit.io/blog/en/2024/01/19/trust-wallets-fomo3d-summer-vuln/
CVE-2024-23674 - https://ctrlalt.medium.com/space-attack-spoofing-eids-password-authenticated-connection-establishment-11561e5657b1
@@ -96223,6 +96262,7 @@ CVE-2024-24041 - https://github.com/tubakvgc/CVE/blob/main/Travel_Journal_App.md
CVE-2024-24041 - https://portswigger.net/web-security/cross-site-scripting
CVE-2024-2405 - https://wpscan.com/vulnerability/c42ffa15-6ebe-4c70-9e51-b95bd05ea04d/
CVE-2024-24050 - https://www.muratcagrialis.com/workout-journal-app-stored-xss-cve-2024-24050
+CVE-2024-24051 - https://github.com/tkruppert/Reported_Vulnerabilities/blob/main/CVE-2024-24051.md
CVE-2024-24059 - https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#2-file-upload-vulnerability
CVE-2024-24060 - https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#11-stored-cross-site-scripting-sysuser
CVE-2024-24061 - https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#13-stored-cross-site-scripting-syscontentadd
@@ -96262,6 +96302,7 @@ CVE-2024-24294 - https://gist.github.com/mestrtee/d1eb6e1f7c6dd60d8838c3e56cab63
CVE-2024-24300 - https://github.com/yckuo-sdc/PoC
CVE-2024-24301 - https://github.com/yckuo-sdc/PoC
CVE-2024-2432 - https://security.paloaltonetworks.com/CVE-2024-2432
+CVE-2024-24320 - https://datack.my/cloudpanel-v2-0-0-v2-4-0-authenticated-user-session-hijacking-cve-2024-24320/
CVE-2024-24321 - https://github.com/dkjiayu/Vul/blob/main/DIR816A2-dir_setWanWifi.md
CVE-2024-24321 - https://www.dlink.com/en/security-bulletin/
CVE-2024-24325 - https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/11/TOTOlink%20A3300R%20setParentalRules.md
@@ -96626,8 +96667,11 @@ CVE-2024-25973 - http://seclists.org/fulldisclosure/2024/Feb/23
CVE-2024-25973 - https://r.sec-consult.com/openolat
CVE-2024-25974 - http://seclists.org/fulldisclosure/2024/Feb/23
CVE-2024-25974 - https://r.sec-consult.com/openolat
+CVE-2024-25975 - http://seclists.org/fulldisclosure/2024/May/34
CVE-2024-25975 - https://r.sec-consult.com/hawki
+CVE-2024-25976 - http://seclists.org/fulldisclosure/2024/May/34
CVE-2024-25976 - https://r.sec-consult.com/hawki
+CVE-2024-25977 - http://seclists.org/fulldisclosure/2024/May/34
CVE-2024-25977 - https://r.sec-consult.com/hawki
CVE-2024-2603 - https://wpscan.com/vulnerability/b4186c03-99ee-4297-85c0-83b7053afc1c/
CVE-2024-2604 - https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20File%20Manager%20App/Arbitrary%20File%20Upload%20-%20update-file.php.md
@@ -96660,6 +96704,7 @@ CVE-2024-26492 - https://packetstormsecurity.com/files/165555/Online-Diagnostic-
CVE-2024-26492 - https://www.exploit-db.com/exploits/50660
CVE-2024-26495 - https://github.com/friendica/friendica/issues/13884
CVE-2024-26504 - https://tomiodarim.io/posts/cve-2024-26504/
+CVE-2024-26507 - https://belong2yourself.github.io/vulnerabilities/docs/AIDA/Elevation-of-Privileges/readme/
CVE-2024-26521 - https://github.com/capture0x/Phoenix
CVE-2024-26521 - https://github.com/hackervegas001/CVE-2024-26521
CVE-2024-26529 - https://github.com/mz-automation/libiec61850/issues/492
@@ -96768,6 +96813,7 @@ CVE-2024-2760 - https://fluidattacks.com/advisories/kent/
CVE-2024-2761 - https://wpscan.com/vulnerability/e092ccdc-7ea1-4937-97b7-4cdbff5e74e5/
CVE-2024-27619 - https://github.com/ioprojecton/dir-3040_dos
CVE-2024-27619 - https://www.dlink.com/en/security-bulletin/
+CVE-2024-2762 - https://wpscan.com/vulnerability/92e0f5ca-0184-4e9c-b01a-7656e05dce69/
CVE-2024-27620 - https://packetstormsecurity.com/files/177506/Ladder-0.0.21-Server-Side-Request-Forgery.html
CVE-2024-27622 - https://packetstormsecurity.com/files/177241/CMS-Made-Simple-2.2.19-Remote-Code-Execution.html
CVE-2024-27625 - https://packetstormsecurity.com/files/177243/CMS-Made-Simple-2.2.19-Cross-Site-Scripting.html
@@ -96820,6 +96866,7 @@ CVE-2024-28066 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisorie
CVE-2024-2807 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/formExpandDlnaFile.md
CVE-2024-2807 - https://vuldb.com/?id.257662
CVE-2024-2808 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/formQuickIndex.md
+CVE-2024-28085 - http://www.openwall.com/lists/oss-security/2024/03/27/5
CVE-2024-28085 - https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt
CVE-2024-28085 - https://www.openwall.com/lists/oss-security/2024/03/27/5
CVE-2024-28088 - https://github.com/PinkDraconian/PoC-Langchain-RCE/blob/main/README.md
@@ -96844,6 +96891,7 @@ CVE-2024-28120 - https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-20
CVE-2024-28122 - https://github.com/lestrrat-go/jwx/security/advisories/GHSA-hj3v-m684-v259
CVE-2024-2813 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/form_fast_setting_wifi_set.md
CVE-2024-2814 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/fromDhcpListClient_page.md
+CVE-2024-28147 - https://r.sec-consult.com/metaventis
CVE-2024-2815 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/R7WebsSecurityHandler.md
CVE-2024-2816 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromSysToolReboot.md
CVE-2024-2817 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromSysToolRestoreSet.md
@@ -97109,14 +97157,17 @@ CVE-2024-29974 - https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
CVE-2024-29975 - https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
CVE-2024-29976 - https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
CVE-2024-3000 - https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Book%20System%20-%20Authentication%20Bypass.md
+CVE-2024-3000 - https://vuldb.com/?id.258202
CVE-2024-3001 - https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Book%20System-%20SQL%20Injection%20-%203.md
CVE-2024-3002 - https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Book%20System-%20SQL%20Injection%20-%204.md
CVE-2024-3003 - https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Book%20System-%20SQL%20Injection%20-%205.md
+CVE-2024-3003 - https://vuldb.com/?id.258205
