mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-21 17:40:09 +00:00
Update CVE sources 2024-08-14 18:26
This commit is contained in:
0xMarcio
parent
612cdf41e7
commit
a8969e1323
@ -11,6 +11,7 @@ Multiple cross-site scripting (XSS) vulnerabilities in register.php in RedCMS 0.
|
||||
|
||||
#### Reference
|
||||
- http://evuln.com/vulns/115/summary.html
|
||||
- http://securityreason.com/securityalert/708
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
@ -13,6 +13,7 @@ sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/0xFatality/CVE-2012-1823
|
||||
- https://github.com/0xl0k1/CVE-2012-1823
|
||||
- https://github.com/0xsyr0/OSCP
|
||||
- https://github.com/1060275195/Covid-v2-Botnet
|
||||
|
||||
@ -19,6 +19,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2
|
||||
|
||||
#### Github
|
||||
- https://github.com/0xAbbarhSF/Termux-Nation-2022-Alpha
|
||||
- https://github.com/0xabdoulaye/CTFs-Journey
|
||||
- https://github.com/0xsyr0/OSCP
|
||||
- https://github.com/61106960/adPEAS
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
|
||||
@ -64,6 +64,7 @@ Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1,
|
||||
- https://github.com/Mal-lol-git/URL-Parser
|
||||
- https://github.com/Mehedi-Babu/pentest_tools_repo
|
||||
- https://github.com/Micr067/Pentest_Note
|
||||
- https://github.com/Mr-hunt-007/CyberSecurity-Tools
|
||||
- https://github.com/Mrnmap/RedTeam
|
||||
- https://github.com/Nacromencer/cve2017-0199-in-python
|
||||
- https://github.com/NotAwful/CVE-2017-0199-Fix
|
||||
|
||||
@ -72,6 +72,7 @@ Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Micr
|
||||
- https://github.com/J-SinwooLee/Malware-Analysis-REMnux
|
||||
- https://github.com/JERRY123S/all-poc
|
||||
- https://github.com/Micr067/Pentest_Note
|
||||
- https://github.com/Mr-hunt-007/CyberSecurity-Tools
|
||||
- https://github.com/Mrnmap/RedTeam
|
||||
- https://github.com/OlaleyeAyobami/Malware-Analysis-Lab
|
||||
- https://github.com/Ondrik8/RED-Team
|
||||
|
||||
@ -46,6 +46,7 @@ Microsoft Office allows a remote code execution vulnerability due to the way tha
|
||||
- https://github.com/Loveforkeeps/Lemon-Duck
|
||||
- https://github.com/MaxSecurity/Office-CVE-2017-8570
|
||||
- https://github.com/Mehmet065/MIS-311-Project
|
||||
- https://github.com/Mr-hunt-007/CyberSecurity-Tools
|
||||
- https://github.com/Mrnmap/RedTeam
|
||||
- https://github.com/Ondrik8/RED-Team
|
||||
- https://github.com/Ondrik8/exploit
|
||||
|
||||
@ -46,6 +46,7 @@ Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow
|
||||
- https://github.com/JERRY123S/all-poc
|
||||
- https://github.com/JonasUliana/CVE-2017-8759
|
||||
- https://github.com/Lz1y/CVE-2017-8759
|
||||
- https://github.com/Mr-hunt-007/CyberSecurity-Tools
|
||||
- https://github.com/Mrnmap/RedTeam
|
||||
- https://github.com/Ondrik8/RED-Team
|
||||
- https://github.com/Ostorlab/KEV
|
||||
|
||||
@ -50,6 +50,7 @@ In WinRAR versions prior to and including 5.61, There is path traversal vulnerab
|
||||
- https://github.com/IversionBY/PenetratInfo
|
||||
- https://github.com/JERRY123S/all-poc
|
||||
- https://github.com/LamSonBinh/CVE-2018-20250
|
||||
- https://github.com/Mr-hunt-007/CyberSecurity-Tools
|
||||
- https://github.com/Mr-xn/Penetration_Testing_POC
|
||||
- https://github.com/Mrnmap/RedTeam
|
||||
- https://github.com/Ondrik8/RED-Team
|
||||
|
||||
@ -54,6 +54,7 @@ A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.
