From bc4580b7799602bfe4618c8fe9ddff9c2dfdfc86 Mon Sep 17 00:00:00 2001 From: 0xMarcio Date: Fri, 7 Jun 2024 04:52:01 +0000 Subject: [PATCH] Update CVE sources 2024-06-07 04:52 --- 2000/CVE-2000-0114.md | 1 + 2006/CVE-2006-4469.md | 1 + 2007/CVE-2007-5464.md | 1 + 2007/CVE-2007-5686.md | 1 + 2008/CVE-2008-0166.md | 3 + 2008/CVE-2008-0176.md | 17 + 2008/CVE-2008-0590.md | 1 + 2008/CVE-2008-4250.md | 1 + 2009/CVE-2009-2629.md | 1 + 2009/CVE-2009-3555.md | 1 + 2010/CVE-2010-3124.md | 1 + 2010/CVE-2010-4597.md | 2 +- 2011/CVE-2011-1562.md | 17 + 2011/CVE-2011-1563.md | 2 +- 2011/CVE-2011-3374.md | 1 + 2012/CVE-2012-1823.md | 1 + 2012/CVE-2012-2611.md | 1 + 2013/CVE-2013-0007.md | 1 + 2013/CVE-2013-1445.md | 1 + 2013/CVE-2013-2566.md | 1 + 2013/CVE-2013-3900.md | 1 + 2013/CVE-2013-4378.md | 1 + 2014/CVE-2014-0160.md | 2 + 2014/CVE-2014-2024.md | 2 +- 2014/CVE-2014-3566.md | 1 + 2014/CVE-2014-4060.md | 1 + 2014/CVE-2014-4210.md | 1 + 2014/CVE-2014-4880.md | 2 +- 2014/CVE-2014-6271.md | 2 + 2014/CVE-2014-6277.md | 1 + 2014/CVE-2014-7169.md | 1 + 2015/CVE-2015-2515.md | 1 + 2015/CVE-2015-2712.md | 2 +- 2015/CVE-2015-2743.md | 2 +- 2015/CVE-2015-3276.md | 1 + 2015/CVE-2015-3306.md | 1 + 2015/CVE-2015-4852.md | 1 + 2016/CVE-2016-0143.md | 1 + 2016/CVE-2016-0171.md | 1 + 2016/CVE-2016-0638.md | 1 + 2016/CVE-2016-10033.md | 1 + 2016/CVE-2016-10045.md | 1 + 2016/CVE-2016-1409.md | 17 + 2016/CVE-2016-2107.md | 1 + 2016/CVE-2016-3088.md | 2 + 2016/CVE-2016-3510.md | 1 + 2016/CVE-2016-5423.md | 17 + 2016/CVE-2016-6380.md | 17 + 2017/CVE-2017-0143.md | 3 + 2017/CVE-2017-0144.md | 3 + 2017/CVE-2017-0145.md | 2 + 2017/CVE-2017-0146.md | 2 + 2017/CVE-2017-0147.md | 1 + 2017/CVE-2017-0148.md | 2 + 2017/CVE-2017-0785.md | 1 + 2017/CVE-2017-1000250.md | 1 + 2017/CVE-2017-1000251.md | 2 + 2017/CVE-2017-10125.md | 2 +- 2017/CVE-2017-10271.md | 1 + 2017/CVE-2017-11283.md | 1 + 2017/CVE-2017-12087.md | 17 + 2017/CVE-2017-12130.md | 2 +- 2017/CVE-2017-12149.md | 1 + 2017/CVE-2017-12615.md | 3 + 2017/CVE-2017-12629.md | 1 + 2017/CVE-2017-13716.md | 1 + 2017/CVE-2017-14159.md | 1 + 2017/CVE-2017-16905.md | 1 + 2017/CVE-2017-17740.md | 1 + 2017/CVE-2017-18018.md | 1 + 2017/CVE-2017-18861.md | 17 + 2017/CVE-2017-2624.md | 2 +- 2017/CVE-2017-2625.md | 2 +- 2017/CVE-2017-2626.md | 1 + 2017/CVE-2017-3248.md | 1 + 2017/CVE-2017-3506.md | 1 + 2017/CVE-2017-5223.md | 1 + 2017/CVE-2017-5244.md | 1 + 2017/CVE-2017-6770.md | 17 + 2017/CVE-2017-7243.md | 1 + 2017/CVE-2017-7269.md | 1 + 2017/CVE-2017-8360.md | 1 + 2017/CVE-2017-8514.md | 1 + 2017/CVE-2017-8759.md | 1 + 2017/CVE-2017-9805.md | 1 + 2018/CVE-2018-0893.md | 1 + 2018/CVE-2018-1000021.md | 1 + 2018/CVE-2018-1000861.md | 1 + 2018/CVE-2018-1058.md | 1 + 2018/CVE-2018-1260.md | 1 + 2018/CVE-2018-1261.md | 1 + 2018/CVE-2018-12679.md | 17 + 2018/CVE-2018-16845.md | 1 + 2018/CVE-2018-18264.md | 1 + 2018/CVE-2018-18428.md | 2 +- 2018/CVE-2018-18483.md | 1 + 2018/CVE-2018-19067.md | 2 +- 2018/CVE-2018-19077.md | 2 +- 2018/CVE-2018-19417.md | 17 + 2018/CVE-2018-19518.md | 1 + 2018/CVE-2018-19860.md | 17 + 2018/CVE-2018-20225.md | 1 + 2018/CVE-2018-20250.md | 1 + 2018/CVE-2018-20673.md | 1 + 2018/CVE-2018-20712.md | 1 + 2018/CVE-2018-2628.md | 1 + 2018/CVE-2018-2893.md | 1 + 2018/CVE-2018-2894.md | 3 + 2018/CVE-2018-5144.md | 1 + 2018/CVE-2018-5178.md | 1 + 2018/CVE-2018-5383.md | 1 + 2018/CVE-2018-6376.md | 1 + 2018/CVE-2018-6389.md | 2 + 2018/CVE-2018-6829.md | 1 + 2018/CVE-2018-6981.md | 1 + 2018/CVE-2018-7600.md | 2 + 2018/CVE-2018-8120.md | 1 + 2018/CVE-2018-9996.md | 1 + 2019/CVE-2019-0570.md | 1 + 2019/CVE-2019-0583.md | 27 + 2019/CVE-2019-0604.md | 1 + 2019/CVE-2019-0708.md | 3 + 2019/CVE-2019-0717.md | 10 +- 2019/CVE-2019-0803.md | 1 + 2019/CVE-2019-0863.md | 1 + 2019/CVE-2019-10028.md | 1 + 2019/CVE-2019-1003000.md | 1 + 2019/CVE-2019-1003005.md | 1 + 2019/CVE-2019-1003029.md | 1 + 2019/CVE-2019-10173.md | 1 + 2019/CVE-2019-10758.md | 1 + 2019/CVE-2019-11043.md | 2 + 2019/CVE-2019-11247.md | 1 + 2019/CVE-2019-11249.md | 1 + 2019/CVE-2019-1125.md | 35 +- 2019/CVE-2019-11358.md | 5 + 2019/CVE-2019-1144.md | 35 +- 2019/CVE-2019-1145.md | 35 +- 2019/CVE-2019-1148.md | 38 +- 2019/CVE-2019-1149.md | 38 +- 2019/CVE-2019-1150.md | 35 +- 2019/CVE-2019-1151.md | 38 +- 2019/CVE-2019-11510.md | 1 + 2019/CVE-2019-1152.md | 35 +- 2019/CVE-2019-1153.md | 38 +- 2019/CVE-2019-1158.md | 35 +- 2019/CVE-2019-1159.md | 35 +- 2019/CVE-2019-1161.md | 36 +- 2019/CVE-2019-1170.md | 11 +- 2019/CVE-2019-11708.md | 1 + 2019/CVE-2019-1172.md | 22 +- 2019/CVE-2019-1181.md | 30 +- 2019/CVE-2019-1182.md | 30 +- 2019/CVE-2019-1184.md | 11 +- 2019/CVE-2019-1205.md | 12 +- 2019/CVE-2019-1211.md | 11 +- 2019/CVE-2019-1218.md | 4 +- 2019/CVE-2019-1222.md | 11 +- 2019/CVE-2019-1226.md | 13 +- 2019/CVE-2019-12409.md | 1 + 2019/CVE-2019-1253.md | 1 + 2019/CVE-2019-12727.md | 2 +- 2019/CVE-2019-13051.md | 1 + 2019/CVE-2019-1322.md | 1 + 2019/CVE-2019-13272.md | 1 + 2019/CVE-2019-1388.md | 1 + 2019/CVE-2019-1405.md | 1 + 2019/CVE-2019-14323.md | 17 + 2019/CVE-2019-14431.md | 17 + 2019/CVE-2019-1458.md | 2 + 2019/CVE-2019-15107.md | 1 + 2019/CVE-2019-15642.md | 1 + 2019/CVE-2019-16131.md | 1 + 2019/CVE-2019-16132.md | 1 + 2019/CVE-2019-16278.md | 1 + 2019/CVE-2019-16279.md | 1 + 2019/CVE-2019-16309.md | 1 + 2019/CVE-2019-16313.md | 1 + 2019/CVE-2019-16314.md | 1 + 2019/CVE-2019-16336.md | 1 + 2019/CVE-2019-16346.md | 1 + 2019/CVE-2019-16347.md | 1 + 2019/CVE-2019-16759.md | 1 + 2019/CVE-2019-16920.md | 1 + 2019/CVE-2019-17003.md | 1 + 2019/CVE-2019-17060.md | 1 + 2019/CVE-2019-17061.md | 1 + 2019/CVE-2019-17424.md | 1 + 2019/CVE-2019-17506.md | 1 + 2019/CVE-2019-17556.md | 1 + 2019/CVE-2019-17558.md | 1 + 2019/CVE-2019-17564.md | 1 + 2019/CVE-2019-17621.md | 1 + 2019/CVE-2019-17662.md | 1 + 2019/CVE-2019-18370.md | 1 + 2019/CVE-2019-18371.md | 1 + 2019/CVE-2019-18634.md | 1 + 2019/CVE-2019-18939.md | 1 + 2019/CVE-2019-19011.md | 2 +- 2019/CVE-2019-19192.md | 1 + 2019/CVE-2019-19634.md | 1 + 2019/CVE-2019-19781.md | 1 + 2019/CVE-2019-19844.md | 1 + 2019/CVE-2019-19882.md | 1 + 