CVE-2024-3004 - https://github.com/BurakSevben/CVEs/blob/main/Online%20Book%20System/Online%20Book%20System%20-%20Cross-Site-Scripting.md
CVE-2024-3011 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formQuickIndex.md
CVE-2024-3012 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/GetParentControlInfo.md
CVE-2024-30162 - http://seclists.org/fulldisclosure/2024/Apr/21
CVE-2024-30163 - http://seclists.org/fulldisclosure/2024/Apr/20
+CVE-2024-30212 - https://github.com/Fehr-GmbH/blackleak
CVE-2024-3024 - https://docs.google.com/document/d/1wCIrViAJwGsO5afPBLLjRhO5RClsoUo3J9q1psLs84s/edit?usp=sharing
CVE-2024-30248 - https://github.com/piccolo-orm/piccolo_admin/security/advisories/GHSA-pmww-v6c9-7p83
CVE-2024-30252 - https://github.com/nt1m/livemarks/security/advisories/GHSA-3gg9-w4fm-jjcg
@@ -97127,6 +97178,8 @@ CVE-2024-30259 - https://drive.google.com/file/d/1Y2bGvP3UIOJCLh_XEURLdhrM2Sznlv
CVE-2024-30259 - https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-qcj9-939p-p662
CVE-2024-30264 - https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-mx2f-9mcr-8j73
CVE-2024-30268 - https://github.com/Cacti/cacti/security/advisories/GHSA-9m3v-whmr-pc2q
+CVE-2024-30311 - https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1946
+CVE-2024-3032 - https://wpscan.com/vulnerability/d130a60c-c36b-4994-9b0e-e52cd7f99387/
CVE-2024-30406 - https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/statement/services-paa-test-agent.html
CVE-2024-3048 - https://wpscan.com/vulnerability/e179ff7d-137c-48bf-8b18-e874e3f876f4/
CVE-2024-3050 - https://wpscan.com/vulnerability/04c1581e-fd36-49d4-8463-b49915d4b1ac/
@@ -97192,6 +97245,7 @@ CVE-2024-30809 - https://github.com/axiomatic-systems/Bento4/issues/937
CVE-2024-30840 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V15.03.05.18/fromDhcpListClient_list1.md
CVE-2024-30845 - https://gist.github.com/Zshan7que/c813f2b52daab08c9fb4f6c6b8178b66
CVE-2024-30845 - https://github.com/netcccyun/pan/issues/6
+CVE-2024-30848 - https://github.com/Excis3/CVE-Disclosure/blob/main/CVE-2024-30848.md
CVE-2024-30849 - https://github.com/wkeyi0x1/vul-report/issues/3
CVE-2024-30850 - https://blog.chebuya.com/posts/remote-code-execution-on-chaos-rat-via-spoofed-agents/
CVE-2024-30851 - https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc
@@ -97255,6 +97309,7 @@ CVE-2024-3118 - https://vuldb.com/?id.258779
CVE-2024-31212 - https://github.com/instantsoft/icms2/security/advisories/GHSA-qx95-w566-73fw
CVE-2024-31213 - https://github.com/instantsoft/icms2/security/advisories/GHSA-6v3c-p92q-prfq
CVE-2024-31214 - https://github.com/traccar/traccar/security/advisories/GHSA-3gxq-f2qj-c8v9
+CVE-2024-31217 - https://github.com/strapi/strapi/security/advisories/GHSA-pm9q-xj9p-96pm
CVE-2024-3124 - https://github.com/ctflearner/Android_Findings/blob/main/Smartalarm/Backup.md
CVE-2024-3124 - https://vuldb.com/?submit.307752
CVE-2024-3125 - https://github.com/strik3r0x1/Vulns/blob/main/ZTC_GK420d-SXSS.md
@@ -97288,6 +97343,8 @@ CVE-2024-3146 - https://github.com/Hckwzh/cms/blob/main/14.md
CVE-2024-31460 - https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv
CVE-2024-31460 - https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r
CVE-2024-3147 - https://github.com/Hckwzh/cms/blob/main/15.md
+CVE-2024-3148 - https://vuldb.com/?id.258923
+CVE-2024-31497 - https://github.com/daedalus/BreakingECDSAwithLLL
CVE-2024-31497 - https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/
CVE-2024-31497 - https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/
CVE-2024-31502 - https://github.com/sahildari/cve/blob/master/CVE-2024-31502.md
@@ -97300,7 +97357,10 @@ CVE-2024-31545 - https://github.com/emirhanmtl/vuln-research/blob/main/SQLi-4-Co
CVE-2024-31546 - https://github.com/emirhanmtl/vuln-research/blob/main/SQLi-2-Computer-Laboratory-Management-System-PoC.md
CVE-2024-31547 - https://github.com/emirhanmtl/vuln-research/blob/main/SQLi-3-Computer-Laboratory-Management-System-PoC.md
CVE-2024-31581 - https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavcodec/cbs_h266_syntax_template.c#L2048
+CVE-2024-31586 - https://github.com/CyberSentryX/CVE_Hunting/tree/main/CVE-2024-31586
CVE-2024-31610 - https://github.com/ss122-0ss/School/blob/main/readme.md
+CVE-2024-31612 - https://github.com/ss122-0ss/cms/blob/main/emlog-csrf.md
+CVE-2024-31613 - https://github.com/ss122-0ss/BOSSCMS/blob/main/bosscms%20csrf.md
CVE-2024-31616 - https://gist.github.com/Swind1er/0c50e72428059fb72a4fd4d31c43f883
CVE-2024-31621 - https://www.exploit-db.com/exploits/52001
CVE-2024-31636 - https://github.com/lief-project/LIEF/issues/1038
@@ -97320,6 +97380,7 @@ CVE-2024-31759 - https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bb
CVE-2024-31759 - https://github.com/menghaining/PoC/blob/main/PublicCMS/publishCMS--PoC.md
CVE-2024-31760 - https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158
CVE-2024-31760 - https://github.com/menghaining/PoC/blob/main/gin-vue-admin/gin-vue-admin--PoC.md
+CVE-2024-31777 - https://github.com/FreySolarEye/Exploit-CVE-2024-31777
CVE-2024-31804 - https://www.exploit-db.com/exploits/51977
CVE-2024-31819 - https://chocapikk.com/posts/2024/cve-2024-31819/
CVE-2024-31819 - https://github.com/Chocapikk/CVE-2024-31819
@@ -97354,8 +97415,10 @@ CVE-2024-3207 - https://vuldb.com/?submit.304572
CVE-2024-3209 - https://vuldb.com/?submit.304575
CVE-2024-32163 - https://github.com/XiLitter/CMS_vulnerability-discovery/blob/main/CMSeasy_7.7.7.9_code_execution.md
CVE-2024-32166 - https://github.com/Fewword/Poc/blob/main/webid/webid-poc14.md
+CVE-2024-32167 - https://github.com/ss122-0ss/cms/blob/main/omos.md
CVE-2024-3218 - https://github.com/garboa/cve_3/blob/main/file_put_content.md
CVE-2024-32206 - https://github.com/majic-banana/vulnerability/blob/main/POC/WUZHICMS4.1.0%20Stored%20Xss%20In%20Affiche%20Model.md
+CVE-2024-3221 - https://vuldb.com/?id.259066
CVE-2024-32254 - https://github.com/jinhaochan/CVE-POC/blob/main/tms/POC.md
CVE-2024-32256 - https://github.com/jinhaochan/CVE-POC/blob/main/tms/POC.md