|
||||
- https://github.com/InQuest/yara-rules
|
||||
- https://github.com/JamesGrandoff/Tools
|
||||
- https://github.com/KathodeN/CVE-2018-4878
|
||||
- https://github.com/Mr-hunt-007/CyberSecurity-Tools
|
||||
- https://github.com/Mrnmap/RedTeam
|
||||
- https://github.com/Ondrik8/Links
|
||||
- https://github.com/Ondrik8/RED-Team
|
||||
|
||||
@ -44,6 +44,7 @@ In WordPress through 4.9.2, unauthenticated attackers can cause a denial of serv
|
||||
- https://github.com/JavierOlmedo/wordpress-cve-2018-6389
|
||||
- https://github.com/Jetserver/CVE-2018-6389-FIX
|
||||
- https://github.com/JulienGadanho/cve-2018-6389-php-patcher
|
||||
- https://github.com/Mr-hunt-007/CyberSecurity-Tools
|
||||
- https://github.com/Mr-xn/Penetration_Testing_POC
|
||||
- https://github.com/Neelakandan-A/BugBounty_CheatSheet
|
||||
- https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups
|
||||
|
||||
@ -1293,6 +1293,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
|
||||
- https://github.com/Jack-Corso/22187-CENTERSTAGE
|
||||
- https://github.com/Jack-Justus/SMES_FTC_2022-2023
|
||||
- https://github.com/JackJones7/S7-FTC-Centerstage
|
||||
- https://github.com/JacobTaira/OLD_21438_CenterStage_Repo
|
||||
- https://github.com/JacobeZhang/FTC2021FF
|
||||
- https://github.com/JacobeZhang/FTCTinkering
|
||||
- https://github.com/JacobeZhang/HCLS-FTC-Summer
|
||||
|
||||
@ -21,6 +21,7 @@ ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via th
|
||||
- https://github.com/Mr-xn/Penetration_Testing_POC
|
||||
- https://github.com/SexyBeast233/SecBooks
|
||||
- https://github.com/Shenkongyin/CUC-2023
|
||||
- https://github.com/Smoothss/CUC-2023
|
||||
- https://github.com/Tyro-Shan/gongkaishouji
|
||||
- https://github.com/YIXINSHUWU/Penetration_Testing_POC
|
||||
- https://github.com/ZTK-009/Penetration_PoC
|
||||
|
||||
@ -18,6 +18,7 @@ WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (w
|
||||
#### Github
|
||||
- https://github.com/0xMafty/Blog
|
||||
- https://github.com/0xT11/CVE-POC
|
||||
- https://github.com/0xabdoulaye/CTFs-Journey
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
- https://github.com/Afetter618/WordPress-PenTest
|
||||
- https://github.com/Cl0wnK1n9/WhiteHat
|
||||
|
||||
@ -60,6 +60,7 @@ No PoCs from references.
|
||||
- https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense-
|
||||
- https://github.com/iamramahibrah/AD-Attacks-and-Defend
|
||||
- https://github.com/infosecn1nja/AD-Attack-Defense
|
||||
- https://github.com/joker200-0/Rubeus
|
||||
- https://github.com/kas0n/RedTeam-Articles
|
||||
- https://github.com/mandradets/Maritest2
|
||||
- https://github.com/merlinepedra/RUBEUS
|
||||
|
||||
@ -35,6 +35,7 @@ Improper neutralization of user data in the DjVu file format in ExifTool version
|
||||
- https://github.com/Lazykakarot1/Learn-365
|
||||
- https://github.com/Ly0nt4r/OSCP
|
||||
- https://github.com/NaInSec/CVE-PoC-in-GitHub
|
||||
- https://github.com/OneSecCyber/JPEG_RCE
|
||||
- https://github.com/Ostorlab/KEV
|
||||
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
|
||||
- https://github.com/PenTestical/CVE-2021-22204
|
||||
|
||||
@ -31,6 +31,7 @@ A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.
|
||||
- https://github.com/SenukDias/OSCP_cheat
|
||||
- https://github.com/Shenkongyin/CUC-2023
|
||||
- https://github.com/SirElmard/ethical_hacking
|
||||
- https://github.com/Smoothss/CUC-2023
|
||||
- https://github.com/WhooAmii/POC_to_review
|
||||
- https://github.com/anquanscan/sec-tools
|
||||
- https://github.com/e-hakson/OSCP
|
||||
|
||||
@ -20,6 +20,7 @@ The overlayfs implementation in the linux kernel did not properly validate with
|
||||
- https://github.com/0xMarcio/cve
|
||||
- https://github.com/0xMat10/eJPT_Prep
|
||||
- https://github.com/0xWhoami35/root-kernel
|
||||
- https://github.com/0xabdoulaye/CTFs-Journey
|
||||
- https://github.com/0xsyr0/OSCP
|
||||
- https://github.com/20142995/sectool
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
|
||||
@ -27,6 +27,7 @@ A flaw was found in a change made to path normalization in Apache HTTP Server 2.