2019/CVE-2019-20215.md | 1 + 2019/CVE-2019-2107.md | 1 + 2019/CVE-2019-2725.md | 4 + 2019/CVE-2019-2729.md | 1 + 2019/CVE-2019-2890.md | 1 + 2019/CVE-2019-7580.md | 1 + 2019/CVE-2019-7609.md | 1 + 2019/CVE-2019-8286.md | 2 +- 2019/CVE-2019-8341.md | 1 + 2019/CVE-2019-9004.md | 1 + 2019/CVE-2019-9506.md | 1 + 2019/CVE-2019-9621.md | 1 + 2019/CVE-2019-9747.md | 17 + 2019/CVE-2019-9749.md | 17 + 2019/CVE-2019-9750.md | 17 + 2019/CVE-2019-9928.md | 17 + 2020/CVE-2020-0554.md | 1 + 2020/CVE-2020-0601.md | 1 + 2020/CVE-2020-0609.md | 1 + 2020/CVE-2020-0610.md | 1 + 2020/CVE-2020-0618.md | 1 + 2020/CVE-2020-0668.md | 1 + 2020/CVE-2020-0674.md | 1 + 2020/CVE-2020-0683.md | 1 + 2020/CVE-2020-0688.md | 1 + 2020/CVE-2020-0728.md | 1 + 2020/CVE-2020-0767.md | 1 + 2020/CVE-2020-0787.md | 1 + 2020/CVE-2020-0796.md | 2 + 2020/CVE-2020-10134.md | 1 + 2020/CVE-2020-10135.md | 1 + 2020/CVE-2020-10189.md | 1 + 2020/CVE-2020-10199.md | 1 + 2020/CVE-2020-10204.md | 1 + 2020/CVE-2020-10238.md | 1 + 2020/CVE-2020-10239.md | 1 + 2020/CVE-2020-1048.md | 1 + 2020/CVE-2020-1054.md | 2 + 2020/CVE-2020-1066.md | 1 + 2020/CVE-2020-10673.md | 1 + 2020/CVE-2020-10713.md | 1 + 2020/CVE-2020-10749.md | 1 + 2020/CVE-2020-1088.md | 1 + 2020/CVE-2020-11154.md | 1 + 2020/CVE-2020-11155.md | 1 + 2020/CVE-2020-11156.md | 1 + 2020/CVE-2020-11651.md | 2 + 2020/CVE-2020-11652.md | 2 + 2020/CVE-2020-11890.md | 1 + 2020/CVE-2020-11996.md | 1 + 2020/CVE-2020-12351.md | 1 + 2020/CVE-2020-12352.md | 1 + 2020/CVE-2020-12695.md | 1 + 2020/CVE-2020-12753.md | 1 + 2020/CVE-2020-1281.md | 1 + 2020/CVE-2020-1313.md | 1 + 2020/CVE-2020-1337.md | 1 + 2020/CVE-2020-1350.md | 1 + 2020/CVE-2020-1362.md | 1 + 2020/CVE-2020-14181.md | 1 + 2020/CVE-2020-14644.md | 1 + 2020/CVE-2020-14645.md | 1 + 2020/CVE-2020-1472.md | 2 + 2020/CVE-2020-14882.md | 2 + 2020/CVE-2020-15257.md | 1 + 2020/CVE-2020-15531.md | 2 +- 2020/CVE-2020-15719.md | 1 + 2020/CVE-2020-15778.md | 1 + 2020/CVE-2020-15802.md | 1 + 2020/CVE-2020-16040.md | 1 + 2020/CVE-2020-1938.md | 1 + 2020/CVE-2020-1947.md | 1 + 2020/CVE-2020-1948.md | 1 + 2020/CVE-2020-24490.md | 1 + 2020/CVE-2020-25078.md | 1 + 2020/CVE-2020-2546.md | 1 + 2020/CVE-2020-2551.md | 1 + 2020/CVE-2020-2555.md | 1 + 2020/CVE-2020-26555.md | 1 + 2020/CVE-2020-26556.md | 1 + 2020/CVE-2020-26557.md | 1 + 2020/CVE-2020-26558.md | 1 + 2020/CVE-2020-26559.md | 1 + 2020/CVE-2020-26560.md | 1 + 2020/CVE-2020-2696.md | 1 + 2020/CVE-2020-2798.md | 1 + 2020/CVE-2020-2801.md | 1 + 2020/CVE-2020-2883.md | 1 + 2020/CVE-2020-2884.md | 1 + 2020/CVE-2020-2915.md | 1 + 2020/CVE-2020-2950.md | 1 + 2020/CVE-2020-3452.md | 1 + 2020/CVE-2020-3543.md | 17 + 2020/CVE-2020-35473.md | 1 + 2020/CVE-2020-36325.md | 17 + 2020/CVE-2020-3703.md | 1 + 2020/CVE-2020-5245.md | 4 +- 2020/CVE-2020-5260.md | 1 + 2020/CVE-2020-5398.md | 1 + 2020/CVE-2020-5410.md | 1 + 2020/CVE-2020-5504.md | 1 + 2020/CVE-2020-5509.md | 1 + 2020/CVE-2020-5551.md | 17 + 2020/CVE-2020-5902.md | 2 + 2020/CVE-2020-6286.md | 1 + 2020/CVE-2020-6287.md | 1 + 2020/CVE-2020-7246.md | 1 + 2020/CVE-2020-7471.md | 1 + 2020/CVE-2020-8163.md | 1 + 2020/CVE-2020-8193.md | 1 + 2020/CVE-2020-8558.md | 1 + 2020/CVE-2020-8559.md | 1 + 2020/CVE-2020-8597.md | 1 + 2020/CVE-2020-8634.md | 1 + 2020/CVE-2020-8635.md | 1 + 2020/CVE-2020-8794.md | 1 + 2020/CVE-2020-8813.md | 1 + 2020/CVE-2020-8840.md | 1 + 2020/CVE-2020-9374.md | 1 + 2020/CVE-2020-9376.md | 1 + 2020/CVE-2020-9377.md | 1 + 2020/CVE-2020-9402.md | 1 + 2020/CVE-2020-9484.md | 1 + 2020/CVE-2020-9496.md | 1 + 2020/CVE-2020-9547.md | 1 + 2020/CVE-2020-9548.md | 1 + 2021/CVE-2021-1675.md | 1 + 2021/CVE-2021-20090.md | 1 + 2021/CVE-2021-21315.md | 1 + 2021/CVE-2021-21972.md | 1 + 2021/CVE-2021-22005.md | 1 + 2021/CVE-2021-22205.md | 1 + 2021/CVE-2021-22986.md | 2 + 2021/CVE-2021-25735.md | 1 + 2021/CVE-2021-25737.md | 1 + 2021/CVE-2021-25740.md | 1 + 2021/CVE-2021-25741.md | 1 + 2021/CVE-2021-26084.md | 1 + 2021/CVE-2021-26295.md | 1 + 2021/CVE-2021-28139.md | 1 + 2021/CVE-2021-28310.md | 1 + 2021/CVE-2021-29441.md | 1 + 2021/CVE-2021-30461.md | 1 + 2021/CVE-2021-30465.md | 1 + 2021/CVE-2021-32256.md | 2 +- 2021/CVE-2021-35068.md | 1 + 2021/CVE-2021-3520.md | 1 + 2021/CVE-2021-37580.md | 1 + 2021/CVE-2021-3899.md | 24 + 2021/CVE-2021-3942.md | 17 + 2021/CVE-2021-4034.md | 1 + 2021/CVE-2021-40655.md | 2 +- 2021/CVE-2021-41773.md | 1 + 2021/CVE-2021-42013.md | 1 + 2021/CVE-2021-42306.md | 3 +- 2021/CVE-2021-43798.md | 1 + 2021/CVE-2021-43890.md | 2 +- 2021/CVE-2021-44228.md | 3 + 2021/CVE-2021-45232.md | 1 + 2021/CVE-2021-45346.md | 1 + 2021/CVE-2021-46905.md | 2 +- 2022/CVE-2022-0563.md | 1 + 2022/CVE-2022-0847.md | 1 + 2022/CVE-2022-1388.md | 1 + 2022/CVE-2022-1970.md | 8 +- 2022/CVE-2022-22075.md | 17 + 2022/CVE-2022-22088.md | 17 + 2022/CVE-2022-22916.md | 1 + 2022/CVE-2022-22947.md | 1 + 2022/CVE-2022-22954.md | 1 + 2022/CVE-2022-22963.md | 1 + 2022/CVE-2022-22965.md | 1 + 2022/CVE-2022-2297.md | 1 + 2022/CVE-2022-23131.md | 1 + 2022/CVE-2022-23221.md | 1 + 2022/CVE-2022-24695.md | 17 + 2022/CVE-2022-24975.md | 1 + 2022/CVE-2022-25836.md | 1 + 2022/CVE-2022-25837.md | 1 + 2022/CVE-2022-26134.md | 4 + 2022/CVE-2022-2699.md | 17 + 2022/CVE-2022-27225.md | 1 + 2022/CVE-2022-2724.md | 1 + 2022/CVE-2022-27255.md | 1 + 2022/CVE-2022-27925.md | 1 + 2022/CVE-2022-27943.md | 1 + 2022/CVE-2022-27948.md | 17 + 2022/CVE-2022-2843.md | 2 +- 2022/CVE-2022-29098.md | 17 + 2022/CVE-2022-29266.md | 1 + 2022/CVE-2022-29303.md | 1 + 2022/CVE-2022-29464.md | 1 + 2022/CVE-2022-30190.md | 2 +- 2022/CVE-2022-30221.md | 2 + 2022/CVE-2022-30525.md | 1 + 2022/CVE-2022-30858.md | 1 + 2022/CVE-2022-31793.md | 1 + 2022/CVE-2022-3205.md | 2 +- 2022/CVE-2022-3219.md | 1 + 2022/CVE-2022-33255.md | 17 + 2022/CVE-2022-33280.md | 17 + 2022/CVE-2022-37968.md | 2 +- 2022/CVE-2022-40503.md | 17 + 2022/CVE-2022-40537.md | 17 + 2022/CVE-2022-41120.md | 1 + 2022/CVE-2022-41678.md | 4 +- 2022/CVE-2022-43216.md | 17 + 2022/CVE-2022-44704.md | 1 + 2022/CVE-2022-45171.md | 17 + 2022/CVE-2022-46463.md | 2 + 2022/CVE-2022-48303.md | 1 + 2022/CVE-2022-48681.md | 17 + 