Update CVE sources 2024-08-22 18:33

2014/CVE-2014-0160.md

@@ -333,6 +333,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p
 - https://github.com/gold1029/sslscan
 - https://github.com/gpoojareddy/Security
 - https://github.com/greenmindlabs/docker-for-pentest
+- https://github.com/gunlawsguy2/awesome-security
 - https://github.com/hackerhouse-opensource/exploits
 - https://github.com/hackingyseguridad/sslscan
 - https://github.com/hahwul/a2sv

2014/CVE-2014-6271.md

@@ -370,6 +370,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th
 - https://github.com/eric-erki/awesome-pentest
 - https://github.com/eric-gitta-moore/Safety-Project-Collection
 - https://github.com/ericlake/fabric-shellshock
+- https://github.com/exfilt/CheatSheet
 - https://github.com/falocab/PayloadsAllTheThings
 - https://github.com/fares-alkhalaf/BurbsuiteInArabic
 - https://github.com/fedoraredteam/cyber-range-target
@@ -387,6 +388,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th
 - https://github.com/googleinurl/Xpl-SHELLSHOCK-Ch3ck
 - https://github.com/gpoojareddy/Security
 - https://github.com/greenmindlabs/docker-for-pentest
+- https://github.com/gunlawsguy2/awesome-security
 - https://github.com/gwyomarch/CVE-Collection
 - https://github.com/gyh95226/Bypass007
 - https://github.com/hacden/vultools
@@ -517,6 +519,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th
 - https://github.com/ozkanbilge/Payloads
 - https://github.com/pacopeng/paco-acs-demo
 - https://github.com/paolokalvo/Ferramentas-Cyber-Security
+- https://github.com/parth45/cheatsheet
 - https://github.com/parveshkatoch/Penetration-Testing
 - https://github.com/paulveillard/cybersecurity
 - https://github.com/paulveillard/cybersecurity-ethical-hacking

2016/CVE-2016-1531.md

@@ -27,12 +27,14 @@ Exim before 4.86.2, when installed setuid root, allows local users to gain privi
 - https://github.com/c0d3cr4f73r/CVE-2016-1531
 - https://github.com/chorankates/Irked
 - https://github.com/crypticdante/CVE-2016-1531
+- https://github.com/exfilt/CheatSheet
 - https://github.com/ghostking2802/Linux-privilege-escalation-cheatsheet
 - https://github.com/hackerhouse-opensource/exploits
 - https://github.com/kam1n0/sudo-exim4-privesc
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/mhamzakhattak/offsec-pentest-commands
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/sujayadkesar/Linux-Privilege-Escalation
 - https://github.com/suljov/Hacking-linux

2016/CVE-2016-4557.md

@@ -16,6 +16,7 @@ The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux k
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/HaxorSecInfec/autoroot.sh
 - https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
+- https://github.com/Mr-Tree-S/POC_EXP
 - https://github.com/a-roshbaik/Linux-Privilege-Escalation-Exploits
 - https://github.com/chreniuc/CTF
 - https://github.com/dylandreimerink/gobpfld

2016/CVE-2016-5195.md

@@ -207,6 +207,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo
 - https://github.com/elorion/The-Security-Handbook
 - https://github.com/elzerjp/OSCP
 - https://github.com/esc0rtd3w/org.cowpoop.moooooo
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fei9747/CVE-2016-5195
 - https://github.com/fei9747/LinuxEelvation
 - https://github.com/fengjixuchui/RedTeamer
@@ -341,6 +342,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo
 - https://github.com/osogi/NTO_2022
 - https://github.com/ozkanbilge/Linux-Kernel-Exploits
 - https://github.com/p00h00/linux-exploits
+- https://github.com/parth45/cheatsheet
 - https://github.com/passionchenjianyegmail8/scumjrs
 - https://github.com/password520/RedTeamer
 - https://github.com/password520/linux-kernel-exploits

2017/CVE-2017-0144.md

@@ -95,6 +95,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2
 - https://github.com/diyarit/Ad-Peas
 - https://github.com/ducanh2oo3/Vulnerability-Research-CVE-2017-0144
 - https://github.com/ericjiang97/SecScripts
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fernandopaezmartin/SAD_2021--Metasploit
 - https://github.com/geeksniper/active-directory-pentest
 - https://github.com/ginapalomo/ScanAll
@@ -128,6 +129,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/osogi/NTO_2022
 - https://github.com/paramint/AD-Attack-Defense
+- https://github.com/parth45/cheatsheet
 - https://github.com/peterpt/eternal_scanner
 - https://github.com/qazbnm456/awesome-cve-poc
 - https://github.com/quynhold/Detect-CVE-2017-0144-attack

2017/CVE-2017-0199.md

@@ -116,6 +116,7 @@ Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1,
 - https://github.com/elinakrmova/RedTeam-Tools
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/emtee40/win-pentest-tools
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fideliscyber/yalda
 - https://github.com/geeksniper/Red-team-toolkit
 - https://github.com/gold1029/Red-Teaming-Toolkit
@@ -168,6 +169,7 @@ Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1,
 - https://github.com/oneplus-x/MS17-010
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/papa-anniekey/CustomSignatures
+- https://github.com/parth45/cheatsheet
 - https://github.com/pathakabhi24/Pentest-Tools
 - https://github.com/pjgmonteiro/Pentest-tools
 - https://github.com/qazbnm456/awesome-cve-poc

2018/CVE-2018-10126.md

@@ -5,12 +5,13 @@
 
 ### Description
 
-LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c.
+ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.
 
 ### POC
 
 #### Reference
 - http://bugzilla.maptools.org/show_bug.cgi?id=2786
+- https://gitlab.com/libtiff/libtiff/-/issues/128
 
 #### Github
 - https://github.com/adegoodyer/kubernetes-admin-toolkit

2018/CVE-2018-10933.md

@@ -74,6 +74,7 @@ A vulnerability was found in libssh's server-side state machine before versions
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/ensimag-security/CVE-2018-10933
+- https://github.com/exfilt/CheatSheet
 - https://github.com/gojhonny/libssh-scanner
 - https://github.com/hackerhouse-opensource/cve-2018-10933
 - https://github.com/hackerhouse-opensource/hackerhouse-opensource
@@ -103,6 +104,7 @@ A vulnerability was found in libssh's server-side state machine before versions
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/nobiusmallyu/kehai
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/pghook/CVE-2018-10933_Scanner
 - https://github.com/qazbnm456/awesome-cve-poc
 - https://github.com/r3dxpl0it/CVE-2018-10933

2018/CVE-2018-16509.md

@@ -33,6 +33,7 @@ An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restorati
 - https://github.com/cved-sources/cve-2018-16509
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/farisv/PIL-RCE-Ghostscript-CVE-2018-16509
 - https://github.com/itsmiki/hackthebox-web-challenge-payloads
 - https://github.com/kgwanjala/oscp-cheatsheet
@@ -40,6 +41,7 @@ An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restorati
 - https://github.com/lnick2023/nicenice
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/qazbnm456/awesome-cve-poc
 - https://github.com/revanmalang/OSCP
 - https://github.com/rhpco/CVE-2018-16509

2018/CVE-2018-20250.md

@@ -45,6 +45,7 @@ In WinRAR versions prior to and including 5.61, There is path traversal vulnerab
 - https://github.com/Ektoplasma/ezwinrar
 - https://github.com/Fa1c0n35/Red-Teaming-Toolkit
 - https://github.com/GhostTroops/TOP
+- https://github.com/H4xl0r/WinRar_ACE_exploit_CVE-2018-20250
 - https://github.com/HacTF/poc--exp
 - https://github.com/HildeTeamTNT/Red-Teaming-Toolkit
 - https://github.com/IversionBY/PenetratInfo