|
||||
- https://github.com/0xRar/CVE-2021-41773
|
||||
- https://github.com/0xStrygwyr/OSCP-Guide
|
||||
- https://github.com/0xZipp0/OSCP
|
||||
- https://github.com/0xabdoulaye/CTFs-Journey
|
||||
- https://github.com/0xsyr0/OSCP
|
||||
- https://github.com/12345qwert123456/CVE-2021-41773
|
||||
- https://github.com/189569400/Meppo
|
||||
|
||||
@ -120,6 +120,7 @@ No PoCs from references.
|
||||
- https://github.com/infosecn1nja/AD-Attack-Defense
|
||||
- https://github.com/jbmihoub/all-poc
|
||||
- https://github.com/jenriquezv/OSCP-Cheat-Sheets-AD
|
||||
- https://github.com/joker200-0/Rubeus
|
||||
- https://github.com/k8gege/Ladon
|
||||
- https://github.com/kgwanjala/oscp-cheatsheet
|
||||
- https://github.com/knightswd/NoPacScan
|
||||
|
||||
@ -15,6 +15,7 @@ No PoCs from references.
|
||||
#### Github
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
- https://github.com/Shenkongyin/CUC-2023
|
||||
- https://github.com/Smoothss/CUC-2023
|
||||
- https://github.com/SurfRid3r/Django_vulnerability_analysis
|
||||
- https://github.com/kudoas/sql-injection-sandbox
|
||||
|
||||
|
||||
@ -40,6 +40,7 @@ No PoCs from references.
|
||||
- https://github.com/Pascal-0x90/Rubeus
|
||||
- https://github.com/RkDx/MyRuby
|
||||
- https://github.com/Strokekilla/Rubeus
|
||||
- https://github.com/joker200-0/Rubeus
|
||||
- https://github.com/qobil7681/Password-cracker
|
||||
- https://github.com/santan2020/ck2
|
||||
- https://github.com/syedrizvinet/lib-repos-Rubeus
|
||||
|
||||
@ -40,6 +40,7 @@ A race condition was addressed with additional validation. This issue is fixed i
|
||||
- https://github.com/Hiimsonkul/Hiimsonkul
|
||||
- https://github.com/Ingan121/FSUntether
|
||||
- https://github.com/Kry9toN/WDBFontOverwrite
|
||||
- https://github.com/Lrdsnow/PureKFD
|
||||
- https://github.com/ManoChina/Cowabunga
|
||||
- https://github.com/ManoChina/MacDirtyCowDemo
|
||||
- https://github.com/PureKFD/PureKFD
|
||||
|
||||
17
2022/CVE-2022-48429.md
Normal file
17
2022/CVE-2022-48429.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2022-48429](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48429)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/echo-devim/CVE-2022-48429_poc
|
||||
|
||||
@ -16,6 +16,7 @@ request-baskets up to v1.2.1 was discovered to contain a Server-Side Request For
|
||||
|
||||
#### Github
|
||||
- https://github.com/0xFTW/CVE-2023-27163
|
||||
- https://github.com/0xabdoulaye/CTFs-Journey
|
||||
- https://github.com/Aledangelo/Sau_Writeup
|
||||
- https://github.com/Hamibubu/CVE-2023-27163
|
||||
- https://github.com/HusenjanDev/CVE-2023-27163-AND-Mailtrail-v0.53
|
||||
|
||||
@ -17,6 +17,7 @@ SPIP before 4.2.1 allows Remote Code Execution via form values in the public are
|
||||
- https://github.com/0SPwn/CVE-2023-27372-PoC
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
- https://github.com/Chocapikk/CVE-2023-27372
|
||||
- https://github.com/Jhonsonwannaa/CVE-2023-27372
|
||||
- https://github.com/Pari-Malam/CVE-2023-27372
|
||||
- https://github.com/RSTG0D/CVE-2023-27372-PoC
|
||||
- https://github.com/ThatNotEasy/CVE-2023-27372
|
||||
|
||||
17
2023/CVE-2023-31341.md
Normal file
17
2023/CVE-2023-31341.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2023-31341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31341)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Insufficientvalidation of the Input Output Control (IOCTL) input buffer in AMD μProf mayallow an authenticated attacker to cause an out-of-bounds write, potentiallycausing a Windows® OS crash, resulting in denial of service.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/5angjun/5angjun
|
||||
|
||||
@ -14,5 +14,6 @@ No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/e23e/CVE-2023-31606
|
||||
- https://github.com/merbinr/CVE-2023-31606
|
||||
- https://github.com/nomi-sec/PoC-in-GitHub
|
||||
|
||||
|
||||
@ -14,5 +14,6 @@ In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote
|
||||
|
||||
#### Github
|
||||
- https://github.com/XC9409/CVE-2023-31634
|
||||
- https://github.com/iSee857/CVE-2023-31634
|
||||
- https://github.com/nomi-sec/PoC-in-GitHub
|
||||
|
||||
|
||||
@ -16,6 +16,7 @@ In KeePass 2.x before 2.54, it is possible to recover the cleartext master passw
|
||||
|
||||
#### Github
|
||||
- https://github.com/0xFFD700/Neuland-CTF-2023
|
||||
- https://github.com/0xabdoulaye/CTFs-Journey
|
||||
- https://github.com/1ocho3/NCL_V
|
||||
- https://github.com/3mpir3Albert/HTB_Keeper
|
||||
- https://github.com/4m4Sec/CVE-2023-32784
|
||||
|
||||
@ -15,6 +15,7 @@ Lost and Found Information System v1.0 was discovered to contain a SQL injection
|
||||
#### Github
|
||||
- https://github.com/0XRedRose/CVE-2023-33592
|
||||
- https://github.com/Acous7icwav3/CVE-2023-33592
|
||||