CVE-2024-32258 - https://github.com/TASEmulators/fceux/issues/727
@@ -97399,6 +97462,7 @@ CVE-2024-32343 - https://github.com/adiapera/xss_create2_boidcms_2.1.0
CVE-2024-32344 - https://github.com/adiapera/xss_language_cmsimple_5.15/blob/main/README.md
CVE-2024-32345 - https://github.com/adiapera/xss_language_cmsimple_5.15
CVE-2024-32359 - https://github.com/HouqiyuA/k8s-rbac-poc
+CVE-2024-3236 - https://wpscan.com/vulnerability/a6c2da28-dc03-4bcc-a6c3-ee55a73861db/
CVE-2024-32369 - https://github.com/chucrutis/CVE-2024-32369
CVE-2024-3239 - https://wpscan.com/vulnerability/dfa1421b-41b0-4b25-95ef-0843103e1f5e/
CVE-2024-32391 - https://github.com/magicblack/maccms10/issues/1133
@@ -97442,6 +97506,7 @@ CVE-2024-32743 - https://github.com/adiapera/xss_security_wondercms_3.4.3
CVE-2024-32744 - https://github.com/adiapera/xss_current_page_wondercms_3.4.3
CVE-2024-32745 - https://github.com/adiapera/xss_current_page_wondercms_3.4.3
CVE-2024-32746 - https://github.com/adiapera/xss_menu_page_wondercms_3.4.3
+CVE-2024-3276 - https://wpscan.com/vulnerability/996d3247-ebdd-49d1-a1a3-ceedcf9f2f95/
CVE-2024-3281 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-003.txt
CVE-2024-32866 - https://github.com/edmundhung/conform/security/advisories/GHSA-624g-8qjg-8qxf
CVE-2024-32869 - https://github.com/honojs/hono/security/advisories/GHSA-3mpf-rcc7-5347
@@ -97475,6 +97540,7 @@ CVE-2024-33113 - https://github.com/yj94/Yj_learning/blob/main/Week16/D-LINK-POC
CVE-2024-3322 - https://github.com/parisneo/lollms-webui/commit/1e17df01e01d4d33599db2afaafe91d90b6f0189
CVE-2024-33247 - https://github.com/CveSecLook/cve/issues/11
CVE-2024-33250 - https://github.com/hacker2004/cccccckkkkkk/blob/main/CVE-2024-33250.md
+CVE-2024-33253 - https://github.com/FreySolarEye/CVE/blob/master/GUnet%20OpenEclass%20E-learning%20platform%203.15%20-%20'certbadge.php'%20Stored%20Cross%20Site%20Scripting
CVE-2024-33255 - https://github.com/jerryscript-project/jerryscript/issues/5135
CVE-2024-33258 - https://github.com/jerryscript-project/jerryscript/issues/5114
CVE-2024-33259 - https://github.com/jerryscript-project/jerryscript/issues/5132
@@ -97494,6 +97560,9 @@ CVE-2024-33332 - https://github.com/wy876/cve/issues/3
CVE-2024-33338 - https://github.com/7akahash1/POC/blob/main/1.md
CVE-2024-33345 - https://github.com/n0wstr/IOTVuln/tree/main/DIR-823g/UploadFirmware
CVE-2024-33350 - https://github.com/majic-banana/vulnerability/blob/main/POC/taocms-3.0.2%20Arbitrary%20File%20Writing%20Vulnerability.md
+CVE-2024-33373 - https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Password-Policy-Bypass--%7C--Inconsistent-Password-Policy-(CVE%E2%80%902024%E2%80%9033373)
+CVE-2024-33374 - https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Incorrect-Access-Control-(CVE%E2%80%902024%E2%80%9033374)
+CVE-2024-33377 - https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Clickjacking-(CVE%E2%80%902024%E2%80%9033377)
CVE-2024-33383 - https://juvl1ne.github.io/2024/04/18/novel-plus-vulnerability/
CVE-2024-33398 - https://github.com/HouqiyuA/k8s-rbac-poc
CVE-2024-33423 - https://github.com/adiapera/xss_language_cmsimple_5.15
@@ -97581,6 +97650,7 @@ CVE-2024-3400 - https://unit42.paloaltonetworks.com/cve-2024-3400/
CVE-2024-34020 - https://bugzilla.suse.com/show_bug.cgi?id=1223534
CVE-2024-3405 - https://wpscan.com/vulnerability/6968d43c-16ff-43a9-8451-71aabbe69014/
CVE-2024-34051 - https://blog.smarttecs.com/posts/2024-004-cve-2024-34051/
+CVE-2024-34058 - http://www.openwall.com/lists/oss-security/2024/05/16/3
CVE-2024-34058 - https://www.openwall.com/lists/oss-security/2024/05/16/3
CVE-2024-3406 - https://wpscan.com/vulnerability/1bfab060-64d2-4c38-8bc8-a8f81c5a6e0d/
CVE-2024-34061 - https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-pwgc-w4x9-gw67
@@ -97624,6 +97694,7 @@ CVE-2024-34252 - https://github.com/wasm3/wasm3/issues/483
CVE-2024-34257 - https://github.com/ZackSecurity/VulnerReport/blob/cve/totolink/EX1800T/1.md
CVE-2024-34273 - https://github.com/chrisandoryan/vuln-advisory/blob/main/nJwt/CVE-2024-34273.md
CVE-2024-34308 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/README.md
+CVE-2024-34332 - https://belong2yourself.github.io/vulnerabilities/docs/SANDRA/Elevation-of-Privileges/readme/
CVE-2024-34340 - https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m
CVE-2024-34345 - https://github.com/CycloneDX/cyclonedx-javascript-library/commit/5e5e1e0b9422f47d2de81c7c4064b803a01e7203
CVE-2024-34345 - https://github.com/CycloneDX/cyclonedx-javascript-library/pull/1063
@@ -97667,6 +97738,7 @@ CVE-2024-34532 - https://github.com/luvsn/OdZoo/tree/main/exploits/query_deluxe
CVE-2024-34533 - https://github.com/luvsn/OdZoo/tree/main/exploits/izi_data
CVE-2024-34534 - https://github.com/luvsn/OdZoo/tree/main/exploits/text_commander
CVE-2024-34582 - https://github.com/silent6trinity/CVE-2024-34582
+CVE-2024-34694 - https://github.com/lnbits/lnbits/security/advisories/GHSA-3j4h-h3fp-vwww
CVE-2024-3471 - https://wpscan.com/vulnerability/a3c282fb-81b8-48bf-8c18-8366ea8ad9af/
CVE-2024-34710 - https://github.com/requarks/wiki/security/advisories/GHSA-xjcj-p2qv-q3rf
CVE-2024-34714 - https://github.com/hoppscotch/hoppscotch-extension/security/advisories/GHSA-jjh5-pvqx-gg5v
@@ -97678,6 +97750,8 @@ CVE-2024-3476 - https://wpscan.com/vulnerability/46f74493-9082-48b2-90bc-2c1d1db
CVE-2024-3477 - https://wpscan.com/vulnerability/ca5e59e6-c500-4129-997b-391cdf9aa9c7/
CVE-2024-3478 - https://wpscan.com/vulnerability/09f1a696-86ee-47cc-99de-57cfd2a3219d/
CVE-2024-3481 - https://wpscan.com/vulnerability/0c441293-e7f9-4634-8f3a-09925cd2b696/
+CVE-2024-34833 - https://github.com/ShellUnease/payroll-management-system-rce
+CVE-2024-34833 - https://packetstormsecurity.com/files/179106/Payroll-Management-System-1.0-Remote-Code-Execution.html
CVE-2024-34852 - https://github.com/Yang-Nankai/Vulnerabilities/blob/main/DataCube3%20Shell%20Code%20Injection.md