2023/CVE-2023-1389.md | 1 + 2023/CVE-2023-1972.md | 1 + 2023/CVE-2023-21529.md | 2 +- 2023/CVE-2023-21536.md | 2 +- 2023/CVE-2023-21537.md | 4 +- 2023/CVE-2023-21538.md | 2 +- 2023/CVE-2023-21543.md | 4 +- 2023/CVE-2023-21554.md | 6 +- 2023/CVE-2023-21563.md | 2 + 2023/CVE-2023-21567.md | 2 +- 2023/CVE-2023-21647.md | 17 + 2023/CVE-2023-21674.md | 2 +- 2023/CVE-2023-21675.md | 4 +- 2023/CVE-2023-21707.md | 2 +- 2023/CVE-2023-21716.md | 2 +- 2023/CVE-2023-21721.md | 2 +- 2023/CVE-2023-21722.md | 2 +- 2023/CVE-2023-21734.md | 2 +- 2023/CVE-2023-21739.md | 2 +- 2023/CVE-2023-21742.md | 2 +- 2023/CVE-2023-21744.md | 2 +- 2023/CVE-2023-21746.md | 2 + 2023/CVE-2023-21747.md | 4 +- 2023/CVE-2023-21748.md | 2 + 2023/CVE-2023-21749.md | 4 +- 2023/CVE-2023-21750.md | 4 +- 2023/CVE-2023-21752.md | 2 +- 2023/CVE-2023-21753.md | 2 +- 2023/CVE-2023-21755.md | 2 +- 2023/CVE-2023-21766.md | 2 +- 2023/CVE-2023-21768.md | 2 +- 2023/CVE-2023-21772.md | 4 +- 2023/CVE-2023-21773.md | 4 +- 2023/CVE-2023-21774.md | 4 +- 2023/CVE-2023-21776.md | 4 +- 2023/CVE-2023-21779.md | 2 +- 2023/CVE-2023-21808.md | 4 +- 2023/CVE-2023-21812.md | 4 +- 2023/CVE-2023-21817.md | 4 +- 2023/CVE-2023-21822.md | 4 +- 2023/CVE-2023-21823.md | 4 +- 2023/CVE-2023-22527.md | 1 + 2023/CVE-2023-22726.md | 2 +- 2023/CVE-2023-23349.md | 1 + 2023/CVE-2023-23376.md | 4 +- 2023/CVE-2023-23391.md | 2 +- 2023/CVE-2023-23392.md | 2 +- 2023/CVE-2023-23396.md | 2 +- 2023/CVE-2023-23397.md | 2 +- 2023/CVE-2023-23399.md | 2 +- 2023/CVE-2023-23408.md | 2 +- 2023/CVE-2023-23410.md | 4 +- 2023/CVE-2023-23415.md | 4 +- 2023/CVE-2023-23416.md | 2 +- 2023/CVE-2023-23420.md | 4 +- 2023/CVE-2023-23421.md | 4 +- 2023/CVE-2023-23422.md | 2 + 2023/CVE-2023-23423.md | 2 + 2023/CVE-2023-23752.md | 1 + 2023/CVE-2023-24023.md | 1 + 2023/CVE-2023-24893.md | 2 +- 2023/CVE-2023-24930.md | 2 +- 2023/CVE-2023-24932.md | 1 + 2023/CVE-2023-24934.md | 2 +- 2023/CVE-2023-24941.md | 2 +- 2023/CVE-2023-24955.md | 2 +- 2023/CVE-2023-25330.md | 2 +- 2023/CVE-2023-26756.md | 2 +- 2023/CVE-2023-27372.md | 1 + 2023/CVE-2023-28218.md | 4 +- 2023/CVE-2023-28222.md | 4 +- 2023/CVE-2023-28226.md | 2 +- 2023/CVE-2023-28228.md | 4 +- 2023/CVE-2023-28229.md | 4 +- 2023/CVE-2023-28231.md | 5 +- 2023/CVE-2023-28244.md | 4 +- 2023/CVE-2023-28248.md | 2 +- 2023/CVE-2023-28250.md | 4 +- 2023/CVE-2023-28252.md | 4 +- 2023/CVE-2023-28271.md | 4 +- 2023/CVE-2023-28285.md | 2 +- 2023/CVE-2023-28287.md | 2 +- 2023/CVE-2023-28288.md | 2 +- 2023/CVE-2023-28293.md | 4 +- 2023/CVE-2023-28295.md | 2 +- 2023/CVE-2023-28302.md | 4 +- 2023/CVE-2023-28303.md | 2 +- 2023/CVE-2023-28310.md | 2 +- 2023/CVE-2023-28311.md | 2 +- 2023/CVE-2023-28343.md | 1 + 2023/CVE-2023-28432.md | 2 + 2023/CVE-2023-28531.md | 1 + 2023/CVE-2023-29324.md | 2 +- 2023/CVE-2023-29325.md | 2 +- 2023/CVE-2023-29332.md | 2 +- 2023/CVE-2023-29336.md | 2 +- 2023/CVE-2023-29338.md | 2 +- 2023/CVE-2023-29343.md | 2 +- 2023/CVE-2023-29357.md | 2 +- 2023/CVE-2023-29360.md | 2 +- 2023/CVE-2023-2975.md | 1 + 2023/CVE-2023-31468.md | 2 +- 2023/CVE-2023-32031.md | 2 +- 2023/CVE-2023-32046.md | 2 + 2023/CVE-2023-32054.md | 42 + 2023/CVE-2023-33137.md | 2 +- 2023/CVE-2023-33144.md | 2 +- 2023/CVE-2023-33148.md | 2 +- 2023/CVE-2023-3390.md | 1 + 2023/CVE-2023-3446.md | 1 + 2023/CVE-2023-34960.md | 1 + 2023/CVE-2023-35311.md | 2 +- 2023/CVE-2023-35313.md | 2 +- 2023/CVE-2023-35353.md | 2 +- 2023/CVE-2023-35356.md | 2 +- 2023/CVE-2023-35357.md | 2 +- 2023/CVE-2023-35358.md | 2 +- 2023/CVE-2023-35359.md | 2 +- 2023/CVE-2023-35360.md | 2 +- 2023/CVE-2023-35361.md | 2 +- 2023/CVE-2023-35362.md | 2 +- 2023/CVE-2023-35363.md | 2 +- 2023/CVE-2023-35364.md | 2 +- 2023/CVE-2023-35365.md | 4 +- 2023/CVE-2023-35368.md | 2 +- 2023/CVE-2023-35382.md | 2 +- 2023/CVE-2023-35386.md | 2 +- 2023/CVE-2023-35388.md | 2 +- 2023/CVE-2023-35390.md | 2 +- 2023/CVE-2023-35618.md | 2 +- 2023/CVE-2023-35628.md | 2 +- 2023/CVE-2023-35630.md | 2 +- 2023/CVE-2023-35632.md | 2 +- 2023/CVE-2023-35633.md | 2 +- 2023/CVE-2023-35636.md | 2 +- 2023/CVE-2023-35639.md | 2 +- 2023/CVE-2023-35641.md | 2 +- 2023/CVE-2023-35644.md | 2 +- 2023/CVE-2023-36003.md | 2 +- 2023/CVE-2023-36005.md | 2 +- 2023/CVE-2023-36006.md | 2 +- 2023/CVE-2023-36011.md | 2 +- 2023/CVE-2023-36019.md | 2 +- 2023/CVE-2023-36033.md | 2 +- 2023/CVE-2023-36034.md | 2 +- 2023/CVE-2023-36036.md | 2 +- 2023/CVE-2023-36041.md | 2 +- 2023/CVE-2023-36047.md | 2 +- 2023/CVE-2023-36052.md | 2 +- 2023/CVE-2023-36054.md | 1 + 2023/CVE-2023-36085.md | 2 +- 2023/CVE-2023-36391.md | 3 +- 2023/CVE-2023-36396.md | 20 + 2023/CVE-2023-36403.md | 2 +- 2023/CVE-2023-36404.md | 2 +- 2023/CVE-2023-36407.md | 2 +- 2023/CVE-2023-36414.md | 2 +- 2023/CVE-2023-36424.md | 2 +- 2023/CVE-2023-36434.md | 4 +- 2023/CVE-2023-36439.md | 2 +- 2023/CVE-2023-36562.md | 2 +- 2023/CVE-2023-36563.md | 4 +- 2023/CVE-2023-36576.md | 2 +- 2023/CVE-2023-36584.md | 2 + 2023/CVE-2023-36696.md | 2 +- 2023/CVE-2023-36723.md | 2 +- 2023/CVE-2023-36728.md | 2 +- 2023/CVE-2023-36735.md | 2 +- 2023/CVE-2023-36741.md | 2 +- 2023/CVE-2023-36745.md | 2 +- 2023/CVE-2023-36761.md | 2 +- 2023/CVE-2023-36764.md | 2 +- 2023/CVE-2023-36778.md | 2 +- 2023/CVE-2023-36787.md | 2 +- 2023/CVE-2023-36802.md | 2 +- 2023/CVE-2023-36803.md | 2 +- 2023/CVE-2023-36874.md | 4 +- 2023/CVE-2023-36884.md | 2 +- 2023/CVE-2023-36895.md | 2 +- 2023/CVE-2023-36899.md | 3 +- 2023/CVE-2023-36900.md | 2 +- 2023/CVE-2023-38039.md | 1 + 2023/CVE-2023-38139.md | 4 +- 2023/CVE-2023-38140.md | 2 +- 2023/CVE-2023-38141.md | 4 +- 2023/CVE-2023-38146.md | 2 +- 2023/CVE-2023-38154.md | 2 +- 2023/CVE-2023-3817.md | 1 + 2023/CVE-2023-38175.md | 2 +- 2023/CVE-2023-38176.md | 2 +- 2023/CVE-2023-38178.md | 2 +- 2023/CVE-2023-38181.md | 2 +- 2023/CVE-2023-38182.md | 2 +- 2023/CVE-2023-38184.md | 2 +- 2023/CVE-2023-38408.md | 1 + 2023/CVE-2023-38545.md | 1 + 2023/CVE-2023-38546.md | 1 + 2023/CVE-2023-38646.md | 1 + 2023/CVE-2023-38706.md | 17 + 2023/CVE-2023-39113.md | 2 +- 2023/CVE-2023-39114.md | 2 +- 2023/CVE-2023-39318.md | 17 + 2023/CVE-2023-39319.md | 17 + 2023/CVE-2023-39325.md | 