- https://github.com/ChineseOldboy/CVE-2023-33592
|
||||
- https://github.com/FuckingHack3r/CVE-2023-33592
|
||||
- https://github.com/nomi-sec/PoC-in-GitHub
|
||||
|
||||
|
||||
@ -15,6 +15,7 @@ Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 all
|
||||
|
||||
#### Github
|
||||
- https://github.com/0utl4nder/Another-Metabase-RCE-CVE-2023-38646
|
||||
- https://github.com/0xabdoulaye/CTFs-Journey
|
||||
- https://github.com/0xrobiul/CVE-2023-38646
|
||||
- https://github.com/20142995/sectool
|
||||
- https://github.com/Anekant-Singhai/Exploits
|
||||
|
||||
@ -13,6 +13,7 @@ A use-after-free issue was addressed with improved memory management. This issue
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/Lrdsnow/PureKFD
|
||||
- https://github.com/PureKFD/PureKFD
|
||||
- https://github.com/Spoou/123
|
||||
- https://github.com/felix-pb/kfd
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
### [CVE-2024-0169](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0169)
|
||||
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
Dell Unity, versions prior to 5.4, contains a cross-site scripting (XSS) vulnerability. An authenticated attacker could potentially exploit this vulnerability, leading users to download and execute malicious software crafted by this product's feature to compromise their systems.
|
||||
Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
|
||||
|
||||
### POC
|
||||
|
||||
|
||||
@ -14,4 +14,5 @@ No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
- https://github.com/nomi-sec/PoC-in-GitHub
|
||||
|
||||
|
||||
17
2024/CVE-2024-20083.md
Normal file
17
2024/CVE-2024-20083.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-20083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20083)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/Resery/Resery
|
||||
|
||||
@ -15,12 +15,22 @@
|
||||
|
||||
&color=blue)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Summary:Microsoft was notified that an elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security (VBS) including a subset of Azure Virtual Machine SKUS; enabling an attacker with administrator privileges to replace current versions of Windows system files with outdated versions. By exploiting this vulnerability, an attacker could reintroduce previously mitigated vulnerabilities, circumvent some features of VBS, and exfiltrate data protected by VBS. For more information on Windows versions and VM SKUs supporting VBS, reference: Virtualization-based Security (VBS) | Microsoft Learn..Microsoft is developing a security update to mitigate this vulnerability, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.This CVE will be updated when the mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.Details:A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022 , and a subset of Azure Virtual Machines (VM) SKUs with a Windows based guestOS supporting VBS.The vulnerability enables an attacker with administrator privileges on the target system to replace current Windows system files with outdated versions. Successful exploitation provides an attacker with the ability to reintroduce previously mitigated vulnerabilities, circumvent VBS security features, and exfiltrate data protected by VBS.Microsoft is developing a security update that will revoke outdated, unpatched VBS system files to mitigate this vulnerability, but it is not yet available. Due to the complexity of blocking such a large quantity of files, rigorous testing is required to avoid integration failures or regressions. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now – Microsoft Security Response Center.Microsoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 07th, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section of this CVE to protect their systems.Recommended Actions:The following recommendations do not mitigate the vulnerability but can be used to reduce the risk of exploitation until the security update is available.Configure “Audit Object Access” settings to monitor attempts to access files, such as handle creation, read / write operations, or modifications to security descriptors.Audit File System - Windows 10 | Microsoft LearnApply a basic audit policy on a file or folder - Windows 10 | Microsoft LearnAuditing sensitive privileges used to identify access, modification, or replacement of VBS related files could help indicacte attempts to exploit this vulnerability.Audit Sensitive Privilege Use - Windows 10 | Microsoft LearnProtect your Azure tenant by investigating administrators and users flagged for risky sign-ins and rotating their credentials.Investigate risk Microsoft Entra ID Protection - Microsoft Entra ID Protection | Microsoft LearnEnabling Multi-Factor Authentication can also help alleviate concerns about compromised accounts or exposure.Enforce multifactor...