CVE-2024-34854 - https://github.com/Yang-Nankai/Vulnerabilities/blob/main/DataCube3%20Shell%20Code%20Injection.md
CVE-2024-34899 - https://hackerdna.com/courses/cve/cve-2024-34899
@@ -97704,6 +97778,8 @@ CVE-2024-34957 - https://github.com/Gr-1m/cms/blob/main/1.md
CVE-2024-34958 - https://github.com/Gr-1m/cms/blob/main/2.md
CVE-2024-34974 - https://github.com/hunzi0/Vullnfo/tree/main/Tenda/AC18/formSetPPTPServer
CVE-2024-34987 - https://github.com/MarkLee131/PoCs/blob/main/CVE-2024-34987.md
+CVE-2024-34987 - https://www.exploit-db.com/exploits/51989
+CVE-2024-34989 - https://security.friendsofpresta.org/modules/2024/06/20/prestapdf.html
CVE-2024-34997 - https://github.com/joblib/joblib/issues/1582
CVE-2024-35009 - https://github.com/Thirtypenny77/cms/blob/main/5.md
CVE-2024-35010 - https://github.com/Thirtypenny77/cms/blob/main/6.md
@@ -97732,12 +97808,17 @@ CVE-2024-3521 - https://github.com/garboa/cve_3/blob/main/Upload2.md
CVE-2024-35222 - https://github.com/tauri-apps/tauri/security/advisories/GHSA-57fm-592m-34r7
CVE-2024-35231 - https://github.com/rack/rack-contrib/security/advisories/GHSA-8c8q-2xw3-j869
CVE-2024-35232 - https://github.com/huandu/facebook/security/advisories/GHSA-3f65-m234-9mxr
+CVE-2024-35235 - http://www.openwall.com/lists/oss-security/2024/06/11/1
+CVE-2024-35235 - https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f
CVE-2024-35236 - https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-7j99-76cj-q9pg
CVE-2024-3529 - https://vuldb.com/?id.259899
CVE-2024-35324 - https://github.com/w0x68y/cve-lists/blob/main/CMS/Douchat/Douchat%204.0.5%20arbitrary%20file%20upload%20vulnerability.md
+CVE-2024-35326 - https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35326.c
+CVE-2024-35328 - https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35328.c
CVE-2024-35333 - https://github.com/momo1239/CVE-2024-35333
CVE-2024-35361 - https://github.com/Hebing123/cve/issues/37
CVE-2024-35362 - https://github.com/shopex/ecshop/issues/6
+CVE-2024-3537 - https://vuldb.com/?id.259907
CVE-2024-35373 - https://chocapikk.com/posts/2024/mocodo-vulnerabilities/
CVE-2024-35374 - https://chocapikk.com/posts/2024/mocodo-vulnerabilities/
CVE-2024-35384 - https://github.com/cesanta/mjs/issues/287
@@ -97763,6 +97844,7 @@ CVE-2024-35475 - https://github.com/carsonchan12345/OpenKM-CSRF-PoC
CVE-2024-3548 - https://wpscan.com/vulnerability/9eef8b29-2c62-4daa-ae90-467ff9be18d8/
CVE-2024-35492 - https://github.com/zzh-newlearner/MQTT_Crash/blob/main/Mongoose_null_pointer.md
CVE-2024-35511 - https://github.com/efekaanakkar/CVE-2024-35511/blob/main/Men%20Salon%20Management%20System%20Using%20PHP%20and%20MySQL.md
+CVE-2024-3552 - https://wpscan.com/vulnerability/34b03ee4-de81-4fec-9f3d-e1bd5b94d136/
CVE-2024-35550 - https://github.com/bearman113/1.md/blob/main/17/csrf.md
CVE-2024-35551 - https://github.com/bearman113/1.md/blob/main/16/csrf.md
CVE-2024-35552 - https://github.com/bearman113/1.md/blob/main/20/csrf.md
@@ -97823,6 +97905,7 @@ CVE-2024-36548 - https://github.com/da271133/cms/blob/main/31/csrf.md
CVE-2024-36549 - https://github.com/da271133/cms/blob/main/30/csrf.md
CVE-2024-36550 - https://github.com/da271133/cms/blob/main/29/csrf.md
CVE-2024-3657 - https://bugzilla.redhat.com/show_bug.cgi?id=2274401
+CVE-2024-36598 - https://github.com/kaliankhe/CVE-Aslam-mahi/blob/9ec0572c68bfd3708a7d6e089181024131f4e927/vendors/projectworlds.in/AEGON%20LIFE%20v1.0%20Life%20Insurance%20Management%20System/CVE-2024-36598
CVE-2024-3660 - https://kb.cert.org/vuls/id/253266
CVE-2024-3660 - https://www.kb.cert.org/vuls/id/253266
CVE-2024-3661 - https://news.ycombinator.com/item?id=40279632
@@ -97835,6 +97918,9 @@ CVE-2024-36670 - https://github.com/sigubbs/cms/blob/main/33/csrf.md
CVE-2024-36673 - https://github.com/CveSecLook/cve/issues/39
CVE-2024-36674 - https://github.com/LyLme/lylme_spage/issues/91
CVE-2024-36675 - https://github.com/LyLme/lylme_spage/issues/92
+CVE-2024-36678 - https://security.friendsofpresta.org/modules/2024/06/18/pk_themesettings.html
+CVE-2024-36679 - https://security.friendsofpresta.org/modules/2024/06/18/livechatpro.html
+CVE-2024-36680 - https://security.friendsofpresta.org/modules/2024/06/18/pkfacebook.html
CVE-2024-36773 - https://github.com/OoLs5/VulDiscovery/blob/main/cve-2024-36773.md
CVE-2024-36774 - https://github.com/OoLs5/VulDiscovery/blob/main/poc.docx
CVE-2024-36775 - https://github.com/OoLs5/VulDiscovery/blob/main/monstra_xss.pdf
@@ -97842,6 +97928,10 @@ CVE-2024-36779 - https://github.com/CveSecLook/cve/issues/42
CVE-2024-36783 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/NTPSyncWithHost/README.md
CVE-2024-36800 - https://github.com/want1997/SEMCMS_VUL/blob/main/Download_sql_vul.md
CVE-2024-36801 - https://github.com/want1997/SEMCMS_VUL/blob/main/Download_sql_vul_2.md
+CVE-2024-36821 - https://github.com/IvanGlinkin/CVE-2024-36821
+CVE-2024-36840 - https://infosec-db.github.io/CyberDepot/vuln_boelter_blue/
+CVE-2024-36840 - https://packetstormsecurity.com/files/178978/Boelter-Blue-System-Management-1.3-SQL-Injection.html
+CVE-2024-36840 - https://sploitus.com/exploit?id=PACKETSTORM:178978
CVE-2024-36843 - https://github.com/stephane/libmodbus/issues/748
CVE-2024-36844 - https://github.com/stephane/libmodbus/issues/749
CVE-2024-36845 - https://github.com/stephane/libmodbus/issues/750
@@ -97860,31 +97950,84 @@ CVE-2024-3720 - https://github.com/scausoft/cve/blob/main/sql.md
CVE-2024-3721 - https://github.com/netsecfish/tbk_dvr_command_injection
CVE-2024-3721 - https://vuldb.com/?id.260573
CVE-2024-37273 - https://github.com/HackAllSec/CVEs/tree/main/Jan%20Arbitrary%20File%20Upload%20vulnerability
+CVE-2024-37301 - https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6
+CVE-2024-37308 - https://github.com/XjSv/Cooked/security/advisories/GHSA-9vfv-c966-jwrv
CVE-2024-3735 - https://vuldb.com/?submit.311153
+CVE-2024-37393 - https://www.optistream.io/blogs/tech/securenvoy-cve-2024-37393
CVE-2024-37407 - https://github.com/libarchive/libarchive/pull/2145