2018/CVE-2018-7600.md

@@ -140,6 +140,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1
 - https://github.com/emtee40/win-pentest-tools
 - https://github.com/emzkie2018/S4nji1-Drupalgeddon2
 - https://github.com/enomothem/PenTestNote
+- https://github.com/exfilt/CheatSheet
 - https://github.com/falocab/PayloadsAllTheThings
 - https://github.com/fengjixuchui/RedTeamer
 - https://github.com/firefart/CVE-2018-7600
@@ -198,6 +199,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/osogi/NTO_2022
 - https://github.com/ozkanbilge/Payloads
+- https://github.com/parth45/cheatsheet
 - https://github.com/password520/RedTeamer
 - https://github.com/pathakabhi24/Pentest-Tools
 - https://github.com/persian64/CVE-2018-7600

2019/CVE-2019-11358.md

@@ -3359,6 +3359,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/kanishkrr/CENTERSTAGE_
 - https://github.com/kanishkrr/CenterStage
 - https://github.com/katakazeh/ApriltagDetection
+- https://github.com/kateh1/FtcRobotController69
 - https://github.com/katipihi/bsgcconlyhope
 - https://github.com/katipihi/kat-pws
 - https://github.com/kausalyap/FTC_PowerPlay_OpenCV

2019/CVE-2019-14287.md

@@ -85,6 +85,7 @@ In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can
 - https://github.com/edsonjt81/CVE-2019-14287-
 - https://github.com/ejlevin99/Sudo-Security-Bypass-Vulnerability
 - https://github.com/emtuls/Awesome-Cyber-Security-List
+- https://github.com/exfilt/CheatSheet
 - https://github.com/geeksniper/Linux-privilege-escalation
 - https://github.com/geleiaa/ceve-s
 - https://github.com/go-bi/go-bi-soft
@@ -107,6 +108,7 @@ In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can
 - https://github.com/n3ov4n1sh/CVE-2019-14287
 - https://github.com/notnue/Linux-Privilege-Escalation
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/python-nerd-git/Sudo-Security-Bypass
 - https://github.com/ra1nb0rn/search_vulns
 - https://github.com/redcountryroad/OSCP-shortsheet

2019/CVE-2019-14615.md

@@ -13,6 +13,7 @@ Insufficient control flow in certain data structures for some Intel(R) Processor
 - http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
 - http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
 - https://usn.ubuntu.com/4253-1/
+- https://usn.ubuntu.com/4254-2/
 - https://usn.ubuntu.com/4287-2/
 
 #### Github

2019/CVE-2019-15291.md

@@ -11,6 +11,7 @@ An issue was discovered in the Linux kernel through 5.2.9. There is a NULL point
 
 #### Reference
 - http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
+- https://usn.ubuntu.com/4254-2/
 - https://usn.ubuntu.com/4287-2/
 
 #### Github

2019/CVE-2019-16220.md

@@ -5,7 +5,7 @@
 
 ### Description
 
-In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect.
+In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash.
 
 ### POC
 

2019/CVE-2019-18634.md

@@ -54,6 +54,7 @@ In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigg
 - https://github.com/e-hakson/OSCP
 - https://github.com/edsonjt81/sudo-cve-2019-18634
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/geleiaa/ceve-s
 - https://github.com/go-bi/go-bi-soft
 - https://github.com/gurkylee/Linux-Privilege-Escalation-Basics
@@ -68,6 +69,7 @@ In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigg
 - https://github.com/notnue/Linux-Privilege-Escalation
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/paras1te-x/CVE-2019-18634
+- https://github.com/parth45/cheatsheet
 - https://github.com/pmihsan/Sudo-PwdFeedback-Buffer-Overflow
 - https://github.com/ptef/CVE-2019-18634
 - https://github.com/retr0-13/Linux-Privilege-Escalation-Basics

2019/CVE-2019-18683.md

@@ -12,6 +12,7 @@ An issue was discovered in drivers/media/platform/vivid in the Linux kernel thro
 #### Reference
 - http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
 - http://www.openwall.com/lists/oss-security/2019/11/05/1
+- https://usn.ubuntu.com/4254-2/
 - https://usn.ubuntu.com/4287-2/
 - https://www.openwall.com/lists/oss-security/2019/11/02/1
 

2019/CVE-2019-18885.md

@@ -12,6 +12,7 @@ fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_exte
 #### Reference
 - http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
 - https://github.com/bobfuzzer/CVE-2019-18885
+- https://usn.ubuntu.com/4254-2/
 - https://usn.ubuntu.com/4287-2/
 - https://www.oracle.com/security-alerts/cpuApr2021.html
 

2019/CVE-2019-19057.md

@@ -11,6 +11,7 @@ Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wir
 
 #### Reference
 - http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
+- https://usn.ubuntu.com/4254-2/
 - https://usn.ubuntu.com/4287-2/
 
 #### Github

2019/CVE-2019-19062.md

@@ -11,6 +11,7 @@ A memory leak in the crypto_report() function in crypto/crypto_user_base.c in th
 
 #### Reference
 - http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
+- https://usn.ubuntu.com/4254-2/
 - https://usn.ubuntu.com/4287-2/
 
 #### Github

2019/CVE-2019-19063.md

@@ -11,6 +11,7 @@ Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek
 
 #### Reference
 - http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
+- https://usn.ubuntu.com/4254-2/
 - https://usn.ubuntu.com/4287-2/
 - https://www.oracle.com/security-alerts/cpuApr2021.html
 

2019/CVE-2019-19227.md

@@ -13,6 +13,7 @@ In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential
 - http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1
 - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9804501fa1228048857910a6bf23e085aade37cc
+- https://usn.ubuntu.com/4254-2/
 - https://usn.ubuntu.com/4287-2/
 
 #### Github

2019/CVE-2019-19332.md

@@ -11,6 +11,7 @@ An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13
 
 #### Reference
 - http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
+- https://usn.ubuntu.com/4254-2/
 - https://usn.ubuntu.com/4287-2/
 
 #### Github

2019/CVE-2019-5736.md

@@ -106,6 +106,7 @@ runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allow
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/epsteina16/Docker-Escape-Miner
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fahmifj/Docker-breakout-runc
 - https://github.com/fenixsecurelabs/core-nexus
 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -150,6 +151,7 @@ runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allow
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/owen800q/Awesome-Stars
 - https://github.com/panzouh/Docker-Runc-Exploit
+- https://github.com/parth45/cheatsheet
 - https://github.com/paulveillard/cybersecurity-docker-security
 - https://github.com/phoenixvlabs/core-nexus
 - https://github.com/phxvlabsio/core-nexus

2019/CVE-2019-6447.md

@@ -41,6 +41,7 @@ The ES File Explorer File Manager application through 4.1.9.7.4 for Android allo
 - https://github.com/developer3000S/PoC-in-GitHub
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/febinrev/CVE-2019-6447-ESfile-explorer-exploit
 - https://github.com/fs0c131y/ESFileExplorerOpenPortVuln
 - https://github.com/hectorgie/PoC-in-GitHub
@@ -52,6 +53,7 @@ The ES File Explorer File Manager application through 4.1.9.7.4 for Android allo
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/svg153/awesome-stars
 - https://github.com/txuswashere/OSCP