|
||||
Summary:Microsoft was notified that an elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security (VBS), including a subset of Azure Virtual Machine SKUS. This vulnerability enables an attacker with administrator privileges to replace current versions of Windows system files with outdated versions. By exploiting this vulnerability, an attacker could reintroduce previously mitigated vulnerabilities, circumvent some features of VBS, and exfiltrate data protected by VBS.Microsoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.This CVE will be updated when the mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.Update: August 13, 2024Microsoft has released the August 2024 security updates that include an opt-in revocation policy mitigation to address this vulnerability. Customers running affected versions of Windows are encouraged to review KB5042562: Guidance for blocking rollback of virtualization-based security related updates to assess if this opt-in policy meets the needs of their environment before implementing this mitigation. There are risks associated with this mitigation that should be understood prior to applying it to your systems. Detailed information about these risks is also available in KB5042562.Details:A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows 10, Windows 11, Windows Server 2016, and higher based systems including Azure Virtual Machines (VM) that support VBS. For more information on Windows versions and VM SKUs supporting VBS, reference: Virtualization-based Security (VBS) | Microsoft Learn.The vulnerability enables an attacker with administrator privileges on the target system to replace current Windows system files with outdated versions. Successful exploitation provides an attacker with the ability to reintroduce previously mitigated vulnerabilities, circumvent VBS security features, and exfiltrate data protected by VBS.Microsoft is developing a security update that will revoke outdated, unpatched VBS system files to mitigate this vulnerability, but it is not yet available. Due to the complexity of blocking such a large quantity of files, rigorous testing is required to avoid integration failures or regressions. This CVE will be updated with new information and links to the security updates once available. For more information see Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now – Microsoft Security Response CenterMicrosoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems.Recommended Actions:Microsoft has released an opt-in mitigation available as an interim solution to help protect customers concerned about this vulnerability until the final mitigation is available in a security update.For Windows 10 1809 and later, Windows 11 version 21H2 and later, and Windows Server 2019 and later, administrators can deploy a Microsoft-signed revocation policy (SkuSiPolicy.p7b) to block vulnerable, unpatched versions of VBS system files from being loaded by the operating system. For more information, refer to KB5042562: Guidance for blocking rollback of virtualization-based security related...
|
||||
|
||||
### POC
|
||||
|
||||
|
||||
17
2024/CVE-2024-23705.md
Normal file
17
2024/CVE-2024-23705.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-23705](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23705)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In multiple locations, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/nomi-sec/PoC-in-GitHub
|
||||
|
||||
@ -26,6 +26,7 @@ No PoCs from references.
|
||||
- https://github.com/Stuub/RCity-CVE-2024-27198
|
||||
- https://github.com/Threekiii/Awesome-POC
|
||||
- https://github.com/Threekiii/CVE
|
||||
- https://github.com/TrojanAZhen/Self_Back
|
||||
- https://github.com/W01fh4cker/CVE-2024-27198-RCE
|
||||
- https://github.com/ZonghaoLi777/githubTrending
|
||||
- https://github.com/aneasystone/github-trending
|
||||
|
||||
17
2024/CVE-2024-28986.md
Normal file
17
2024/CVE-2024-28986.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-28986](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28986)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-35124.md
Normal file
17
2024/CVE-2024-35124.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-35124](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35124)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-36136.md
Normal file
17
2024/CVE-2024-36136.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-36136](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36136)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
18
2024/CVE-2024-37287.md
Normal file
18
2024/CVE-2024-37287.md
Normal file
@ -0,0 +1,18 @@
|
||||
### [CVE-2024-37287](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37287)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototype pollution vulnerability, ultimately leading to arbitrary code execution.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
- https://github.com/tanjiti/sec_profile
|
||||
|
||||
17
2024/CVE-2024-37373.md
Normal file
17
2024/CVE-2024-37373.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-37373](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37373)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-37399.md
Normal file
17
2024/CVE-2024-37399.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-37399](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37399)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
56
2024/CVE-2024-38063.md
Normal file
56
2024/CVE-2024-38063.md
Normal file
@ -0,0 +1,56 @@
|
||||
### [CVE-2024-38063](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38063)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
&color=blue)
|
||||
|
||||
&color=blue)
|
||||
|
||||
&color=blue)
|
||||
&color=blue)
|
||||
|
||||
|
||||
&color=blue)
|
||||
|
||||
&color=blue)
|
||||
|
||||
&color=blue)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
Windows TCP/IP Remote Code Execution Vulnerability
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/kherrick/hacker-news
|
||||
|
||||
@ -18,7 +18,7 @@
|
||||
|
||||
### Description
|
||||
|
||||
SummaryMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Backup, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.Microsoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.This CVE will be updated, and customers will be notified when the official mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.DetailsA security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Backup potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.Microsoft is developing a security update that will mitigate this vulnerability, but it is not yet available. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now – Microsoft Security Response Center.Microsoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems.Recommended ActionsThe following recommendations do not mitigate the vulnerability but can be used to reduce the risk of exploitation until the security update is available.Configure “Audit Object Access” settings to monitor attempts to access files, such as handle creation, read / write operations, or modifications to security descriptors.Audit File System - Windows 10 | Microsoft LearnApply a basic audit policy on a file or folder - Windows 10 | Microsoft LearnAudit users with permission to perform Backup and Restore operations to ensure only the appropriate users can perform these operations.Audit: Audit the use of Backup and Restore privilege (Windows 10) - Windows 10 | Microsoft LearnImplement an Access Control List or Discretionary Access Control Lists to restrict the access or modification of Backup files and perform Restore operations to appropriate users, for example administrators only.Access Control overview | Microsoft LearnDiscretionary Access Control Lists (DACL)Auditing sensitive privileges used to identify access, modification, or replacement of Backup related files could help indicate attempts to exploit this vulnerability.Audit Sensitive Privilege Use - Windows 10 | Microsoft Learn