CVE-2024-3745 - https://fluidattacks.com/advisories/gershwin/
CVE-2024-3748 - https://wpscan.com/vulnerability/01427cfb-5c51-4524-9b9d-e09a603bc34c/
CVE-2024-3749 - https://wpscan.com/vulnerability/d14bb16e-ce1d-4c31-8791-bc63174897c0/
CVE-2024-3752 - https://wpscan.com/vulnerability/e738540a-2006-4b92-8db1-2476374d35bd/
+CVE-2024-3754 - https://wpscan.com/vulnerability/8c6f3e3e-3047-4446-a190-750a60c29fa3/
CVE-2024-3755 - https://wpscan.com/vulnerability/d34caeaf-2ecf-44a2-b308-e940bafd402c/
CVE-2024-3756 - https://wpscan.com/vulnerability/b28d0dca-2df1-4925-be81-dd9c46859c38/
+CVE-2024-37568 - https://github.com/lepture/authlib/issues/654
CVE-2024-37569 - https://www.youtube.com/watch?v=I9TQqfP5qzM
+CVE-2024-37619 - https://github.com/Hebing123/cve/issues/45
+CVE-2024-37620 - https://github.com/Hebing123/cve/issues/46
+CVE-2024-37622 - https://github.com/rainrocka/xinhu/issues/4
+CVE-2024-37623 - https://github.com/rainrocka/xinhu/issues/5
+CVE-2024-37624 - https://github.com/rainrocka/xinhu/issues/6
+CVE-2024-37625 - https://github.com/zhimengzhe/iBarn/issues/20
+CVE-2024-37629 - https://github.com/summernote/summernote/issues/4642
+CVE-2024-37632 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK/A3700R/loginAuth/README.md
+CVE-2024-37633 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK/A3700R/setWiFiGuestCfg/README.md
+CVE-2024-37634 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK/A3700R/setWiFiEasyCfg/README.md
+CVE-2024-37637 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK/A3700R/setWizardCfg/README.md
+CVE-2024-37642 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TRENDnet/TEW-814DAP/formSystemCheck/README.md
+CVE-2024-37643 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TRENDnet/TEW-814DAP/formPasswordAuth/README.md
CVE-2024-3765 - https://github.com/netsecfish/xiongmai_incorrect_access_control
CVE-2024-3765 - https://github.com/netsecfish/xiongmai_incorrect_access_control/blob/main/pocCheck3-en.py
+CVE-2024-37661 - https://github.com/ouuan/router-vuln-report/blob/master/icmp-redirect/tl-7dr5130-redirect.md
+CVE-2024-37662 - https://github.com/ouuan/router-vuln-report/blob/master/nat-rst/tl-7dr5130-nat-rst.md
CVE-2024-3767 - https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%203.md
+CVE-2024-37671 - https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37671.md
+CVE-2024-37672 - https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37672.md
+CVE-2024-37673 - https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37673.md
+CVE-2024-37674 - https://github.com/MohamedAzizMSALLEMI/Moodle_Security/blob/main/CVE-2024-37674.md
+CVE-2024-37675 - https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37675.md
CVE-2024-3768 - https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%204.md
+CVE-2024-3768 - https://vuldb.com/?id.260615
CVE-2024-3769 - https://github.com/BurakSevben/CVEs/blob/main/Student%20Record%20System%203.20/Student%20Record%20System%20-%20Authentication%20Bypass.md
CVE-2024-3770 - https://github.com/BurakSevben/CVEs/blob/main/Student%20Record%20System%203.20/Student%20Record%20System%20-%20SQL%20Injection%20-%203.md
CVE-2024-3771 - https://github.com/BurakSevben/CVEs/blob/main/Student%20Record%20System%203.20/Student%20Record%20System%20-%20SQL%20Injection%20-%204.md
+CVE-2024-37791 - https://github.com/duxphp/DuxCMS3/issues/5
+CVE-2024-37799 - https://github.com/himanshubindra/CVEs/blob/main/CVE-2024-37799
+CVE-2024-37803 - https://github.com/himanshubindra/CVEs/blob/main/CVE-2024-37803
+CVE-2024-37840 - https://github.com/ganzhi-qcy/cve/issues/4
+CVE-2024-37848 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/13
+CVE-2024-37849 - https://github.com/ganzhi-qcy/cve/issues/3
+CVE-2024-37877 - https://github.com/f4rs1ght/vuln-research/tree/main/CVE-2024-37877
CVE-2024-37880 - https://github.com/antoonpurnal/clangover
CVE-2024-37880 - https://pqshield.com/pqshield-plugs-timing-leaks-in-kyber-ml-kem-to-improve-pqc-implementation-maturity/
+CVE-2024-37889 - https://github.com/TreyWW/MyFinances/security/advisories/GHSA-4884-3gvp-3wj2
+CVE-2024-37890 - https://github.com/websockets/ws/security/advisories/GHSA-3h5v-q93c-6h6q
+CVE-2024-37896 - https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-gf3r-h744-mqgp
+CVE-2024-37904 - https://github.com/stacklok/minder/security/advisories/GHSA-hpcg-xjq5-g666
CVE-2024-3797 - https://github.com/BurakSevben/CVEs/blob/main/QR%20Code%20Bookmark%20System/QR%20Code%20Bookmark%20System%20-%20SQL%20Injection.md
CVE-2024-3822 - https://wpscan.com/vulnerability/ff5411b1-9e04-4e72-a502-e431d774642a/
CVE-2024-3823 - https://wpscan.com/vulnerability/a138215c-4b8c-4182-978f-d21ce25070d3/
CVE-2024-3824 - https://wpscan.com/vulnerability/749ae334-b1d1-421e-a04c-35464c961a4a/
+CVE-2024-38347 - https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-38347
+CVE-2024-38348 - https://github.com/SandeepRajauriya/CVEs/blob/main/CVE-2024-38348
+CVE-2024-38358 - https://github.com/wasmerio/wasmer/security/advisories/GHSA-55f3-3qvg-8pv5
CVE-2024-3837 - https://issues.chromium.org/issues/41491379
+CVE-2024-38394 - https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/issues/780
+CVE-2024-38394 - https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/issues/780#note_2047914
+CVE-2024-38394 - https://pulsesecurity.co.nz/advisories/usbguard-bypass
+CVE-2024-38395 - http://www.openwall.com/lists/oss-security/2024/06/17/1
+CVE-2024-38396 - http://www.openwall.com/lists/oss-security/2024/06/17/1
+CVE-2024-38396 - https://vin01.github.io/piptagole/escape-sequences/iterm2/rce/2024/06/16/iterm2-rce-window-title-tmux-integration.html
+CVE-2024-3840 - https://issues.chromium.org/issues/41493458
+CVE-2024-38427 - https://github.com/InternationalColorConsortium/DemoIccMAX/pull/66
+CVE-2024-38427 - https://github.com/InternationalColorConsortium/DemoIccMAX/pull/66/commits/85ce74ef19fb0751c7e188b06daed22fe74c332c
CVE-2024-3844 - https://issues.chromium.org/issues/40058873