2019/CVE-2019-7304.md

@@ -41,6 +41,7 @@ Canonical snapd before version 2.37.1 incorrectly performed socket owner validat
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/elvi7major/snap_priv_esc
+- https://github.com/exfilt/CheatSheet
 - https://github.com/f4T1H21/HackTheBox-Writeups
 - https://github.com/f4T1H21/dirty_sock
 - https://github.com/fei9747/LinuxEelvation
@@ -51,6 +52,7 @@ Canonical snapd before version 2.37.1 incorrectly performed socket owner validat
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/rakjong/LinuxElevation
 - https://github.com/revanmalang/OSCP
 - https://github.com/scottford-lw/up-and-running-packer

2020/CVE-2020-0796.md

@@ -207,6 +207,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve
 - https://github.com/emtee40/win-pwn
 - https://github.com/ericzhong2010/GUI-Check-CVE-2020-0976
 - https://github.com/eventsentry/scripts
+- https://github.com/exfilt/CheatSheet
 - https://github.com/exp-sky/CVE-2020-0796
 - https://github.com/f1tz/CVE-2020-0796-LPE-EXP
 - https://github.com/fei9747/Awesome-CobaltStrike
@@ -291,6 +292,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve
 - https://github.com/orangmuda/CVE-2020-0796
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/paramint/windows-kernel-exploits
+- https://github.com/parth45/cheatsheet
 - https://github.com/password520/Penetration_PoC
 - https://github.com/pathakabhi24/Awesome-C
 - https://github.com/pengusec/awesome-netsec-articles

2020/CVE-2020-1472.md

@@ -229,6 +229,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/emtee40/win-pwn
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fadinglr/SharpCollection-1
 - https://github.com/goark/go-cvss
 - https://github.com/grandDancer/CVE-2017-5124-RCE-0-Day
@@ -304,6 +305,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu
 - https://github.com/orgTestCodacy11KRepos110MB/repo-3423-Pentest_Note
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/paramint/AD-Attack-Defense
+- https://github.com/parth45/cheatsheet
 - https://github.com/penetrarnya-tm/WeaponizeKali.sh
 - https://github.com/phant0n/PENTESTING-BIBLE
 - https://github.com/pj-797/soc_checker.sh

2020/CVE-2020-17049.md

@@ -49,6 +49,7 @@ No PoCs from references.
 - https://github.com/RkDx/MyRuby
 - https://github.com/SexyBeast233/SecBooks
 - https://github.com/Strokekilla/Rubeus
+- https://github.com/VidyaBipin/Rubeus-CShrp-yara
 - https://github.com/Whiteh4tWolf/Attack-Defense
 - https://github.com/XTeam-Wing/Hunting-Active-Directory
 - https://github.com/XTeam-Wing/RedTeaming2020
@@ -78,6 +79,7 @@ No PoCs from references.
 - https://github.com/retr0-13/AD-Attack-Defense
 - https://github.com/santan2020/ck2
 - https://github.com/select-ldl/word_select
+- https://github.com/sexyducati/rubeus-test
 - https://github.com/suzi007/RedTeam_Note
 - https://github.com/svbjdbk123/ReadTeam
 - https://github.com/syedrizvinet/lib-repos-Rubeus

2020/CVE-2020-17519.md

@@ -62,6 +62,7 @@ A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as
 - https://github.com/dudek-marcin/Poc-Exp
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/givemefivw/CVE-2020-17519
 - https://github.com/hanc00l/some_pocsuite
 - https://github.com/hktalent/bug-bounty
@@ -82,6 +83,7 @@ A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as
 - https://github.com/openx-org/BLEN
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/p4d0rn/Siren
+- https://github.com/parth45/cheatsheet
 - https://github.com/pen4uin/awesome-vulnerability-research
 - https://github.com/pen4uin/vulnerability-research
 - https://github.com/pen4uin/vulnerability-research-list

2021/CVE-2021-1675.md

@@ -191,6 +191,7 @@ Windows Print Spooler Remote Code Execution Vulnerability
 - https://github.com/eng-amarante/CyberSecurity
 - https://github.com/eversinc33/NimNightmare
 - https://github.com/evilashz/CVE-2021-1675-LPE-EXP
+- https://github.com/exfilt/CheatSheet
 - https://github.com/exploitblizzard/PrintNightmare-CVE-2021-1675
 - https://github.com/f4T1H21/HackTheBox-Writeups
 - https://github.com/fei9747/Awesome-CobaltStrike
@@ -258,6 +259,7 @@ Windows Print Spooler Remote Code Execution Vulnerability
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/outflanknl/PrintNightmare
 - https://github.com/ozergoker/PrintNightmare
+- https://github.com/parth45/cheatsheet
 - https://github.com/peckre/PNCVE-Win10-20H2-Exploit
 - https://github.com/penetrarnya-tm/WeaponizeKali.sh
 - https://github.com/ptter23/CVE-2021-1675

2021/CVE-2021-21972.md

@@ -94,6 +94,7 @@ The vSphere Client (HTML5) contains a remote code execution vulnerability in a v
 - https://github.com/djytmdj/Tool_Summary
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/githubfoam/ubuntu_sandbox
 - https://github.com/gobysec/Goby
 - https://github.com/guchangan1/All-Defense-Tool
@@ -130,6 +131,7 @@ The vSphere Client (HTML5) contains a remote code execution vulnerability in a v
 - https://github.com/orangmuda/CVE-2021-21972
 - https://github.com/orgTestCodacy11KRepos110MB/repo-3569-collection-document
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/password520/CVE-2021-21972
 - https://github.com/password520/LadonGo
 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main

2021/CVE-2021-22204.md

@@ -59,6 +59,7 @@ Improper neutralization of user data in the DjVu file format in ExifTool version
 - https://github.com/dudek0807/OverflowWriteup
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/gkhan496/WDIR
 - https://github.com/harsh-bothra/learn365
 - https://github.com/hongson97/ctf-challenges
@@ -73,6 +74,7 @@ Improper neutralization of user data in the DjVu file format in ExifTool version
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oneoy/Gitlab-Exiftool-RCE
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/ph-arm/CVE-2021-22204-Gitlab
 - https://github.com/pizza-power/Golang-CVE-2021-22205-POC
 - https://github.com/revanmalang/OSCP

2021/CVE-2021-26085.md

@@ -33,12 +33,14 @@ Affected versions of Atlassian Confluence Server allow remote attackers to view
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/emadshanab/Some-BugBounty-Tips-from-my-Twitter-feed
 - https://github.com/enomothem/PenTestNote
+- https://github.com/exfilt/CheatSheet
 - https://github.com/k0mi-tg/CVE-POC
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/manas3c/CVE-POC
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/pen4uin/awesome-vulnerability-research
 - https://github.com/pen4uin/vulnerability-research
 - https://github.com/pen4uin/vulnerability-research-list

2021/CVE-2021-27928.md

@@ -36,6 +36,7 @@ A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.
 - https://github.com/anquanscan/sec-tools
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fenipr/Shibboleth
 - https://github.com/k0mi-tg/CVE-POC
 - https://github.com/kgwanjala/oscp-cheatsheet
@@ -43,6 +44,7 @@ A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/shamo0/CVE-2021-27928-POC
 - https://github.com/soosmile/POC