|
||||
SummaryMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.Microsoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.This CVE will be updated, and customers will be notified when the official mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.DetailsA security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Update potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.Microsoft is developing a security update that will mitigate this vulnerability, but it is not yet available. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now – Microsoft Security Response Center.Microsoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems.Recommended ActionsThe following recommendations do not mitigate the vulnerability but can be used to reduce the risk of exploitation until the security update is available.Configure “Audit Object Access” settings to monitor attempts to access files, such as handle creation, read / write operations, or modifications to security descriptors.Audit File System - Windows 10 | Microsoft LearnApply a basic audit policy on a file or folder - Windows 10 | Microsoft LearnAudit users with permission to perform Update and Restore operations to ensure only the appropriate users can perform these operations.Audit: Audit the use of Backup and Restore privilege (Windows 10) - Windows 10 | Microsoft LearnImplement an Access Control List or Discretionary Access Control Lists to restrict the access or modification of Update files and perform Restore operations to appropriate users, for example administrators only.Access Control overview | Microsoft LearnDiscretionary Access Control Lists (DACL)Auditing sensitive privileges used to identify access, modification, or replacement of Update related files could help indicate attempts to exploit this vulnerability.Audit Sensitive Privilege Use - Windows 10 | Microsoft Learn
|
||||
|
||||
### POC
|
||||
|
||||
|
||||
17
2024/CVE-2024-38483.md
Normal file
17
2024/CVE-2024-38483.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-38483](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38483)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
65
2024/CVE-2024-38501.md
Normal file
65
2024/CVE-2024-38501.md
Normal file
@ -0,0 +1,65 @@
|
||||
### [CVE-2024-38501](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38501)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
65
2024/CVE-2024-38502.md
Normal file
65
2024/CVE-2024-38502.md
Normal file
@ -0,0 +1,65 @@
|
||||
### [CVE-2024-38502](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38502)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-38652.md
Normal file
17
2024/CVE-2024-38652.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-38652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38652)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-38653.md
Normal file
17
2024/CVE-2024-38653.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-38653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38653)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
20
2024/CVE-2024-3913.md
Normal file
20
2024/CVE-2024-3913.md
Normal file
@ -0,0 +1,20 @@
|
||||
### [CVE-2024-3913](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3913)
|
||||
&color=blue)
|
||||
&color=blue)
|
||||
&color=blue)
|
||||
&color=blue)
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-39472.md
Normal file
17
2024/CVE-2024-39472.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-39472](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39472)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In the Linux kernel, the following vulnerability has been resolved:xfs: fix log recovery buffer allocation for the legacy h_size fixupCommit a70f9fe52daa ("xfs: detect and handle invalid iclog size set bymkfs") added a fixup for incorrect h_size values used for the initialumount record in old xfsprogs versions. Later commit 0c771b99d6c9("xfs: clean up calculation of LR header blocks") cleaned up the logreover buffer calculation, but stoped using the fixed up h_size valueto size the log recovery buffer, which can lead to an out of boundsaccess when the incorrect h_size does not come from the old mkfstool, but a fuzzer.Fix this by open coding xlog_logrec_hblks and taking the fixed h_sizeinto account for this calculation.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-41042.md
Normal file
17
2024/CVE-2024-41042.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41042](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41042)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In the Linux kernel, the following vulnerability has been resolved:netfilter: nf_tables: prefer nft_chain_validatenft_chain_validate already performs loop detection because a cycle willresult in a call stack overflow (ctx->level >= NFT_JUMP_STACK_SIZE).It also follows maps via ->validate callback in nft_lookup, so thereappears no reason to iterate the maps again.nf_tables_check_loops() and all its helper functions can be removed.This improves ruleset load time significantly, from 23s down to 12s.This also fixes a crash bug. Old loop detection code can result inunbounded recursion:BUG: TASK stack guard page was hit at ....Oops: stack guard page: 0000 [#1] PREEMPT SMP KASANCPU: 4 PID: 1539 Comm: nft Not tainted 6.10.0-rc5+ #1[..]with a suitable ruleset during validation of register stores.I can't see any actual reason to attempt to check for this fromnft_validate_register_store(), at this point the transaction is still inprogress, so we don't have a full picture of the rule graph.For nf-next it might make sense to either remove it or make this dependon table->validate_state in case we could catch an error earlier(for improved error reporting to userspace).
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-41475.md
Normal file
17
2024/CVE-2024-41475.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41475](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41475)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://gist.github.com/AkiaCode/7c878b1699931314246d6589d86b1e89
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-41613.md
Normal file
17
2024/CVE-2024-41613.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41613)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