+CVE-2024-38449 - https://kasmweb.atlassian.net/servicedesk/customer/portal/3/topic/30ffee7f-4b85-4783-b118-6ae4fd8b0c52
CVE-2024-3846 - https://issues.chromium.org/issues/40064754
+CVE-2024-38460 - https://sonarsource.atlassian.net/browse/SONAR-21559
+CVE-2024-38469 - https://github.com/zhimengzhe/iBarn/issues/20
+CVE-2024-38470 - https://github.com/zhimengzhe/iBarn/issues/20
CVE-2024-3873 - https://vuldb.com/?submit.312623
CVE-2024-3874 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W20E/formSetRemoteWebManage.md
CVE-2024-3875 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromNatlimit.md
@@ -97895,6 +98038,7 @@ CVE-2024-3879 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W3
CVE-2024-3880 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/formWriteFacMac.md
CVE-2024-3881 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/frmL7ProtForm.md
CVE-2024-3882 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W30E/fromRouteStatic.md
+CVE-2024-3882 - https://vuldb.com/?id.260916
CVE-2024-3903 - https://wpscan.com/vulnerability/0a0e7bd4-948d-47c9-9219-380bda9f3034/
CVE-2024-3905 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/R7WebsSecurityHandler.md
CVE-2024-3906 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC500/formQuickIndex.md
@@ -97914,8 +98058,17 @@ CVE-2024-3939 - https://wpscan.com/vulnerability/80a9eb3a-2cb1-4844-9004-ba2554b
CVE-2024-3940 - https://wpscan.com/vulnerability/bb0245e5-8e94-4f11-9003-d6208945056c/
CVE-2024-3941 - https://wpscan.com/vulnerability/6e09e922-983c-4406-8053-747d839995d1/
CVE-2024-3948 - https://github.com/xuanluansec/vul/issues/5
+CVE-2024-3965 - https://wpscan.com/vulnerability/0e1ba2b3-5849-42f6-b503-8b3b520e4a79/
+CVE-2024-3966 - https://wpscan.com/vulnerability/9f0a575f-862d-4f2e-8d25-82c6f58dd11a/
+CVE-2024-3971 - https://wpscan.com/vulnerability/5dec5719-105d-4989-a97f-bda04d223322/
+CVE-2024-3972 - https://wpscan.com/vulnerability/55dfb9b5-d590-478b-bd1f-d420b79037fa/
+CVE-2024-3977 - https://wpscan.com/vulnerability/25851386-eccf-49cb-afbf-c25286c9b19e/
+CVE-2024-3978 - https://wpscan.com/vulnerability/a9f47d11-47ac-4998-a82a-dc2f3b0decdf/
CVE-2024-3979 - https://github.com/COVESA/vsomeip/files/14904610/details.zip
CVE-2024-3979 - https://github.com/COVESA/vsomeip/issues/663
+CVE-2024-3992 - https://wpscan.com/vulnerability/e9fe3101-8033-4eee-8b37-06856872e9ef/
+CVE-2024-3993 - https://wpscan.com/vulnerability/19cd60dd-8599-4af3-99db-c42de504606c/
+CVE-2024-4005 - https://wpscan.com/vulnerability/02ca09f8-4080-4969-992d-0e6afb29bc62/
CVE-2024-4019 - https://github.com/scausoft/cve/blob/main/rce.md
CVE-2024-4040 - https://www.bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately/
CVE-2024-4040 - https://www.rapid7.com/blog/post/2024/04/23/etr-unauthenticated-crushftp-zero-day-enables-complete-server-compromise/
@@ -97927,6 +98080,7 @@ CVE-2024-4066 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC
CVE-2024-4067 - https://github.com/micromatch/micromatch/issues/243
CVE-2024-4068 - https://github.com/micromatch/braces/issues/35
CVE-2024-4068 - https://github.com/micromatch/braces/pull/37
+CVE-2024-4094 - https://wpscan.com/vulnerability/04b2feba-e009-4fce-8539-5dfdb4300433/
CVE-2024-4111 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/TX9/SetLEDCfg.md
CVE-2024-4112 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/TX9/formSetVirtualSer.md
CVE-2024-4113 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/TX9/fromSetSysTime.md
@@ -97946,6 +98100,8 @@ CVE-2024-4125 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W1
CVE-2024-4126 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W15Ev1.0/formSetSysTime.md
CVE-2024-4127 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W15Ev1.0/guestWifiRuleRefresh.md
CVE-2024-4140 - https://github.com/rjbs/Email-MIME/issues/66
+CVE-2024-4145 - https://wpscan.com/vulnerability/7d5b8764-c82d-4969-a707-f38b63bcadca/
+CVE-2024-4149 - https://wpscan.com/vulnerability/0256ec2a-f1a9-4110-9978-ee88f9e24237/
CVE-2024-4164 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/G3V15/formModifyPppAuthWhiteMac.md
CVE-2024-4165 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/G3V15/modifyDhcpRule.md
CVE-2024-4166 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/G3/4G300/sub_41E858_GO.md
@@ -97974,19 +98130,30 @@ CVE-2024-4250 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/
CVE-2024-4251 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/fromDhcpSetSer.md
CVE-2024-4252 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i22/formSetUrlFilterRule.md
CVE-2024-4257 - https://github.com/GAO-UNO/cve/blob/main/sql.md
+CVE-2024-4270 - https://wpscan.com/vulnerability/7a3b89cc-7a81-448a-94fc-36a7033609d5/
+CVE-2024-4271 - https://wpscan.com/vulnerability/c1fe0bc7-a340-428e-a549-1e37291bea1c/
CVE-2024-4289 - https://wpscan.com/vulnerability/072785de-0ce5-42a4-a3fd-4eb1d1a2f1be/
CVE-2024-4290 - https://wpscan.com/vulnerability/a9a10d0f-d8f2-4f3e-92bf-94fc08416d87/
CVE-2024-4291 - https://github.com/L1ziang/Vulnerability/blob/main/formAddMacfilterRule.md
CVE-2024-4293 - https://github.com/Sospiro014/zday1/blob/main/doctor_appointment_management_system_xss.md
CVE-2024-4294 - https://github.com/Sospiro014/zday1/blob/main/doctor_appointment_management_system_idor.md
+CVE-2024-4305 - https://wpscan.com/vulnerability/635be98d-4c17-4e75-871f-9794d85a2eb1/
CVE-2024-4340 - https://github.com/advisories/GHSA-2m57-hf25-phgg
CVE-2024-4340 - https://research.jfrog.com/vulnerabilities/sqlparse-stack-exhaustion-dos-jfsa-2024-001031292/
CVE-2024-4348 - https://vuldb.com/?submit.320855
CVE-2024-4349 - https://github.com/CveSecLook/cve/issues/19
CVE-2024-4372 - https://wpscan.com/vulnerability/13dcfd8a-e378-44b4-af6f-940bc41539a4/
+CVE-2024-4377 - https://wpscan.com/vulnerability/778cebec-bdbb-4538-9518-c5bd50f76961/
+CVE-2024-4381 - https://wpscan.com/vulnerability/9b3cda9a-17a7-4173-93a2-d552a874fae9/
+CVE-2024-4382 - https://wpscan.com/vulnerability/1a67aeab-8145-4c8a-9c18-e6436fa39b63/