2021/CVE-2021-3129.md

@@ -66,6 +66,7 @@ Ignition before 2.5.2, as used in Laravel and other products, allows unauthentic
 - https://github.com/W-zrd/UniXploit
 - https://github.com/WhooAmii/POC_to_review
 - https://github.com/XuCcc/VulEnv
+- https://github.com/Y0s9/CVE-2021-3129
 - https://github.com/Z0fhack/Goby_POC
 - https://github.com/Zero094/Vulnerability-verification
 - https://github.com/Zoo1sondv/CVE-2021-3129
@@ -87,6 +88,7 @@ Ignition before 2.5.2, as used in Laravel and other products, allows unauthentic
 - https://github.com/developer3000S/PoC-in-GitHub
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/flxnzz/UniXploit
 - https://github.com/hktalent/TOP
 - https://github.com/hupe1980/CVE-2021-3129
@@ -112,6 +114,7 @@ Ignition before 2.5.2, as used in Laravel and other products, allows unauthentic
 - https://github.com/nth347/CVE-2021-3129_exploit
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/oxMdee/Cybersecurity-Vulnerability-and-Exposure-Report
+- https://github.com/parth45/cheatsheet
 - https://github.com/pen4uin/awesome-vulnerability-research
 - https://github.com/pen4uin/vulnerability-research
 - https://github.com/pen4uin/vulnerability-research-list

2021/CVE-2021-3156.md

@@ -168,6 +168,7 @@ Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based
 - https://github.com/eeenvik1/kvvuctf_24
 - https://github.com/elbee-cyber/CVE-2021-3156-PATCHER
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fei9747/LinuxEelvation
 - https://github.com/felixfu59/shocker-attack
 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -241,6 +242,7 @@ Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based
 - https://github.com/oneoy/exploits1
 - https://github.com/oriolOrnaque/TFG-Binary-exploitation
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/password520/CVE-2021-3156
 - https://github.com/pathakabhi24/Awesome-C
 - https://github.com/pen4uin/awesome-vulnerability-research

2021/CVE-2021-34527.md

@@ -173,6 +173,7 @@
 - https://github.com/emtee40/win-pwn
 - https://github.com/eng-amarante/CyberSecurity
 - https://github.com/evilashz/CVE-2021-1675-LPE-EXP
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fardinbarashi/Fix-CVE-2021-34527
 - https://github.com/fardinbarashi/PsFix-CVE-2021-34527
 - https://github.com/floridop/serviceflipper
@@ -220,6 +221,7 @@
 - https://github.com/outflanknl/PrintNightmare
 - https://github.com/ozergoker/PrintNightmare
 - https://github.com/p0haku/cve_scraper
+- https://github.com/parth45/cheatsheet
 - https://github.com/penetrarnya-tm/WeaponizeKali.sh
 - https://github.com/pluja/stars
 - https://github.com/powershellpr0mpt/PrintNightmare-CVE-2021-34527

2021/CVE-2021-3493.md

@@ -73,6 +73,7 @@ The overlayfs implementation in the linux kernel did not properly validate with
 - https://github.com/cyberanand1337x/bug-bounty-2022
 - https://github.com/d4n-sec/d4n-sec.github.io
 - https://github.com/derek-turing/CVE-2021-3493
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fei9747/CVE-2021-3493
 - https://github.com/fei9747/LinuxEelvation
 - https://github.com/hktalent/TOP
@@ -103,6 +104,7 @@ The overlayfs implementation in the linux kernel did not properly validate with
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oneoy/CVE-2021-3493
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/pmihsan/OverlayFS-CVE-2021-3493
 - https://github.com/ptkhai15/OverlayFS---CVE-2021-3493
 - https://github.com/puckiestyle/CVE-2021-3493

2021/CVE-2021-3560.md

@@ -81,6 +81,7 @@ It was found that polkit could be tricked into bypassing the credential checks f
 - https://github.com/edsonjt81/Linux-Privilege-Escalation
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/elouatih/securite_devoirs
+- https://github.com/exfilt/CheatSheet
 - https://github.com/f4T1H21/CVE-2021-3560-Polkit-DBus
 - https://github.com/hakivvi/CVE-2021-3560
 - https://github.com/hktalent/bug-bounty
@@ -107,6 +108,7 @@ It was found that polkit could be tricked into bypassing the credential checks f
 - https://github.com/onlypwns/htb-writeup
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/oxagast/oxasploits
+- https://github.com/parth45/cheatsheet
 - https://github.com/pashayogi/ROOT-CVE-2021-3560
 - https://github.com/puckiestyle/CVE-2021-4034
 - https://github.com/revanmalang/OSCP

2021/CVE-2021-36934.md

@@ -79,6 +79,7 @@
 - https://github.com/drerx/Active-Directory-Exploitation-Cheat-Sheet
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/exploitblizzard/CVE-2021-36934
 - https://github.com/firefart/hivenightmare
 - https://github.com/geeksniper/windows-privilege-escalation
@@ -103,6 +104,7 @@
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/noodlemctwoodle/MSRC-CVE-Function
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/pwnlog/PAD
 - https://github.com/pwnlog/PuroAD
 - https://github.com/pwnlog/PurpAD

2021/CVE-2021-36942.md

@@ -50,6 +50,7 @@ Windows LSA Spoofing Vulnerability
 - https://github.com/cfalta/MicrosoftWontFixList
 - https://github.com/crisprss/PetitPotam
 - https://github.com/csb21jb/Pentesting-Notes
+- https://github.com/exfilt/CheatSheet
 - https://github.com/gecr07/HTB-Academy
 - https://github.com/hegusung/netscan
 - https://github.com/kgwanjala/oscp-cheatsheet
@@ -58,6 +59,7 @@ Windows LSA Spoofing Vulnerability
 - https://github.com/ly4k/PetitPotam
 - https://github.com/na245/reu-2023-flask
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/r0eXpeR/supplier
 - https://github.com/revanmalang/OSCP
 - https://github.com/suljov/Windows-and-Active-Directory

2021/CVE-2021-4034.md

@@ -249,6 +249,7 @@ A local privilege escalation vulnerability was found on polkit's pkexec utility.
 - https://github.com/edsonjt81/PwnKit
 - https://github.com/edsonjt81/PwnKit-Root-Linux
 - https://github.com/evdenis/lsm_bpf_check_argc0
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fazaroot/cve-2021-pwnkit
 - https://github.com/fdellwing/CVE-2021-4034
 - https://github.com/fei9747/CVE-2021-4034
@@ -324,6 +325,7 @@ A local privilege escalation vulnerability was found on polkit's pkexec utility.
 - https://github.com/oreosec/pwnkit
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/pancham1305/YearOfTheRabbit-thm
+- https://github.com/parth45/cheatsheet
 - https://github.com/pengalaman-1t/CVE-2021-4034
 - https://github.com/personaone/OSCP
 - https://github.com/phprogrammer86/CEH---NOTES

2021/CVE-2021-41379.md

@@ -70,12 +70,14 @@ No PoCs from references.
 - https://github.com/dxnboy/redteam
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/jbaines-r7/shakeitoff
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/klinix5/InstallerFileTakeOver
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/noname1007/InstallerFileTakeOver
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/puckiestyle/InstallerFileTakeOver
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP

2021/CVE-2021-41773.md

@@ -177,6 +177,7 @@ A flaw was found in a change made to path normalization in Apache HTTP Server 2.
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/enciphers-team/cve-exploits
 - https://github.com/enomothem/PenTestNote
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups
 - https://github.com/fnatalucci/CVE-2021-41773-RCE
 - https://github.com/gwill-b/apache_path_traversal
@@ -253,6 +254,7 @@ A flaw was found in a change made to path normalization in Apache HTTP Server 2.
 - https://github.com/numanturle/CVE-2021-41773
 - https://github.com/orangmuda/CVE-2021-41773
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
 - https://github.com/pen4uin/awesome-vulnerability-research
 - https://github.com/pen4uin/vulnerability-research

2021/CVE-2021-42013.md

@@ -109,6 +109,7 @@ It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was in
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/enciphers-team/cve-exploits
 - https://github.com/enomothem/PenTestNote
+- https://github.com/exfilt/CheatSheet
 - https://github.com/f-this/f-apache
 - https://github.com/gwyomarch/CVE-Collection
 - https://github.com/hadrian3689/apache_2.4.50
@@ -142,6 +143,7 @@ It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was in
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
 - https://github.com/pen4uin/awesome-vulnerability-research
 - https://github.com/pen4uin/vulnerability-research