A Cross Site Scripting (XSS) vulnerability in Symphony CMS 2.7.10 allows remote attackers to inject arbitrary web script or HTML by editing note.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/OoLs5/VulDiscovery/blob/main/symphony_xss_vul.pdf
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-41614.md
Normal file
17
2024/CVE-2024-41614.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41614](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41614)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
symphonycms <=2.7.10 is vulnerable to Cross Site Scripting (XSS) in the Comment component for articles.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/OoLs5/VulDiscovery/blob/main/Symphony_CMS_XSS.pdf
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-41774.md
Normal file
17
2024/CVE-2024-41774.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41774](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41774)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 350348.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-41858.md
Normal file
17
2024/CVE-2024-41858.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41858](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41858)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-41860.md
Normal file
17
2024/CVE-2024-41860.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41860](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41860)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-41861.md
Normal file
17
2024/CVE-2024-41861.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41861)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-41862.md
Normal file
17
2024/CVE-2024-41862.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41862](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41862)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-41863.md
Normal file
17
2024/CVE-2024-41863.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41863](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41863)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-41864.md
Normal file
17
2024/CVE-2024-41864.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-41864](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41864)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
@ -10,7 +10,8 @@ llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
- https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b
|
||||
- https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-mqp6-7pv6-fqjf
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
@ -10,7 +10,8 @@ llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in t
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
- https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b
|
||||
- https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-5vm9-p64x-gqw9
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
@ -10,7 +10,8 @@ llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in t
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
- https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b
|
||||
- https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-wcr5-566p-9cwj
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-42480.md
Normal file
17
2024/CVE-2024-42480.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42480](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42480)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Kamaji is the Hosted Control Plane Manager for Kubernetes. In versions 1.0.0 and earlier, Kamaji uses an "open at the top" range definition in RBAC for etcd roles leading to some TCPs API servers being able to read, write, and delete the data of other control planes. This vulnerability is fixed in edge-24.8.2.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/clastix/kamaji/security/advisories/GHSA-6r4j-4rjc-8vw5
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42489.md
Normal file
17
2024/CVE-2024-42489.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42489](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42489)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
Pro Macros provides XWiki rendering macros. Missing escaping in the Viewpdf macro allows any user with view right on the `CKEditor.HTMLConverter` page or edit or comment right on any page to perform remote code execution. Other macros like Viewppt are vulnerable to the same kind of attack. This vulnerability is fixed in 1.10.1.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/xwikisas/xwiki-pro-macros/security/advisories/GHSA-cfq3-q227-7j65
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
@ -10,7 +10,7 @@ TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability i
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
- https://github.com/c10uds/totolink_A3002R_stackoverflow
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-42543.md
Normal file
17
2024/CVE-2024-42543.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42543)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3700R/loginauth.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42545.md
Normal file
17
2024/CVE-2024-42545.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42545)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3700R/setWizardCfg.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42546.md
Normal file
17
2024/CVE-2024-42546.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42546](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42546)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/A3100R/loginauth_password.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42547.md
Normal file
17
2024/CVE-2024-42547.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42547)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/A3100R/loginauth.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42623.md
Normal file
17
2024/CVE-2024-42623.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42623](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42623)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/delete/1
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/Kirtoc/cms/tree/main/8/readme.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42624.md
Normal file
17
2024/CVE-2024-42624.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42624](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42624)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/delete/10.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/Kirtoc/cms/tree/main/3/readme.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42625.md
Normal file
17
2024/CVE-2024-42625.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42625)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/add
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/Kirtoc/cms/tree/main/9/readme.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42626.md
Normal file
17
2024/CVE-2024-42626.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42626](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42626)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/add.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/Kirtoc/cms/tree/main/4/readme.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42627.md
Normal file
17