1 + 2023/CVE-2023-39326.md | 17 + 2023/CVE-2023-39804.md | 17 + 2023/CVE-2023-39848.md | 4 + 2023/CVE-2023-40588.md | 17 + 2023/CVE-2023-41042.md | 17 + 2023/CVE-2023-41043.md | 17 + 2023/CVE-2023-41763.md | 2 +- 2023/CVE-2023-41772.md | 2 +- 2023/CVE-2023-41892.md | 1 + 2023/CVE-2023-42757.md | 17 + 2023/CVE-2023-43208.md | 2 + 2023/CVE-2023-43659.md | 17 + 2023/CVE-2023-43814.md | 18 + 2023/CVE-2023-44271.md | 1 + 2023/CVE-2023-44388.md | 17 + 2023/CVE-2023-44391.md | 17 + 2023/CVE-2023-44487.md | 1 + 2023/CVE-2023-45131.md | 17 + 2023/CVE-2023-45147.md | 17 + 2023/CVE-2023-4527.md | 1 + 2023/CVE-2023-45283.md | 1 + 2023/CVE-2023-45284.md | 1 + 2023/CVE-2023-45287.md | 17 + 2023/CVE-2023-45288.md | 1 + 2023/CVE-2023-45289.md | 18 + 2023/CVE-2023-45290.md | 17 + 2023/CVE-2023-45806.md | 17 + 2023/CVE-2023-45816.md | 17 + 2023/CVE-2023-45866.md | 1 + 2023/CVE-2023-46130.md | 17 + 2023/CVE-2023-46218.md | 1 + 2023/CVE-2023-46219.md | 1 + 2023/CVE-2023-46234.md | 1 + 2023/CVE-2023-46574.md | 1 + 2023/CVE-2023-46604.md | 2 + 2023/CVE-2023-47038.md | 3 +- 2023/CVE-2023-47119.md | 1 + 2023/CVE-2023-47120.md | 17 + 2023/CVE-2023-47121.md | 17 + 2023/CVE-2023-4806.md | 1 + 2023/CVE-2023-4813.md | 1 + 2023/CVE-2023-48297.md | 17 + 2023/CVE-2023-48795.md | 1 + 2023/CVE-2023-49086.md | 4 +- 2023/CVE-2023-49099.md | 17 + 2023/CVE-2023-49103.md | 1 + 2023/CVE-2023-4911.md | 1 + 2023/CVE-2023-50044.md | 17 + 2023/CVE-2023-50628.md | 2 +- 2023/CVE-2023-51257.md | 2 +- 2023/CVE-2023-51384.md | 1 + 2023/CVE-2023-51385.md | 1 + 2023/CVE-2023-52426.md | 1 + 2023/CVE-2023-5363.md | 1 + 2023/CVE-2023-5981.md | 1 + 2023/CVE-2023-6240.md | 1 + 2023/CVE-2023-6246.md | 1 + 2023/CVE-2023-6612.md | 1 + 2023/CVE-2023-6702.md | 17 + 2023/CVE-2023-6779.md | 1 + 2023/CVE-2023-6780.md | 1 + 2023/CVE-2023-7008.md | 1 + 2024/CVE-2024-0039.md | 17 + 2024/CVE-2024-0235.md | 1 + 2024/CVE-2024-0517.md | 1 + 2024/CVE-2024-0553.md | 1 + 2024/CVE-2024-0567.md | 1 + 2024/CVE-2024-0582.md | 1 + 2024/CVE-2024-0756.md | 17 + 2024/CVE-2024-0757.md | 17 + 2024/CVE-2024-1023.md | 2 +- 2024/CVE-2024-1086.md | 2 + 2024/CVE-2024-1102.md | 2 + 2024/CVE-2024-1300.md | 2 +- 2024/CVE-2024-1402.md | 2 +- 2024/CVE-2024-1459.md | 1 - 2024/CVE-2024-1635.md | 4 +- 2024/CVE-2024-1800.md | 3 + 2024/CVE-2024-20654.md | 2 +- 2024/CVE-2024-20655.md | 2 +- 2024/CVE-2024-20676.md | 2 +- 2024/CVE-2024-20677.md | 8 +- 2024/CVE-2024-21412.md | 1 + 2024/CVE-2024-21413.md | 1 + 2024/CVE-2024-21506.md | 8 +- 2024/CVE-2024-21512.md | 20 + 2024/CVE-2024-21655.md | 17 + 2024/CVE-2024-21683.md | 1 + 2024/CVE-2024-2174.md | 2 +- 2024/CVE-2024-2176.md | 2 +- 2024/CVE-2024-2182.md | 1 - 2024/CVE-2024-21893.md | 1 + 2024/CVE-2024-2197.md | 6 +- 2024/CVE-2024-22074.md | 17 + 2024/CVE-2024-22120.md | 1 + 2024/CVE-2024-22590.md | 17 + 2024/CVE-2024-22641.md | 18 + 2024/CVE-2024-23081.md | 17 + 2024/CVE-2024-23082.md | 17 + 2024/CVE-2024-23108.md | 1 + 2024/CVE-2024-2353.md | 1 + 2024/CVE-2024-23692.md | 17 + 2024/CVE-2024-23897.md | 2 + 2024/CVE-2024-23917.md | 1 + 2024/CVE-2024-24576.md | 1 + 2024/CVE-2024-2470.md | 17 + 2024/CVE-2024-24748.md | 1 + 2024/CVE-2024-24783.md | 17 + 2024/CVE-2024-24784.md | 1 + 2024/CVE-2024-24785.md | 1 + 2024/CVE-2024-24827.md | 1 + 2024/CVE-2024-24862.md | 8 +- 2024/CVE-2024-24863.md | 8 +- 2024/CVE-2024-24919.md | 21 + 2024/CVE-2024-25600.md | 39 + 2024/CVE-2024-25975.md | 17 + 2024/CVE-2024-25976.md | 17 + 2024/CVE-2024-25977.md | 17 + 2024/CVE-2024-26026.md | 1 + 2024/CVE-2024-26163.md | 1 - 2024/CVE-2024-26209.md | 1 + 2024/CVE-2024-2631.md | 2 +- 2024/CVE-2024-2700.md | 1 + 2024/CVE-2024-27085.md | 1 + 2024/CVE-2024-27100.md | 1 + 2024/CVE-2024-27348.md | 2 + 2024/CVE-2024-27822.md | 17 + 2024/CVE-2024-28085.md | 1 + 2024/CVE-2024-28242.md | 1 + 2024/CVE-2024-28736.md | 17 + 2024/CVE-2024-28757.md | 1 + 2024/CVE-2024-28886.md | 17 + 2024/CVE-2024-2961.md | 10 + 2024/CVE-2024-29895.md | 1 + 2024/CVE-2024-29972.md | 19 + 2024/CVE-2024-29973.md | 19 + 2024/CVE-2024-29974.md | 19 + 2024/CVE-2024-29975.md | 19 + 2024/CVE-2024-29976.md | 19 + 2024/CVE-2024-30018.md | 34 + 2024/CVE-2024-30043.md | 22 + 2024/CVE-2024-30165.md | 17 + 2024/CVE-2024-3050.md | 17 + 2024/CVE-2024-3094.md | 4 + 2024/CVE-2024-31099.md | 4 +- 2024/CVE-2024-31380.md | 5 +- 2024/CVE-2024-3154.md | 1 + 2024/CVE-2024-32002.md | 2 + 2024/CVE-2024-32004.md | 1 + 2024/CVE-2024-32020.md | 17 + 2024/CVE-2024-32021.md | 17 + 2024/CVE-2024-32113.md | 3 + 2024/CVE-2024-32114.md | 1 + 2024/CVE-2024-32465.md | 17 + 2024/CVE-2024-32752.md | 17 + 2024/CVE-2024-3293.md | 1 + 2024/CVE-2024-32944.md | 17 + 2024/CVE-2024-3322.md | 17 + 2024/CVE-2024-33599.md | 1 + 2024/CVE-2024-33600.md | 1 + 2024/CVE-2024-33601.md | 1 + 2024/CVE-2024-33602.md | 1 + 2024/CVE-2024-33655.md | 18 + 2024/CVE-2024-34002.md | 17 + 2024/CVE-2024-34003.md | 17 + 2024/CVE-2024-34004.md | 17 + 2024/CVE-2024-34005.md | 17 + 2024/CVE-2024-34051.md | 17 + 2024/CVE-2024-34342.md | 1 + 2024/CVE-2024-34470.md | 1 + 2024/CVE-2024-34832.md | 17 + 2024/CVE-2024-3495.md | 1 + 2024/CVE-2024-35195.md | 1 + 2024/CVE-2024-35333.md | 17 + 2024/CVE-2024-35374.md | 2 +- 2024/CVE-2024-35468.md | 17 + 2024/CVE-2024-35469.md | 17 + 2024/CVE-2024-35511.md | 18 + 2024/CVE-2024-35581.md | 17 + 2024/CVE-2024-35582.md | 17 + 2024/CVE-2024-35583.md | 17 + 2024/CVE-2024-36104.md | 19 + 2024/CVE-2024-36105.md | 2 +- 2024/CVE-2024-36108.md | 17 + 2024/CVE-2024-36109.md | 17 + 2024/CVE-2024-36118.md | 17 + 2024/CVE-2024-36120.md | 17 + 2024/CVE-2024-36123.md | 17 + 2024/CVE-2024-36127.md | 18 + 2024/CVE-2024-36129.md | 17 + 2024/CVE-2024-36399.md | 19 + 2024/CVE-2024-36400.md | 17 + 2024/CVE-2024-36428.md | 2 + 2024/CVE-2024-36547.md | 17 + 2024/CVE-2024-36548.md | 17 + 2024/CVE-2024-36549.md | 17 + 2024/CVE-2024-36550.md | 17 + 2024/CVE-2024-3657.md | 22 + 2024/CVE-2024-36667.md | 17 + 2024/CVE-2024-36668.md | 17 + 2024/CVE-2024-36669.md | 17 + 2024/CVE-2024-36670.md | 17 + 2024/CVE-2024-36674.md | 17 + 2024/CVE-2024-36675.md | 17 + 2024/CVE-2024-36774.md | 17 + 2024/CVE-2024-36775.md | 17 + 2024/CVE-2024-36779.md | 17 + 2024/CVE-2024-36783.md | 17 + 2024/CVE-2024-36795.md | 17 + 2024/CVE-2024-36800.md | 17 + 2024/CVE-2024-36801.md | 17 + 2024/CVE-2024-36843.md | 17 + 2024/CVE-2024-36844.md | 17 + 2024/CVE-2024-36845.md | 17 + 2024/CVE-2024-36857.md | 17 + 2024/CVE-2024-36858.md | 17 + 2024/CVE-2024-37273.md | 17 + 2024/CVE-2024-3768.md | 2 +- 2024/CVE-2024-3844.md | 2 +- 2024/CVE-2024-3846.md | 2 +- 2024/CVE-2024-3882.md | 17 + 2024/CVE-2024-3921.md | 17 + 2024/CVE-2024-3928.md | 2 +- 2024/CVE-2024-3931.md | 1 + 2024/CVE-2024-3932.md | 2 +- 2024/CVE-2024-3937.md | 17 + 2024/CVE-2024-3979.md | 2 +- 2024/CVE-2024-4057.md | 17 + 2024/CVE-2024-4180.md | 17 + 2024/CVE-2024-4295.md | 17 + 2024/CVE-2024-4358.md | 21 + 2024/CVE-2024-4367.md | 1 + 2024/CVE-2024-4443.md | 1 + 2024/CVE-2024-4469.md | 17 + 2024/CVE-2024-4611.md | 17 + 2024/CVE-2024-4718.md | 17 + 2024/CVE-2024-4749.md | 17 + 2024/CVE-2024-4750.md | 17 + 2024/CVE-2024-4810.md | 8 +- 2024/CVE-2024-4856.md | 17 + 2024/CVE-2024-4857.md | 17 + 2024/CVE-2024-4886.md | 17 + 2024/CVE-2024-4956.md | 3 + 2024/CVE-2024-4985.md | 1 + 2024/CVE-2024-5084.md | 1 + 2024/CVE-2024-5138.md | 17 + 2024/CVE-2024-5187.md | 17 + 2024/CVE-2024-5274.md | 17 + 2024/CVE-2024-5326.md | 17 + 2024/CVE-2024-5410.md | 17 + 2024/CVE-2024-5411.md | 17 + 2024/CVE-2024-5420.md | 19 + 2024/CVE-2024-5421.md | 19 + 2024/CVE-2024-5422.md | 19 + 2024/CVE-2024-5565.md | 17 + 2024/CVE-2024-5656.md | 17 + github.txt | 661 +++++++++++++ references.txt | 2017 ++++++++++++++++++++++++++++++++++++++ 878 files changed, 7144 insertions(+), 379 deletions(-) create mode 100644 2008/CVE-2008-0176.md create mode 100644 2011/CVE-2011-1562.md create mode 100644 2016/CVE-2016-1409.md create mode 100644 2016/CVE-2016-5423.md create mode 100644 2016/CVE-2016-6380.md create mode 100644 2017/CVE-2017-12087.md create mode 100644 2017/CVE-2017-18861.md create mode 100644 2017/CVE-2017-6770.md create mode 100644 2018/CVE-2018-12679.md create mode 100644 2018/CVE-2018-19417.md create mode 100644 2018/CVE-2018-19860.md create mode 100644 2019/CVE-2019-0583.md create mode 100644 2019/CVE-2019-14323.md create mode 100644 2019/CVE-2019-14431.md create mode 100644 2019/CVE-2019-9747.md create mode 100644 2019/CVE-2019-9749.md create mode 100644 2019/CVE-2019-9750.md create mode 100644 2019/CVE-2019-9928.md create mode 100644 2020/CVE-2020-3543.md create mode 100644 2020/CVE-2020-36325.md create mode 100644 2020/CVE-2020-5551.md create mode 100644 2021/CVE-2021-3899.md create mode 100644 2021/CVE-2021-3942.md create mode 100644 2022/CVE-2022-22075.md create mode 100644 2022/CVE-2022-22088.md create mode 100644 2022/CVE-2022-24695.md create mode 100644 2022/CVE-2022-2699.md create mode 100644 2022/CVE-2022-27948.md create mode 100644 2022/CVE-2022-29098.md create mode 100644 2022/CVE-2022-33255.md create mode 100644 2022/CVE-2022-33280.md create mode 100644 2022/CVE-2022-40503.md create mode 100644 2022/CVE-2022-40537.md create mode 100644 2022/CVE-2022-43216.md create mode 100644 2022/CVE-2022-45171.md create mode 100644 2022/CVE-2022-48681.md create mode 100644 2023/CVE-2023-21647.md create mode 100644 2023/CVE-2023-32054.md create mode 100644 2023/CVE-2023-36396.md create mode 100644 2023/CVE-2023-38706.md create mode 100644 2023/CVE-2023-39318.md create mode 100644 2023/CVE-2023-39319.md create mode 100644 2023/CVE-2023-39326.md create mode 100644 2023/CVE-2023-39804.md create mode 100644 2023/CVE-2023-40588.md create mode 100644 2023/CVE-2023-41042.md create mode 100644 2023/CVE-2023-41043.md create mode 100644 2023/CVE-2023-42757.md create mode 100644 2023/CVE-2023-43659.md create mode 100644 2023/CVE-2023-43814.md create mode 100644 2023/CVE-2023-44388.md create mode 100644 2023/CVE-2023-44391.md create mode 100644 2023/CVE-2023-45131.md create mode 100644 2023/CVE-2023-45147.md create mode 100644 2023/CVE-2023-45287.md create mode 100644 2023/CVE-2023-45289.md create mode 100644 2023/CVE-2023-45290.md create mode 100644 2023/CVE-2023-45806.md create mode 100644 2023/CVE-2023-45816.md create mode 100644 2023/CVE-2023-46130.md create mode 100644 2023/CVE-2023-47120.md create mode 100644 2023/CVE-2023-47121.md create mode 100644 2023/CVE-2023-48297.md create mode 100644 2023/CVE-2023-49099.md create mode 100644 2023/CVE-2023-50044.md create mode 100644 2023/CVE-2023-6702.md create mode 100644 2024/CVE-2024-0039.md create mode 100644 2024/CVE-2024-0756.md create mode 100644 2024/CVE-2024-0757.md create mode 100644 2024/CVE-2024-21512.md create mode 100644 2024/CVE-2024-21655.md create mode 100644 2024/CVE-2024-22074.md create mode 100644 2024/CVE-2024-22590.md create mode 100644 2024/CVE-2024-22641.md create mode 100644 2024/CVE-2024-23081.md create mode 100644 2024/CVE-2024-23082.md create mode 100644 2024/CVE-2024-23692.md create mode 100644 2024/CVE-2024-2470.md create mode 100644 2024/CVE-2024-24783.md create mode 100644 2024/CVE-2024-24919.md create mode 100644 2024/CVE-2024-25600.md create mode 100644 2024/CVE-2024-25975.md create mode 100644 2024/CVE-2024-25976.md create mode 100644 2024/CVE-2024-25977.md create mode 100644 2024/CVE-2024-27822.md create mode 100644 2024/CVE-2024-28736.md create mode 100644 2024/CVE-2024-28886.md create mode 100644 2024/CVE-2024-29972.md create mode 100644 2024/CVE-2024-29973.md create mode 100644 2024/CVE-2024-29974.md create mode 100644 2024/CVE-2024-29975.md create mode 100644 2024/CVE-2024-29976.md create mode 100644 2024/CVE-2024-30018.md create mode 100644 2024/CVE-2024-30043.md create mode 100644 2024/CVE-2024-30165.md create mode 100644 2024/CVE-2024-3050.md create mode 100644 2024/CVE-2024-32020.md create mode 100644 2024/CVE-2024-32021.md create mode 100644 2024/CVE-2024-32465.md create mode 100644 2024/CVE-2024-32752.md create mode 100644 2024/CVE-2024-32944.md create mode 100644 2024/CVE-2024-3322.md create mode 100644 2024/CVE-2024-33655.md create mode 100644 2024/CVE-2024-34002.md create mode 100644 2024/CVE-2024-34003.md create mode 100644 2024/CVE-2024-34004.md create mode 100644 2024/CVE-2024-34005.md create mode 100644 