2021/CVE-2021-42278.md

@@ -112,6 +112,7 @@ No PoCs from references.
 - https://github.com/e-hakson/OSCP
 - https://github.com/edsonjt81/Windows-Privilege-Escalation
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/goddemondemongod/Sec-Interview
 - https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense-
 - https://github.com/hangchuanin/Intranet_penetration_history
@@ -140,6 +141,7 @@ No PoCs from references.
 - https://github.com/open-source-agenda/new-open-source-projects
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/paramint/AD-Attack-Defense
+- https://github.com/parth45/cheatsheet
 - https://github.com/puckiestyle/A-Red-Teamer-diaries
 - https://github.com/puckiestyle/sam-the-admin
 - https://github.com/pwnlog/PAD

2021/CVE-2021-42287.md

@@ -86,6 +86,7 @@ No PoCs from references.
 - https://github.com/Threekiii/Awesome-Redteam
 - https://github.com/TrojanAZhen/Self_Back
 - https://github.com/TryA9ain/noPac
+- https://github.com/VidyaBipin/Rubeus-CShrp-yara
 - https://github.com/WazeHell/sam-the-admin
 - https://github.com/Whiteh4tWolf/Attack-Defense
 - https://github.com/WhooAmii/POC_to_review
@@ -109,6 +110,7 @@ No PoCs from references.
 - https://github.com/drerx/Active-Directory-Exploitation-Cheat-Sheet
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/goddemondemongod/Sec-Interview
 - https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense-
 - https://github.com/hangchuanin/Intranet_penetration_history
@@ -141,6 +143,7 @@ No PoCs from references.
 - https://github.com/open-source-agenda/new-open-source-projects
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/paramint/AD-Attack-Defense
+- https://github.com/parth45/cheatsheet
 - https://github.com/puckiestyle/A-Red-Teamer-diaries
 - https://github.com/puckiestyle/sam-the-admin
 - https://github.com/pwnlog/PAD
@@ -159,6 +162,7 @@ No PoCs from references.
 - https://github.com/santan2020/ck2
 - https://github.com/sdogancesur/log4j_github_repository
 - https://github.com/securi3ytalent/bugbounty-CVE-Report
+- https://github.com/sexyducati/rubeus-test
 - https://github.com/shengshengli/GetDomainAdmin
 - https://github.com/soosmile/POC
 - https://github.com/sponkmonk/Ladon_english_update

2021/CVE-2021-42321.md

@@ -46,6 +46,7 @@ Microsoft Exchange Server Remote Code Execution Vulnerability
 - https://github.com/Y4er/dotnet-deserialization
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/f0ur0four/Insecure-Deserialization
 - https://github.com/hktalent/bug-bounty
 - https://github.com/hktalent/ysoserial.net
@@ -55,6 +56,7 @@ Microsoft Exchange Server Remote Code Execution Vulnerability
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/puckiestyle/ysoserial.net
 - https://github.com/pwntester/ysoserial.net
 - https://github.com/retr0-13/proxy_Attackchain

2021/CVE-2021-44228.md

@@ -791,6 +791,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/eurogig/jankybank
 - https://github.com/eventsentry/scripts
 - https://github.com/evgenyk-nn/Simple-log4shell-vulnerable-app
+- https://github.com/exfilt/CheatSheet
 - https://github.com/expertflow/nginx-lua
 - https://github.com/f-this/f-apache
 - https://github.com/f0ng/log4j2burpscanner
@@ -996,6 +997,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/kuro-kokko/202203_sequre
 - https://github.com/kvbutler/solr8-rehl8.5-fips-sip
 - https://github.com/kward/log4sh
+- https://github.com/kyndryl-open-source/hashi-vault-js
 - https://github.com/kyoshiaki/docker-compose-wordpress
 - https://github.com/lafayette96/CVE-Errata-Tool
 - https://github.com/lamine2000/log4shell
@@ -1172,6 +1174,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/panopset/oregon
 - https://github.com/paralax/awesome-honeypots
 - https://github.com/paras98/Log4Shell
+- https://github.com/parth45/cheatsheet
 - https://github.com/patriklindstrom-schibsted/gh-guinea-pig-test
 - https://github.com/paulvkitor/log4shellwithlog4j2_13_3
 - https://github.com/paulvkitor/log4shellwithlog4j2_15

2021/CVE-2021-45423.md

@@ -13,5 +13,5 @@ A Buffer Overflow vulnerabilityexists in Pev 0.81 via the pe_exports function fr
 - https://github.com/merces/libpe/issues/35
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/DiRaltvein/memory-corruption-examples
 

2022/CVE-2022-0847.md

@@ -195,6 +195,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure
 - https://github.com/emmaneugene/CS443-project
 - https://github.com/eremus-dev/Dirty-Pipe-sudo-poc
 - https://github.com/eric-glb/dirtypipe
+- https://github.com/exfilt/CheatSheet
 - https://github.com/febinrev/dirtypipez-exploit
 - https://github.com/felixfu59/kernel-hack
 - https://github.com/flux10n/CVE-2022-0847-DirtyPipe-Exploits
@@ -280,6 +281,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure
 - https://github.com/orsuprasad/CVE-2022-0847-DirtyPipe-Exploits
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/parkjunmin/CTI-Search-Criminalip-Search-Tool
+- https://github.com/parth45/cheatsheet
 - https://github.com/pashayogi/DirtyPipe
 - https://github.com/pen4uin/awesome-cloud-native-security
 - https://github.com/pen4uin/cloud-native-security

2022/CVE-2022-1206.md

@@ -0,0 +1,17 @@
+### [CVE-2022-1206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1206)
+![](https://img.shields.io/static/v1?label=Product&message=AdRotate%20Banner%20Manager%20%E2%80%93%20The%20only%20ad%20manager%20you%26%23039%3Bll%20need&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%205.13.2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen)
+
+### Description
+
+The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension sanitization in the adrotate_insert_media() function in all versions up to, and including, 5.13.2. This makes it possible for authenticated attackers, with administrator-level access and above, to upload arbitrary files with double extensions on the affected site's server which may make remote code execution possible. This is only exploitable on select instances where the configuration will execute the first extension present.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+

2022/CVE-2022-21999.md

@@ -73,6 +73,7 @@ Windows Print Spooler Elevation of Privilege Vulnerability
 - https://github.com/duytruongpham/duytruongpham
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/francevarotz98/WinPrintSpoolerSaga
 - https://github.com/hktalent/TOP
 - https://github.com/hktalent/bug-bounty
@@ -86,6 +87,7 @@ Windows Print Spooler Elevation of Privilege Vulnerability
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/open-source-agenda/new-open-source-projects
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/sarutobi12/sarutobi12
 - https://github.com/soosmile/POC

2022/CVE-2022-22963.md

@@ -102,6 +102,7 @@ In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, w
 - https://github.com/edsonjt81/spring4shell-scan
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/encodedguy/oneliners
+- https://github.com/exfilt/CheatSheet
 - https://github.com/exploitbin/CVE-2022-22963-Spring-Core-RCE
 - https://github.com/fullhunt/spring4shell-scan
 - https://github.com/gunzf0x/CVE-2022-22963
@@ -142,6 +143,7 @@ In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, w
 - https://github.com/onewinner/VulToolsKit
 - https://github.com/onurgule/S4S-Scanner
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
 - https://github.com/puckiestyle/CVE-2022-22963
 - https://github.com/radiusmethod/awesome-gists