+CVE-2024-4384 - https://wpscan.com/vulnerability/ad714196-2590-4dc9-b5b9-50808e9e0d26/
CVE-2024-4388 - https://wpscan.com/vulnerability/5c791747-f60a-40a7-94fd-e4b9bb5ea2b0/
CVE-2024-4399 - https://wpscan.com/vulnerability/0690327e-da60-4d71-8b3c-ac9533d82302/
CVE-2024-4469 - https://wpscan.com/vulnerability/d6b1270b-52c0-471d-a5fb-507e21b46310/
+CVE-2024-4474 - https://wpscan.com/vulnerability/71954c60-6a5b-4cac-9920-6d9b787ead9c/
+CVE-2024-4475 - https://wpscan.com/vulnerability/f0c7fa00-da6e-4f07-875f-7b85759a54b3/
+CVE-2024-4477 - https://wpscan.com/vulnerability/ab551552-944c-4e2a-9355-7011cbe553b0/
+CVE-2024-4480 - https://wpscan.com/vulnerability/c1e5dee9-c540-4cc1-8b94-c6d1650b52d3/
CVE-2024-4491 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formGetDiagnoseInfo.md
CVE-2024-4492 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formOfflineSet.md
CVE-2024-4493 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formSetAutoPing.md
@@ -98010,7 +98177,9 @@ CVE-2024-4542 - https://wpscan.com/vulnerability/9eef8b29-2c62-4daa-ae90-467ff9b
CVE-2024-4547 - https://www.tenable.com/security/research/tra-2024-13
CVE-2024-4548 - https://www.tenable.com/security/research/tra-2024-13
CVE-2024-4549 - https://www.tenable.com/security/research/tra-2024-13
+CVE-2024-4565 - https://wpscan.com/vulnerability/430224c4-d6e3-4ca8-b1bc-b2229a9bcf12/
CVE-2024-4577 - https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/
+CVE-2024-4577 - https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately
CVE-2024-4577 - https://github.com/11whoami99/CVE-2024-4577
CVE-2024-4577 - https://github.com/watchtowrlabs/CVE-2024-4577
CVE-2024-4577 - https://github.com/xcanwin/CVE-2024-4577-PHP-RCE
@@ -98025,6 +98194,7 @@ CVE-2024-4591 - https://github.com/Hckwzh/cms/blob/main/22.md
CVE-2024-4592 - https://github.com/Hckwzh/cms/blob/main/23.md
CVE-2024-4593 - https://github.com/Hckwzh/cms/blob/main/24.md
CVE-2024-4594 - https://github.com/Hckwzh/cms/blob/main/25.md
+CVE-2024-4616 - https://wpscan.com/vulnerability/d203bf3b-aee9-4755-b429-d6bbdd940890/
CVE-2024-4620 - https://wpscan.com/vulnerability/dc34dc2d-d5a1-4e28-8507-33f659ead647/
CVE-2024-4621 - https://wpscan.com/vulnerability/33a366d9-6c81-4957-a101-768487aae735/
CVE-2024-4644 - https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss3.md
@@ -98048,6 +98218,8 @@ CVE-2024-4737 - https://github.com/yylmm/CVE/blob/main/Legal%20Case%20Management
CVE-2024-4738 - https://github.com/yylmm/CVE/blob/main/Legal%20Case%20Management%20System/xss_admin_appointment.md
CVE-2024-4749 - https://wpscan.com/vulnerability/6cc05a33-6592-4d35-8e66-9b6a9884df7e/
CVE-2024-4750 - https://wpscan.com/vulnerability/ffbe4034-842b-43b0-97d1-208811376dea/
+CVE-2024-4751 - https://wpscan.com/vulnerability/94f4cc45-4c55-43d4-8ad2-a20c118b589f/
+CVE-2024-4755 - https://wpscan.com/vulnerability/adc6ea6d-29d8-4ad0-b0db-2540e8b3f9a9/
CVE-2024-4756 - https://wpscan.com/vulnerability/ce4688b6-6713-43b5-aa63-8a3b036bd332/
CVE-2024-4792 - https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/sql_action.md
CVE-2024-4793 - https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/sql_manage_laundry.md
@@ -98085,6 +98257,7 @@ CVE-2024-4919 - https://github.com/yylmm/CVE/blob/main/Online%20Examination%20Sy
CVE-2024-4920 - https://github.com/CveSecLook/cve/issues/27
CVE-2024-4921 - https://github.com/I-Schnee-I/cev/blob/main/upload.md
CVE-2024-4923 - https://github.com/polaris0x1/CVE/issues/1
+CVE-2024-4924 - https://wpscan.com/vulnerability/1867505f-d112-4919-9fd5-01745aa0433e/
CVE-2024-4925 - https://github.com/Hefei-Coffee/cve/blob/main/sql6.md
CVE-2024-4926 - https://github.com/Hefei-Coffee/cve/blob/main/sql7.md
CVE-2024-4927 - https://github.com/Hefei-Coffee/cve/blob/main/upload2.md
@@ -98095,6 +98268,8 @@ CVE-2024-4966 - https://github.com/CveSecLook/cve/issues/30
CVE-2024-4967 - https://github.com/BurakSevben/CVEs/blob/main/Interactive%20Map%20App/Interactive%20Map%20App%20-%20SQL%20Injection.md
CVE-2024-4968 - https://github.com/BurakSevben/CVEs/blob/main/Interactive%20Map%20App/Interactive%20Map%20App%20-%20Cross-Site-Scripting.md
CVE-2024-4968 - https://vuldb.com/?id.264536
+CVE-2024-4969 - https://wpscan.com/vulnerability/1a7ec5dc-eda4-4fed-9df9-f41d2b937fed/
+CVE-2024-4970 - https://wpscan.com/vulnerability/4a9fc352-7ec2-4992-9cda-7bdca4f42788/
CVE-2024-4972 - https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20SQL%20Injection%20-%201.md
CVE-2024-4973 - https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20SQL%20Injection%20-%202.md
CVE-2024-4974 - https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20Cross-Site-Scripting-1.md
@@ -98118,6 +98293,7 @@ CVE-2024-5098 - https://github.com/rockersiyuan/CVE/blob/main/SourceCodester%20S
CVE-2024-5099 - https://github.com/rockersiyuan/CVE/blob/main/SourceCodester%20Simple%20Inventory%20System%20Sql%20Inject-2.md
CVE-2024-5100 - https://github.com/rockersiyuan/CVE/blob/main/SourceCodester%20Simple%20Inventory%20System%20Sql%20Inject-3.md
CVE-2024-5101 - https://github.com/rockersiyuan/CVE/blob/main/SourceCodester%20Simple%20Inventory%20System%20Sql%20Inject-4.md
+CVE-2024-5102 - https://support.norton.com/sp/static/external/tools/security-advisories.html
CVE-2024-5116 - https://github.com/polaris0x1/CVE/issues/3
CVE-2024-5117 - https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%201.md
CVE-2024-5118 - https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%201.md
@@ -98134,6 +98310,8 @@ CVE-2024-5138 - https://bugs.launchpad.net/snapd/+bug/2065077
CVE-2024-5145 - https://github.com/CveSecLook/cve/issues/38
CVE-2024-5145 - https://github.com/CveSecLook/cve/issues/38CVE-2005-1275
CVE-2024-5145 - https://github.com/CveSecLook/cve/issues/38CVE-2020-7009
+CVE-2024-5155 - https://wpscan.com/vulnerability/f1e90a8a-d959-4316-a5d4-e183854944bd/
+CVE-2024-5172 - https://wpscan.com/vulnerability/65d84e69-0548-4c7d-bcde-5777d72da555/
CVE-2024-5310 - https://gitee.com/heyewei/JFinalcms/issues/I8VHM2