2024/CVE-2024-42627.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42627](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42627)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/delete/3.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/Kirtoc/cms/tree/main/6/readme.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42628.md
Normal file
17
2024/CVE-2024-42628.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42628](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42628)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/edit/3.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/Kirtoc/cms/tree/main/5/readme.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42629.md
Normal file
17
2024/CVE-2024-42629.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42629](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42629)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/Kirtoc/cms/tree/main/2/readme.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42630.md
Normal file
17
2024/CVE-2024-42630.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42630](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42630)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_file.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/Kirtoc/cms/tree/main/10/readme.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42631.md
Normal file
17
2024/CVE-2024-42631.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42631](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42631)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/Kirtoc/cms/tree/main/7/readme.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42632.md
Normal file
17
2024/CVE-2024-42632.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42632](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42632)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/Kirtoc/cms/tree/main/1/readme.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42736.md
Normal file
17
2024/CVE-2024-42736.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42736)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in addBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/addBlacklist/addBlacklist.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42737.md
Normal file
17
2024/CVE-2024-42737.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42737)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/delBlacklist/delBlacklist.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42738.md
Normal file
17
2024/CVE-2024-42738.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42738)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setDmzCfg/setDmzCfg.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42739.md
Normal file
17
2024/CVE-2024-42739.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42739](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42739)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setAccessDeviceCfg/setAccessDeviceCfg.md
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-42740.md
Normal file
17
2024/CVE-2024-42740.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42740](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42740)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setLedCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setLedCfg/setLedCfg.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42741.md
Normal file
17
2024/CVE-2024-42741.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42741)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setL2tpServerCfg/setL2tpServerCfg.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42742.md
Normal file
17
2024/CVE-2024-42742.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42742](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42742)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setUrlFilterRules/setUrlFilterRules.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42743.md
Normal file
17
2024/CVE-2024-42743.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42743](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42743)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg . Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setSyslogCfg/setSyslogCfg.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42744.md
Normal file
17
2024/CVE-2024-42744.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42744](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42744)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setModifyVpnUser/setModifyVpnUser.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42745.md
Normal file
17
2024/CVE-2024-42745.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42745](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42745)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setUPnPCfg/setUPnPCfg.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42747.md
Normal file
17
2024/CVE-2024-42747.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42747)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setWanIeCfg/setWanIeCfg.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-42748.md
Normal file
17
2024/CVE-2024-42748.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-42748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42748)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- https://github.com/HouseFuzz/reports/blob/main/totolink/x5000r/setWiFiWpsCfg/setWiFiWpsCfg.md
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2024/CVE-2024-43138.md
Normal file
17
2024/CVE-2024-43138.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-43138](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43138)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MagePeople Team Event Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Event Manager for WooCommerce: from n/a through 4.2.1.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-43140.md
Normal file
17
2024/CVE-2024-43140.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-43140](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43140)
|
||||
|
||||
|
||||
&color=brighgreen)
|
||||
|
||||
### Description
|
||||
|
||||
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows PHP Local File Inclusion.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.4.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-43141.md
Normal file
17
2024/CVE-2024-43141.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-43141](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43141)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Deserialization of Untrusted Data vulnerability in Roland Barker, xnau webdesign Participants Database allows Object Injection.This issue affects Participants Database: from n/a through 2.5.9.2.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
17
2024/CVE-2024-43153.md
Normal file
17
2024/CVE-2024-43153.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2024-43153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43153)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Improper Privilege Management vulnerability in WofficeIO Woffice allows Privilege Escalation.This issue affects Woffice: from n/a through 5.4.10.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/fkie-cad/nvd-json-data-feeds
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user