2022/CVE-2022-23119.md

@@ -23,10 +23,12 @@ A directory traversal vulnerability in Trend Micro Deep Security and Cloud One -
 - https://github.com/SirElmard/ethical_hacking
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/modzero/MZ-21-02-Trendmicro
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP
 - https://github.com/xhref/OSCP

2022/CVE-2022-23120.md

@@ -23,10 +23,12 @@ A code injection vulnerability in Trend Micro Deep Security and Cloud One - Work
 - https://github.com/SirElmard/ethical_hacking
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/modzero/MZ-21-02-Trendmicro
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP
 - https://github.com/xhref/OSCP

2022/CVE-2022-24715.md

@@ -20,11 +20,13 @@ Icinga Web 2 is an open source monitoring web interface, framework and command-l
 - https://github.com/SirElmard/ethical_hacking
 - https://github.com/cxdxnt/CVE-2022-24715
 - https://github.com/d4rkb0n3/CVE-2022-24715-go
+- https://github.com/exfilt/CheatSheet
 - https://github.com/hheeyywweellccoommee/CVE-2022-24715-crrxa
 - https://github.com/karimhabush/cyberowl
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP
 - https://github.com/xhref/OSCP

2022/CVE-2022-26134.md

@@ -134,6 +134,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
 - https://github.com/enomothem/PenTestNote
+- https://github.com/exfilt/CheatSheet
 - https://github.com/f4yd4-s3c/cve-2022-26134
 - https://github.com/getastra/hypejab
 - https://github.com/getdrive/PoC
@@ -182,6 +183,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul
 - https://github.com/openx-org/BLEN
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/p4b3l1t0/confusploit
+- https://github.com/parth45/cheatsheet
 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
 - https://github.com/pipiscrew/timeline
 - https://github.com/r1skkam/TryHackMe-Atlassian-CVE-2022-26134

2022/CVE-2022-2768.md

@@ -0,0 +1,17 @@
+### [CVE-2022-2768](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2768)
+![](https://img.shields.io/static/v1?label=Product&message=Library%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen)
+
+### Description
+
+A vulnerability classified as problematic was found in SourceCodester Library Management System. This vulnerability affects unknown code of the file /qr/I/. The manipulation of the argument error leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-206164.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.206164
+
+#### Github
+No PoCs found on GitHub currently.
+

2022/CVE-2022-2956.md

@@ -10,7 +10,7 @@ A vulnerability classified as problematic has been found in ConsoleTVs Noxen. Af
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://vuldb.com/?id.207000
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon

2022/CVE-2022-31214.md

@@ -16,9 +16,11 @@ A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68.
 - https://github.com/0xsyr0/OSCP
 - https://github.com/SenukDias/OSCP_cheat
 - https://github.com/SirElmard/ethical_hacking
+- https://github.com/exfilt/CheatSheet
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/linuskoester/writeups
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP
 - https://github.com/xhref/OSCP

2022/CVE-2022-34918.md

@@ -43,6 +43,7 @@ An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug
 - https://github.com/dkb4rb/KernelExploiting
 - https://github.com/e-hakson/OSCP
 - https://github.com/eljosep/OSCP-Guide
+- https://github.com/exfilt/CheatSheet
 - https://github.com/felixfu59/kernel-hack
 - https://github.com/k0mi-tg/CVE-POC
 - https://github.com/kdn111/linux-kernel-exploitation
@@ -67,6 +68,7 @@ An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/purplewall1206/ERA-eBPF-assisted-Randomize-Allocator
 - https://github.com/randorisec/CVE-2022-34918-LPE-PoC
 - https://github.com/revanmalang/OSCP

2022/CVE-2022-37967.md

@@ -40,9 +40,11 @@ No PoCs from references.
 - https://github.com/Pascal-0x90/Rubeus
 - https://github.com/RkDx/MyRuby
 - https://github.com/Strokekilla/Rubeus
+- https://github.com/VidyaBipin/Rubeus-CShrp-yara
 - https://github.com/joker200-0/Rubeus
 - https://github.com/qobil7681/Password-cracker
 - https://github.com/santan2020/ck2
+- https://github.com/sexyducati/rubeus-test
 - https://github.com/syedrizvinet/lib-repos-Rubeus
 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
 

2022/CVE-2022-46169.md

@@ -61,6 +61,7 @@ No PoCs from references.
 - https://github.com/devAL3X/cacti_cve_statistics
 - https://github.com/devilgothies/CVE-2022-46169
 - https://github.com/doosec101/CVE-2022-46169
+- https://github.com/exfilt/CheatSheet
 - https://github.com/hab1b0x/CVE-2022-46169
 - https://github.com/icebreack/CVE-2022-46169
 - https://github.com/imjdl/CVE-2022-46169
@@ -73,6 +74,7 @@ No PoCs from references.
 - https://github.com/nickczh/kikibo
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/ruycr4ft/CVE-2022-46169
 - https://github.com/ruycr4ft/cacti-1.2.22-exploit

2022/CVE-2022-48900.md

@@ -0,0 +1,17 @@
+### [CVE-2022-48900](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48900)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)
+
+### Description
+
+** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2022/CVE-2022-4891.md

@@ -13,5 +13,6 @@ A vulnerability has been found in Sisimai up to 4.25.14p11 and classified as pro
 - https://vuldb.com/?id.218452
 
 #### Github
+- https://github.com/sisimai/p5-sisimai
 - https://github.com/sisimai/rb-sisimai
 

2023/CVE-2023-21746.md

@@ -56,9 +56,11 @@ No PoCs from references.
 - https://github.com/blu3ming/LocalPotato
 - https://github.com/chudamax/LocalPotatoExamples
 - https://github.com/decoder-it/LocalPotato
+- https://github.com/exfilt/CheatSheet
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP
 - https://github.com/xhref/OSCP

2023/CVE-2023-21768.md

@@ -52,6 +52,7 @@ Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerabili
 - https://github.com/clearbluejar/44con2023-resources
 - https://github.com/clearbluejar/ghidriff
 - https://github.com/clearbluejar/recon2023-resources
+- https://github.com/exfilt/CheatSheet
 - https://github.com/h1bAna/CVE-2023-21768
 - https://github.com/hktalent/TOP
 - https://github.com/joxeankoret/diaphora
@@ -59,6 +60,7 @@ Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerabili
 - https://github.com/lions2012/Penetration_Testing_POC
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/taielab/awesome-hacking-lists
 - https://github.com/timeisflowing/recon2023-resources

2023/CVE-2023-21817.md

@@ -51,8 +51,10 @@ No PoCs from references.
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/SenukDias/OSCP_cheat
 - https://github.com/SirElmard/ethical_hacking
+- https://github.com/exfilt/CheatSheet
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP
 - https://github.com/xhref/OSCP

2023/CVE-2023-22809.md

@@ -40,6 +40,7 @@ In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra argument
 - https://github.com/beruangsalju/LocalPrivelegeEscalation
 - https://github.com/beruangsalju/LocalPrivilegeEscalation
 - https://github.com/d4n-sec/d4n-sec.github.io
+- https://github.com/exfilt/CheatSheet
 - https://github.com/hello4r1end/patch_CVE-2023-22809
 - https://github.com/hktalent/TOP
 - https://github.com/k0mi-tg/CVE-POC
@@ -51,6 +52,7 @@ In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra argument
 - https://github.com/n3m1sys/n3m1sys
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/pashayogi/CVE-2023-22809
 - https://github.com/revanmalang/OSCP
 - https://github.com/stefan11111/rdoedit