CVE-2024-5350 - https://github.com/anji-plus/report/files/15363269/aj-report.pdf
CVE-2024-5351 - https://github.com/anji-plus/report/files/15363269/aj-report.pdf
@@ -98159,19 +98337,28 @@ CVE-2024-5394 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/7
CVE-2024-5395 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/8
CVE-2024-5396 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/9
CVE-2024-5397 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/10
+CVE-2024-5410 - http://seclists.org/fulldisclosure/2024/May/36
CVE-2024-5410 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/
+CVE-2024-5411 - http://seclists.org/fulldisclosure/2024/May/36
CVE-2024-5411 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/
+CVE-2024-5420 - http://seclists.org/fulldisclosure/2024/Jun/4
CVE-2024-5420 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/index.html
+CVE-2024-5421 - http://seclists.org/fulldisclosure/2024/Jun/4
CVE-2024-5421 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html
+CVE-2024-5422 - http://seclists.org/fulldisclosure/2024/Jun/4
CVE-2024-5422 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html
CVE-2024-5428 - https://github.com/kaikai145154/CVE-CSRF/blob/main/SourceCodester%20Simple%20Online%20Bidding%20System%20CSRF.md
CVE-2024-5437 - https://github.com/pijiawei/CVE/blob/pijiawei-photo/SourceCodester%20Simple%20Online%20Bidding%20System%20XSS.md
+CVE-2024-5447 - https://wpscan.com/vulnerability/a692b869-1666-42d1-b56d-dfcccd68ab67/
+CVE-2024-5448 - https://wpscan.com/vulnerability/c482fe19-b643-41ea-8194-22776b388290/
CVE-2024-5458 - https://github.com/php/php-src/security/advisories/GHSA-w8qr-v226-r27w
+CVE-2024-5475 - https://wpscan.com/vulnerability/cee66543-b5d6-4205-8f9b-0febd7fee445/
CVE-2024-5515 - https://github.com/HaojianWang/cve/issues/1
CVE-2024-5516 - https://github.com/ppp-src/ha/issues/3
CVE-2024-5517 - https://github.com/ppp-src/ha/issues/4
CVE-2024-5518 - https://github.com/L1OudFd8cl09/CVE/issues/1
CVE-2024-5519 - https://github.com/L1OudFd8cl09/CVE/issues/2
+CVE-2024-5522 - https://wpscan.com/vulnerability/bc76ef95-a2a9-4185-8ed9-1059097a506a/
CVE-2024-5565 - https://research.jfrog.com/vulnerabilities/vanna-prompt-injection-rce-jfsa-2024-001034449/
CVE-2024-5585 - https://github.com/php/php-src/security/advisories/GHSA-9fcc-425m-g385
CVE-2024-5588 - https://github.com/Lanxiy7th/lx_CVE_report-/issues/12
@@ -98179,13 +98366,48 @@ CVE-2024-5590 - https://github.com/flyyue2001/cve/blob/main/NS-ASG-sql-uploadisc
CVE-2024-5635 - https://github.com/L1OudFd8cl09/CVE/blob/main/03_06_2024_a.md
CVE-2024-5636 - https://github.com/L1OudFd8cl09/CVE/blob/main/03_06_2024_b.md
CVE-2024-5656 - https://wpscan.com/vulnerability/adc6ea6d-29d8-4ad0-b0db-2540e8b3f9a9/
+CVE-2024-5657 - http://www.openwall.com/lists/oss-security/2024/06/06/1
CVE-2024-5657 - https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-01_CraftCMS_Plugin_Two-Factor_Authentication_Password_Hash_Disclosure
+CVE-2024-5658 - http://www.openwall.com/lists/oss-security/2024/06/06/2
CVE-2024-5658 - https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-02_CraftCMS_Plugin_Two-Factor_Authentication_TOTP_Valid_After_Use
+CVE-2024-5676 - https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240321-01_Paradox_Cross_Site_Request_Forgery
CVE-2024-5733 - https://github.com/kingshao0312/cve/issues/1
CVE-2024-5734 - https://github.com/kingshao0312/cve/issues/2
CVE-2024-5745 - https://github.com/L1OudFd8cl09/CVE/blob/main/07_06_2024_a.md
CVE-2024-5758 - https://research.cleantalk.org/cve-2024-4305/
CVE-2024-5758 - https://wpscan.com/vulnerability/635be98d-4c17-4e75-871f-9794d85a2eb1/
+CVE-2024-5772 - https://github.com/charliecatsec/cve1/blob/main/NS-ASG-sql-deleteiscuser.md
CVE-2024-5773 - https://github.com/L1OudFd8cl09/CVE/issues/3
CVE-2024-5774 - https://github.com/CveSecLook/cve/issues/43
CVE-2024-5775 - https://github.com/CveSecLook/cve/issues/44
+CVE-2024-5851 - https://vuldb.com/?submit.347385
+CVE-2024-5894 - https://github.com/Hefei-Coffee/cve/blob/main/sql10.md
+CVE-2024-5895 - https://github.com/Hefei-Coffee/cve/blob/main/sql11.md
+CVE-2024-5896 - https://github.com/Hefei-Coffee/cve/blob/main/sql12.md
+CVE-2024-5898 - https://github.com/guiyxli/cve/issues/1
+CVE-2024-5981 - https://github.com/LiuYongXiang-git/cve/issues/1
+CVE-2024-5983 - https://github.com/LiuYongXiang-git/cve/issues/2
+CVE-2024-5984 - https://github.com/LiuYongXiang-git/cve/issues/3
+CVE-2024-5985 - https://github.com/CveSecLook/cve/issues/45
+CVE-2024-6006 - https://vuldb.com/?submit.351403
+CVE-2024-6007 - https://github.com/SecureF1sh/findings/blob/main/ns_sqli.md
+CVE-2024-6009 - https://github.com/AutoZhou1/cve/issues/1
+CVE-2024-6013 - https://github.com/gabriel202212/cve/issues/1
+CVE-2024-6015 - https://github.com/chenwulin-bit/cve/issues/1
+CVE-2024-6016 - https://github.com/chenwulin-bit/cve/issues/2
+CVE-2024-6041 - https://github.com/ssiicckk/cve/issues/1
+CVE-2024-6042 - https://github.com/Cormac315/cve/issues/1
+CVE-2024-6043 - https://github.com/yezzzo/y3/blob/main/SourceCodester%20Best%20house%20rental%20management%20system%20project%20in%20php%201.0%20SQL%20Injection.md
+CVE-2024-6061 - https://github.com/gpac/gpac/issues/2871
+CVE-2024-6084 - https://github.com/Laster-dev/CVE/issues/2
+CVE-2024-6111 - https://github.com/wangyuan-ui/CVE/issues/1
+CVE-2024-6113 - https://github.com/wangyuan-ui/CVE/issues/3
+CVE-2024-6114 - https://github.com/wangyuan-ui/CVE/issues/4
+CVE-2024-6184 - https://github.com/L1OudFd8cl09/CVE/blob/main/11_06_2024_a.md
+CVE-2024-6187 - https://github.com/L1OudFd8cl09/CVE/blob/main/11_06_2024_d.md
+CVE-2024-6188 - https://kiwiyumi.com/post/tracksys-export-source-code/
+CVE-2024-6190 - https://github.com/HryspaHodor/CVE/issues/2
+CVE-2024-6191 - https://github.com/HryspaHodor/CVE/issues/3
+CVE-2024-6192 - https://github.com/HryspaHodor/CVE/issues/4
+CVE-2024-6194 - https://github.com/HryspaHodor/CVE/issues/6
+CVE-2024-6218 - https://github.com/HryspaHodor/CVE/issues/7