2023/CVE-2023-23752.md

@@ -84,6 +84,7 @@ No PoCs from references.
 - https://github.com/d4n-sec/d4n-sec.github.io
 - https://github.com/dravenww/curated-article
 - https://github.com/equationsoftworks/Radiance
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups
 - https://github.com/gh1mau/nse
 - https://github.com/gibran-abdillah/CVE-2023-23752
@@ -107,6 +108,7 @@ No PoCs from references.
 - https://github.com/mil4ne/CVE-2023-23752-Joomla-v4.2.8
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/nu0y4/HScan
+- https://github.com/parth45/cheatsheet
 - https://github.com/r3dston3/CVE-2023-23752
 - https://github.com/raystr-atearedteam/CVE2023-23752
 - https://github.com/shellvik/CVE-2023-23752

2023/CVE-2023-25690.md

@@ -28,6 +28,7 @@ Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.5
 - https://github.com/bioly230/THM_Skynet
 - https://github.com/dhmosfunk/CVE-2023-25690-POC
 - https://github.com/dhmosfunk/dhmosfunk
+- https://github.com/exfilt/CheatSheet
 - https://github.com/florentvinai/CompteRendu-CTF-Mordor
 - https://github.com/hktalent/TOP
 - https://github.com/karimhabush/cyberowl
@@ -38,6 +39,7 @@ Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.5
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/nuPacaChi/-CVE-2021-44790
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/tbachvarova/linux-apache-fix-mod_rewrite-spaceInURL
 - https://github.com/thanhlam-attt/CVE-2023-25690

2023/CVE-2023-2640.md

@@ -15,6 +15,7 @@ No PoCs from references.
 #### Github
 - https://github.com/0xWhoami35/root-kernel
 - https://github.com/0xsyr0/OSCP
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/Ev3rPalestine/Analytics-HTB-Walkthrough
 - https://github.com/HaxorSecInfec/autoroot.sh
 - https://github.com/K5LK/CVE-2023-2640-32629
@@ -33,6 +34,7 @@ No PoCs from references.
 - https://github.com/churamanib/p0wny-shell
 - https://github.com/cyberexpertsng/Cyber-Advisory
 - https://github.com/druxter-x/PHP-CVE-2023-2023-2640-POC-Escalation
+- https://github.com/exfilt/CheatSheet
 - https://github.com/g1vi/CVE-2023-2640-CVE-2023-32629
 - https://github.com/giterlizzi/secdb-feeds
 - https://github.com/ilviborici/ubuntu-privesc
@@ -45,6 +47,7 @@ No PoCs from references.
 - https://github.com/musorblyat/CVE-2023-2640-CVE-2023-32629
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP
 - https://github.com/vinetsuicide/CVE-2023-2640-CVE-2023-32629

2023/CVE-2023-28879.md

@@ -18,9 +18,11 @@ In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to po
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/SenukDias/OSCP_cheat
 - https://github.com/SirElmard/ethical_hacking
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fardeen-ahmed/Bug-bounty-Writeups
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP
 - https://github.com/xhref/OSCP

2023/CVE-2023-29929.md

@@ -0,0 +1,18 @@
+### [CVE-2023-29929](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29929)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer Overflow vulnerability found in Kemptechnologies Loadmaster before v.7.2.60.0 allows a remote attacker to casue a denial of service via the libkemplink.so, isreverse library.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/YSaxon/CVE-2023-29929
+- https://github.com/nomi-sec/PoC-in-GitHub
+

2023/CVE-2023-32233.md

@@ -29,6 +29,7 @@ In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when
 - https://github.com/SirElmard/ethical_hacking
 - https://github.com/Threekiii/CVE
 - https://github.com/djki5s/tools
+- https://github.com/exfilt/CheatSheet
 - https://github.com/hktalent/TOP
 - https://github.com/johe123qwe/github-trending
 - https://github.com/kgwanjala/oscp-cheatsheet
@@ -36,6 +37,7 @@ In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oferchen/POC-CVE-2023-32233
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/sirhc505/CVE_TOOLS
 - https://github.com/tanjiti/sec_profile

2023/CVE-2023-32629.md

@@ -15,6 +15,7 @@ Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up
 #### Github
 - https://github.com/0xWhoami35/root-kernel
 - https://github.com/0xsyr0/OSCP
+- https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/Ev3rPalestine/Analytics-HTB-Walkthrough
 - https://github.com/HaxorSecInfec/autoroot.sh
 - https://github.com/K5LK/CVE-2023-2640-32629
@@ -33,6 +34,7 @@ Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up
 - https://github.com/churamanib/p0wny-shell
 - https://github.com/cyberexpertsng/Cyber-Advisory
 - https://github.com/druxter-x/PHP-CVE-2023-2023-2640-POC-Escalation
+- https://github.com/exfilt/CheatSheet
 - https://github.com/g1vi/CVE-2023-2640-CVE-2023-32629
 - https://github.com/giterlizzi/secdb-feeds
 - https://github.com/ilviborici/ubuntu-privesc
@@ -45,6 +47,7 @@ Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up
 - https://github.com/musorblyat/CVE-2023-2640-CVE-2023-32629
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP
 - https://github.com/vinetsuicide/CVE-2023-2640-CVE-2023-32629

2023/CVE-2023-36874.md

@@ -62,12 +62,14 @@ Windows Error Reporting Service Elevation of Privilege Vulnerability
 - https://github.com/c4m3l-security/CVE-2023-36874
 - https://github.com/crisprss/CVE-2023-36874
 - https://github.com/d0rb/CVE-2023-36874
+- https://github.com/exfilt/CheatSheet
 - https://github.com/grgmrtn255/Links
 - https://github.com/hktalent/TOP
 - https://github.com/johe123qwe/github-trending
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/revanmalang/OSCP
 - https://github.com/txuswashere/OSCP
 - https://github.com/xhref/OSCP

2023/CVE-2023-40296.md

@@ -13,6 +13,7 @@ async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom
 No PoCs from references.
 
 #### Github
+- https://github.com/DiRaltvein/memory-corruption-examples
 - https://github.com/Halcy0nic/CVE-2023-40296
 - https://github.com/Halcy0nic/Trophies
 - https://github.com/nomi-sec/PoC-in-GitHub

2023/CVE-2023-40504.md

@@ -0,0 +1,17 @@
+### [CVE-2023-40504](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40504)
+![](https://img.shields.io/static/v1?label=Product&message=Simple%20Editor&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20R.47.0.0%20AutoCAD%202021%20%26%20R.47.0.0%20AutoCAD%20LT%202021%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen)
+
+### Description
+
+LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19953.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+

2023/CVE-2023-4136.md

@@ -13,5 +13,5 @@ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripti
 - http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/tanjiti/sec_profile
 

2023/CVE-2023-4504.md

@@ -17,5 +17,6 @@ Due to failure in validating the length provided by an attacker-crafted PPD Post
 - https://takeonme.org/cves/CVE-2023-4504.html
 
 #### Github
+- https://github.com/DiRaltvein/memory-corruption-examples
 - https://github.com/seal-community/patches
 

2023/CVE-2023-47016.md

@@ -14,5 +14,6 @@ radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bo
 - https://github.com/radareorg/radare2/issues/22349
 
 #### Github
+- https://github.com/DiRaltvein/memory-corruption-examples
 - https://github.com/gandalf4a/crash_report
 

2023/CVE-2023-48105.md

@@ -13,5 +13,5 @@ An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-ru
 - https://github.com/bytecodealliance/wasm-micro-runtime/issues/2726
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/DiRaltvein/memory-corruption-examples
 

2023/CVE-2023-49070.md

@@ -33,9 +33,11 @@ Pre-auth RCE in Apache Ofbiz 18.12.09.It's due to XML-RPC no longer maintained
 - https://github.com/bakery312/Vulhub-Reproduce
 - https://github.com/bruce120/Apache-OFBiz-Authentication-Bypass
 - https://github.com/d4n-sec/d4n-sec.github.io
+- https://github.com/exfilt/CheatSheet
 - https://github.com/jakabakos/Apache-OFBiz-Authentication-Bypass
 - https://github.com/mintoolkit/mint
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/parth45/cheatsheet
 - https://github.com/securelayer7/CVE-Analysis
 - https://github.com/slimtoolkit/slim
 - https://github.com/tanjiti/sec_profile

2023/CVE-2023-4911.md

@@ -52,6 +52,7 @@ A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so whi
 - https://github.com/beruangsalju/LocalPrivilegeEscalation
 - https://github.com/chaudharyarjun/LooneyPwner
 - https://github.com/ecomtech-oss/pisc
+- https://github.com/exfilt/CheatSheet
 - https://github.com/feereel/wb_soc
 - https://github.com/fiksn/security-nix
 - https://github.com/flex0geek/cves-exploits
@@ -68,6 +69,7 @@ A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so whi
 - https://github.com/leesh3288/CVE-2023-4911
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat
+- https://github.com/parth45/cheatsheet
 - https://github.com/puckiestyle/CVE-2023-4911
 - https://github.com/revanmalang/OSCP
 - https://github.com/richardjennings/scand

2023/CVE-2023-49355.md

@@ -13,5 +13,5 @@ decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds
 - https://github.com/linzc21/bug-reports/blob/main/reports/jq/1.7-37-g88f01a7/heap-buffer-overflow/CVE-2023-49355.md
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/DiRaltvein/memory-corruption-examples
 

2023/CVE-2023-5146.md

@@ -11,6 +11,7 @@
 ### POC
 
 #### Reference
+- https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_upload_%20updatelib.md
 - https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20updatelib.md
 
 #### Github

2023/CVE-2023-51467.md

@@ -40,9 +40,11 @@ No PoCs from references.
 - https://github.com/basicinfosecurity/exploits
 - https://github.com/bruce120/Apache-OFBiz-Authentication-Bypass
 - https://github.com/d4n-sec/d4n-sec.github.io
+- https://github.com/exfilt/CheatSheet
 - https://github.com/jakabakos/Apache-OFBiz-Authentication-Bypass
 - https://github.com/murayr/Bizness
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/parth45/cheatsheet
 - https://github.com/securelayer7/CVE-Analysis
 - https://github.com/tanjiti/sec_profile
 - https://github.com/tw0point/BadBizness-CVE-2023-51467

2023/CVE-2023-7028.md

@@ -38,6 +38,7 @@ No PoCs from references.
 - https://github.com/c0ff33py/TryHackMe_Learning_Plan
 - https://github.com/d4n-sec/d4n-sec.github.io
 - https://github.com/duy-31/CVE-2023-7028
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/hackeremmen/gitlab-exploit
 - https://github.com/izj007/wechat
@@ -47,6 +48,7 @@ No PoCs from references.
 - https://github.com/lions2012/Penetration_Testing_POC
 - https://github.com/mochammadrafi/CVE-2023-7028
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/parth45/cheatsheet
 - https://github.com/sampsonv/github-trending
 - https://github.com/tanjiti/sec_profile
 - https://github.com/thanhlam-attt/CVE-2023-7028

2024/CVE-2024-0155.md

@@ -1,11 +1,11 @@
 ### [CVE-2024-0155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0155)
-![](https://img.shields.io/static/v1?label=Product&message=Dell%20Digital%20Delivery%20(D3)%09&color=blue)
-![](https://img.shields.io/static/v1?label=Version&message=N%2FA%3C%205.0.86.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Product&message=Dell%20Digital%20Delivery%20(D3)&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=N%2FA%3C%205.2.0.0%20&color=brighgreen)
 ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen)
 
 ### Description
 
-Dell Digital Delivery, versions prior to 5.0.86.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code.
+Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code.
 
 ### POC
 

2024/CVE-2024-0156.md

@@ -1,11 +1,11 @@
 ### [CVE-2024-0156](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0156)
 ![](https://img.shields.io/static/v1?label=Product&message=Dell%20Digital%20Delivery%20(D3)&color=blue)
-![](https://img.shields.io/static/v1?label=Version&message=N%2FA%3C%205.0.86.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=N%2FA%3C%205.2.0.0%20&color=brighgreen)
 ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen)
 
 ### Description
 
-Dell Digital Delivery, versions prior to 5.0.86.0, contain a Buffer Overflow vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation.
+Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation.
 
 ### POC
 

2024/CVE-2024-0582.md

@@ -23,6 +23,7 @@ No PoCs from references.
 - https://github.com/FoxyProxys/CVE-2024-0582
 - https://github.com/GhostTroops/TOP
 - https://github.com/aneasystone/github-trending
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fireinrain/github-trending
 - https://github.com/jafshare/GithubTrending
 - https://github.com/johe123qwe/github-trending

2024/CVE-2024-1062.md

@@ -6,6 +6,7 @@
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%207&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208.6%20Extended%20Update%20Support&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208.8%20Extended%20Update%20Support&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.2%20Extended%20Update%20Support&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)

2024/CVE-2024-1086.md

@@ -41,6 +41,7 @@ A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables compon
 - https://github.com/bsauce/kernel-exploit-factory
 - https://github.com/bsauce/kernel-security-learning
 - https://github.com/daphne97/daphne97
+- https://github.com/exfilt/CheatSheet
 - https://github.com/fireinrain/github-trending
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/giterlizzi/secdb-feeds

2024/CVE-2024-1459.md

@@ -3,6 +3,9 @@
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Decision%20Manager%207&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20JBoss%20Data%20Grid%207&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20JBoss%20Enterprise%20Application%20Platform%207&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20JBoss%20Enterprise%20Application%20Platform%207.4%20for%20RHEL%208&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20JBoss%20Enterprise%20Application%20Platform%207.4%20for%20RHEL%209&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20JBoss%20Enterprise%20Application%20Platform%207.4%20on%20RHEL%207&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20JBoss%20Enterprise%20Application%20Platform%208&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20JBoss%20Enterprise%20Application%20Platform%208.0%20for%20RHEL%208&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20JBoss%20Enterprise%20Application%20Platform%208.0%20for%20RHEL%209&color=blue)

2024/CVE-2024-21690.md

@@ -0,0 +1,18 @@
+### [CVE-2024-21690](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21690)
+![](https://img.shields.io/static/v1?label=Product&message=Confluence%20Data%20Center&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Confluence%20Server&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Reflected%20XSS&color=brighgreen)
+
+### Description
+
+This High severity Reflected XSS and CSRF (Cross-Site Request Forgery) vulnerability was introduced in versions 7.19.0, 7.20.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.1, 8.8.0, and 8.9.0 of Confluence Data Center and Server. 		This Reflected XSS and CSRF (Cross-Site Request Forgery) vulnerability, with a CVSS Score of 7.1, allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser and force a end user to execute unwanted actions on a web application in which they're currently authenticated which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires user interaction. 		Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:				* Confluence Data Center and Server 7.19: Upgrade to a release greater than or equal to 7.19.26				* Confluence Data Center and Server 8.5: Upgrade to a release greater than or equal to 8.5.14				* Confluence Data Center and Server 9.0: Upgrade to a release greater than or equal to 9.0.1						See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives). 		This vulnerability was reported via our Bug Bounty program.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/netlas-io/netlas-dorks
+