2024/CVE-2024-34051.md create mode 100644 2024/CVE-2024-34832.md create mode 100644 2024/CVE-2024-35333.md create mode 100644 2024/CVE-2024-35468.md create mode 100644 2024/CVE-2024-35469.md create mode 100644 2024/CVE-2024-35511.md create mode 100644 2024/CVE-2024-35581.md create mode 100644 2024/CVE-2024-35582.md create mode 100644 2024/CVE-2024-35583.md create mode 100644 2024/CVE-2024-36104.md create mode 100644 2024/CVE-2024-36108.md create mode 100644 2024/CVE-2024-36109.md create mode 100644 2024/CVE-2024-36118.md create mode 100644 2024/CVE-2024-36120.md create mode 100644 2024/CVE-2024-36123.md create mode 100644 2024/CVE-2024-36127.md create mode 100644 2024/CVE-2024-36129.md create mode 100644 2024/CVE-2024-36399.md create mode 100644 2024/CVE-2024-36400.md create mode 100644 2024/CVE-2024-36547.md create mode 100644 2024/CVE-2024-36548.md create mode 100644 2024/CVE-2024-36549.md create mode 100644 2024/CVE-2024-36550.md create mode 100644 2024/CVE-2024-3657.md create mode 100644 2024/CVE-2024-36667.md create mode 100644 2024/CVE-2024-36668.md create mode 100644 2024/CVE-2024-36669.md create mode 100644 2024/CVE-2024-36670.md create mode 100644 2024/CVE-2024-36674.md create mode 100644 2024/CVE-2024-36675.md create mode 100644 2024/CVE-2024-36774.md create mode 100644 2024/CVE-2024-36775.md create mode 100644 2024/CVE-2024-36779.md create mode 100644 2024/CVE-2024-36783.md create mode 100644 2024/CVE-2024-36795.md create mode 100644 2024/CVE-2024-36800.md create mode 100644 2024/CVE-2024-36801.md create mode 100644 2024/CVE-2024-36843.md create mode 100644 2024/CVE-2024-36844.md create mode 100644 2024/CVE-2024-36845.md create mode 100644 2024/CVE-2024-36857.md create mode 100644 2024/CVE-2024-36858.md create mode 100644 2024/CVE-2024-37273.md create mode 100644 2024/CVE-2024-3882.md create mode 100644 2024/CVE-2024-3921.md create mode 100644 2024/CVE-2024-3937.md create mode 100644 2024/CVE-2024-4057.md create mode 100644 2024/CVE-2024-4180.md create mode 100644 2024/CVE-2024-4295.md create mode 100644 2024/CVE-2024-4358.md create mode 100644 2024/CVE-2024-4469.md create mode 100644 2024/CVE-2024-4611.md create mode 100644 2024/CVE-2024-4718.md create mode 100644 2024/CVE-2024-4749.md create mode 100644 2024/CVE-2024-4750.md create mode 100644 2024/CVE-2024-4856.md create mode 100644 2024/CVE-2024-4857.md create mode 100644 2024/CVE-2024-4886.md create mode 100644 2024/CVE-2024-5138.md create mode 100644 2024/CVE-2024-5187.md create mode 100644 2024/CVE-2024-5274.md create mode 100644 2024/CVE-2024-5326.md create mode 100644 2024/CVE-2024-5410.md create mode 100644 2024/CVE-2024-5411.md create mode 100644 2024/CVE-2024-5420.md create mode 100644 2024/CVE-2024-5421.md create mode 100644 2024/CVE-2024-5422.md create mode 100644 2024/CVE-2024-5565.md create mode 100644 2024/CVE-2024-5656.md diff --git a/2000/CVE-2000-0114.md b/2000/CVE-2000-0114.md index 20cfd0cd9..5f256bf28 100644 --- a/2000/CVE-2000-0114.md +++ b/2000/CVE-2000-0114.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/0xPugal/One-Liners - https://github.com/0xPugazh/One-Liners - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/Cappricio-Securities/CVE-2000-0114 - https://github.com/Live-Hack-CVE/CVE-2000-0114 - https://github.com/POORVAJA-195/Nuclei-Analysis-main - https://github.com/bhavesh-pardhi/One-Liner diff --git a/2006/CVE-2006-4469.md b/2006/CVE-2006-4469.md index f47a6c395..76d94bac4 100644 --- a/2006/CVE-2006-4469.md +++ b/2006/CVE-2006-4469.md @@ -13,5 +13,6 @@ Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote att No PoCs from references. #### Github +- https://github.com/muchdogesec/cve2stix - https://github.com/p1ay8y3ar/cve_monitor diff --git a/2007/CVE-2007-5464.md b/2007/CVE-2007-5464.md index a2ec8187c..49d5803e1 100644 --- a/2007/CVE-2007-5464.md +++ b/2007/CVE-2007-5464.md @@ -11,6 +11,7 @@ Stack-based buffer overflow in Live for Speed 0.5X10 and earlier allows remote a #### Reference - http://aluigi.altervista.org/adv/lfscbof-adv.txt +- http://securityreason.com/securityalert/3234 #### Github No PoCs found on GitHub currently. diff --git a/2007/CVE-2007-5686.md b/2007/CVE-2007-5686.md index 48ebc2908..fafbfc2d1 100644 --- a/2007/CVE-2007-5686.md +++ b/2007/CVE-2007-5686.md @@ -24,5 +24,6 @@ No PoCs from references. - https://github.com/jasona7/ChatCVE - https://github.com/joelckwong/anchore - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/valancej/anchore-five-minutes diff --git a/2008/CVE-2008-0166.md b/2008/CVE-2008-0166.md index 5903ed558..c33aa5fb8 100644 --- a/2008/CVE-2008-0166.md +++ b/2008/CVE-2008-0166.md @@ -32,7 +32,10 @@ OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating system - https://github.com/badkeys/debianopenssl - https://github.com/brimstone/stars - https://github.com/chnzzh/OpenSSL-CVE-lib +- https://github.com/demining/Chinese-version-of-Bitcoin-blockchain-cryptanalysis - https://github.com/demining/CryptoDeepTools +- https://github.com/demining/Japanese-version-of-Bitcoin-blockchain-cryptanalysis +- https://github.com/demining/Korean-version-of-Bitcoin-blockchain-cryptanalysis - https://github.com/demining/Vulnerable-to-Debian-OpenSSL-bug-CVE-2008-0166 - https://github.com/g0tmi1k/debian-ssh - https://github.com/google/paranoid_crypto diff --git a/2008/CVE-2008-0176.md b/2008/CVE-2008-0176.md new file mode 100644 index 000000000..5d15cebc7 --- /dev/null +++ b/2008/CVE-2008-0176.md @@ -0,0 +1,17 @@ +### [CVE-2008-0176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0176) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Angelina612/CVSS-Severity-Predictor + diff --git a/2008/CVE-2008-0590.md b/2008/CVE-2008-0590.md index f7aaf41cf..3f644bfa3 100644 --- a/2008/CVE-2008-0590.md +++ b/2008/CVE-2008-0590.md @@ -10,6 +10,7 @@ Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authent ### POC #### Reference +- http://securityreason.com/securityalert/3609 - https://www.exploit-db.com/exploits/5044 #### Github diff --git a/2008/CVE-2008-4250.md b/2008/CVE-2008-4250.md index 004d7a8ae..52d24116c 100644 --- a/2008/CVE-2008-4250.md +++ b/2008/CVE-2008-4250.md @@ -50,6 +50,7 @@ The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP - https://github.com/nanotechz9l/cvesearch - https://github.com/nitishbadole/oscp-note-2 - https://github.com/notsag-dev/htb-legacy +- https://github.com/pxcs/CVE-29343-Sysmon-list - https://github.com/rmsbpro/rmsbpro - https://github.com/shashihacks/OSCP - https://github.com/shashihacks/OSWE diff --git a/2009/CVE-2009-2629.md b/2009/CVE-2009-2629.md index a89f807ca..bc41d7e26 100644 --- a/2009/CVE-2009-2629.md +++ b/2009/CVE-2009-2629.md @@ -13,6 +13,7 @@ Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6 No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/andrebro242/https-github.com-andrebro242-13-01.md - https://github.com/badd1e/Disclosures - https://github.com/secure-rewind-and-discard/sdrad_utils diff --git a/2009/CVE-2009-3555.md b/2009/CVE-2009-3555.md index a618c18c4..25f2a1d08 100644 --- a/2009/CVE-2009-3555.md +++ b/2009/CVE-2009-3555.md @@ -48,6 +48,7 @@ The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Micr - https://github.com/kasem545/vulnsearch - https://github.com/matoweb/Enumeration-Script - https://github.com/palmerabollo/egov +- https://github.com/pyllyukko/user.js - https://github.com/smabramov/Vulnerabilities-and-attacks-on-information-systems - https://github.com/withdk/pulse-secure-vpn-mitm-research - https://github.com/zzzWTF/db-13-01 diff --git a/2010/CVE-2010-3124.md b/2010/CVE-2010-3124.md index e4142fc0d..423c0f776 100644 --- a/2010/CVE-2010-3124.md +++ b/2010/CVE-2010-3124.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/CVEDB/awesome-cve-repo +- https://github.com/KOBUKOVUI/DLL_Injection_On_VLC diff --git a/2010/CVE-2010-4597.md b/2010/CVE-2010-4597.md index ac691a665..31d661324 100644 --- a/2010/CVE-2010-4597.md +++ b/2010/CVE-2010-4597.md @@ -13,5 +13,5 @@ Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX - http://www.exploit-db.com/exploits/15767 #### Github -No PoCs found on GitHub currently. +- https://github.com/Angelina612/CVSS-Severity-Predictor diff --git a/2011/CVE-2011-1562.md b/2011/CVE-2011-1562.md new file mode 100644 index 000000000..2be017059 --- /dev/null +++ b/2011/CVE-2011-1562.md @@ -0,0 +1,17 @@ +### [CVE-2011-1562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1562) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and execute arbitrary SQL statements via unspecified vectors related to a crafted POST request. NOTE: some sources have reported this issue as SQL injection, but this might not be accurate. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Angelina612/CVSS-Severity-Predictor + diff --git a/2011/CVE-2011-1563.md b/2011/CVE-2011-1563.md index cdf359b1a..1d1fca5e5 100644 --- a/2011/CVE-2011-1563.md +++ b/2011/CVE-2011-1563.md @@ -20,5 +20,5 @@ Multiple stack-based buffer overflows in the HMI application in DATAC RealFlex R - http://www.exploit-db.com/exploits/17025 #### Github -No PoCs found on GitHub currently. +- https://github.com/Angelina612/CVSS-Severity-Predictor diff --git a/2011/CVE-2011-3374.md b/2011/CVE-2011-3374.md index 4711f5f0f..ad0ac59fa 100644 --- a/2011/CVE-2011-3374.md +++ b/2011/CVE-2011-3374.md @@ -42,5 +42,6 @@ No PoCs from references. - https://github.com/simiyo/trivy - https://github.com/snyk-labs/helm-snyk - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/umahari/security diff --git a/2012/CVE-2012-1823.md b/2012/CVE-2012-1823.md index 40bf14135..44e0c6750 100644 --- a/2012/CVE-2012-1823.md +++ b/2012/CVE-2012-1823.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/CVEDB/PoC-List - https://github.com/CVEDB/awesome-cve-repo - https://github.com/CyberSavvy/python-pySecurity +- https://github.com/Fatalitysec/CVE-2012-1823 - https://github.com/J-16/Pentester-Bootcamp - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups - https://github.com/MrScytheLULZ/covid diff --git a/2012/CVE-2012-2611.md b/2012/CVE-2012-2611.md index f1d5b0805..8b5b7a377 100644 --- a/2012/CVE-2012-2611.md +++ b/2012/CVE-2012-2611.md @@ -13,5 +13,6 @@ The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15 - http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities #### Github +- https://github.com/Jean-Francois-C/SAP-Security-Audit - https://github.com/martingalloar/martingalloar diff --git a/2013/CVE-2013-0007.md b/2013/CVE-2013-0007.md index 7d22e96cf..2dfea6f5b 100644 --- a/2013/CVE-2013-0007.md +++ b/2013/CVE-2013-0007.md @@ -13,6 +13,7 @@ Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly pars No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/alphaSeclab/sec-daily-2019 - https://github.com/badd1e/Disclosures diff --git a/2013/CVE-2013-1445.md b/2013/CVE-2013-1445.md index eabb17b9e..719a133c4 100644 --- a/2013/CVE-2013-1445.md +++ b/2013/CVE-2013-1445.md @@ -13,5 +13,6 @@ The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly res No PoCs from references. #### Github +- https://github.com/isidroas/fortuna - https://github.com/jdacode/Blockchain-Electronic-Voting-System diff --git a/2013/CVE-2013-2566.md b/2013/CVE-2013-2566.md index e2d3484d9..1461445b8 100644 --- a/2013/CVE-2013-2566.md +++ b/2013/CVE-2013-2566.md @@ -38,6 +38,7 @@ The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single - https://github.com/mikemackintosh/ruby-qualys - https://github.com/nikolay480/devops-netology - https://github.com/pashicop/3.9_1 +- https://github.com/pyllyukko/user.js - https://github.com/stanmay77/security - https://github.com/tzaffi/testssl-report - https://github.com/vitaliivakhr/NETOLOGY diff --git a/2013/CVE-2013-3900.md b/2013/CVE-2013-3900.md index 23a0800df..85968465a 100644 --- a/2013/CVE-2013-3900.md +++ b/2013/CVE-2013-3900.md @@ -26,6 +26,7 @@ No PoCs from references. - https://github.com/SaimSA/Vulnerability-Management-with-Nessus - https://github.com/Securenetology/CVE-2013-3900 - https://github.com/The-Education-and-Skills-Partnership/WinVerifyTrust-Signature-Mitigation +- https://github.com/ellikt1/Vulnerability-Assessment - https://github.com/florylsk/SignatureGate - https://github.com/hiba-ahmad1/NessusVulnManagement - https://github.com/izj007/wechat diff --git a/2013/CVE-2013-4378.md b/2013/CVE-2013-4378.md index f5828bf66..b748a0939 100644 --- a/2013/CVE-2013-4378.md +++ b/2013/CVE-2013-4378.md @@ -13,6 +13,7 @@ Cross-site scripting (XSS) vulnerability in HtmlSessionInformationsReport.java i - http://seclists.org/oss-sec/2013/q3/679 #### Github +- https://github.com/epicosy/VUL4J-50 - https://github.com/theratpack/grails-javamelody-sample-app - https://github.com/tuhh-softsec/APR4Vul diff --git a/2014/CVE-2014-0160.md b/2014/CVE-2014-0160.md index 40df2f2f9..39917b329 100644 --- a/2014/CVE-2014-0160.md +++ b/2014/CVE-2014-0160.md @@ -313,6 +313,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/feiteira2/Pentest-Tools - https://github.com/fireorb/SSL-Scanner - https://github.com/fireorb/sslscanner +- https://github.com/forget-eve/Computer-Safety - https://github.com/froyo75/Heartbleed_Dockerfile_with_Nginx - https://github.com/fuzzr/example-openssl-1.0.1f - https://github.com/gbnv/temp @@ -433,6 +434,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/oneplus-x/Awesome-Pentest - https://github.com/oneplus-x/Sn1per - https://github.com/oneplush/hacking_tutorials +- https://github.com/orhun/flawz - https://github.com/oubaidHL/Security-Pack- - https://github.com/ozkanbilge/Payloads - https://github.com/paolokalvo/Ferramentas-Cyber-Security diff --git a/2014/CVE-2014-2024.md b/2014/CVE-2014-2024.md index b89510578..9fc8231a2 100644 --- a/2014/CVE-2014-2024.md +++ b/2014/CVE-2014-2024.md @@ -13,5 +13,5 @@ Cross-site scripting (XSS) vulnerability in classes/controller/error.php in Open - https://github.com/open-classifieds/openclassifieds2/issues/556 #### Github -No PoCs found on GitHub currently. +- https://github.com/pxcs/CVE-29343-Sysmon-list diff --git a/2014/CVE-2014-3566.md b/2014/CVE-2014-3566.md index 4ad3f04da..f0c99387c 100644 --- a/2014/CVE-2014-3566.md +++ b/2014/CVE-2014-3566.md @@ -102,6 +102,7 @@ The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses - https://github.com/odolezal/D-Link-DIR-655 - https://github.com/pashicop/3.9_1 - https://github.com/puppetlabs/puppetlabs-compliance_profile +- https://github.com/r0metheus/poodle-attack - https://github.com/r3p3r/1N3-MassBleed - https://github.com/rameezts/poodle_check - https://github.com/rvaralda/aws_poodle_fix diff --git a/2014/CVE-2014-4060.md b/2014/CVE-2014-4060.md index e8ae8f119..c45e51114 100644 --- a/2014/CVE-2014-4060.md +++ b/2014/CVE-2014-4060.md @@ -13,5 +13,6 @@ Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center T No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2014/CVE-2014-4210.md b/2014/CVE-2014-4210.md index 0ec9d4356..76beeef56 100644 --- a/2014/CVE-2014-4210.md +++ b/2014/CVE-2014-4210.md @@ -84,6 +84,7 @@ Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusi - https://github.com/password520/RedTeamer - https://github.com/pwnagelabs/VEF - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/ronoski/j2ee-rscan - https://github.com/skyblueflag/WebSecurityStudy diff --git a/2014/CVE-2014-4880.md b/2014/CVE-2014-4880.md index 09606835a..5d8f35797 100644 --- a/2014/CVE-2014-4880.md +++ b/2014/CVE-2014-4880.md @@ -13,5 +13,5 @@ Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other - http://packetstormsecurity.com/files/129187/Hikvision-DVR-RTSP-Request-Remote-Code-Execution.html #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2014/CVE-2014-6271.md b/2014/CVE-2014-6271.md index 17dbafa6a..2ae40466a 100644 --- a/2014/CVE-2014-6271.md +++ b/2014/CVE-2014-6271.md @@ -147,6 +147,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/HttpEduardo/ShellTHEbest - https://github.com/Hunter-404/shmilytly - https://github.com/IAmATeaPot418/insecure-deployments +- https://github.com/IZAORICASTm/CHARQITO_NET - https://github.com/ImranTheThirdEye/awesome-web-hacking - https://github.com/InfoSecDion/Splunk-Incident-Response-Lab - https://github.com/JERRY123S/all-poc @@ -190,6 +191,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/NCSU-DANCE-Research-Group/CDL - https://github.com/Nieuport/Awesome-Security - https://github.com/Nieuport/PayloadsAllTheThings +- https://github.com/NikolaKostadinov01/Cyber-Security-Base-project-two - https://github.com/OshekharO/Penetration-Testing - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors diff --git a/2014/CVE-2014-6277.md b/2014/CVE-2014-6277.md index f2b93fc97..8d992177e 100644 --- a/2014/CVE-2014-6277.md +++ b/2014/CVE-2014-6277.md @@ -18,6 +18,7 @@ GNU Bash through 4.3 bash43-026 does not properly parse function definitions in #### Github - https://github.com/EvanK/shocktrooper +- https://github.com/IZAORICASTm/CHARQITO_NET - https://github.com/MrCl0wnLab/ShellShockHunter - https://github.com/demining/ShellShock-Attack - https://github.com/giterlizzi/secdb-feeds diff --git a/2014/CVE-2014-7169.md b/2014/CVE-2014-7169.md index 3fee37189..543807939 100644 --- a/2014/CVE-2014-7169.md +++ b/2014/CVE-2014-7169.md @@ -27,6 +27,7 @@ GNU Bash through 4.3 bash43-025 processes trailing strings after certain malform - https://github.com/CyberlearnbyVK/redteam-notebook - https://github.com/EvanK/shocktrooper - https://github.com/Gobinath-B/SHELL-SCHOCK +- https://github.com/IZAORICASTm/CHARQITO_NET - https://github.com/JPedroVentura/Shocker - https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups - https://github.com/LubinLew/WEB-CVE diff --git a/2015/CVE-2015-2515.md b/2015/CVE-2015-2515.md index 626b4c945..9c86f277c 100644 --- a/2015/CVE-2015-2515.md +++ b/2015/CVE-2015-2515.md @@ -13,5 +13,6 @@ Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Wi No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2015/CVE-2015-2712.md b/2015/CVE-2015-2712.md index f722d3e44..875c77a01 100644 --- a/2015/CVE-2015-2712.md +++ b/2015/CVE-2015-2712.md @@ -14,5 +14,5 @@ The asm.js implementation in Mozilla Firefox before 38.0 does not properly deter - https://bugzilla.mozilla.org/show_bug.cgi?id=1152280 #### Github -No PoCs found on GitHub currently. +- https://github.com/pyllyukko/user.js diff --git a/2015/CVE-2015-2743.md b/2015/CVE-2015-2743.md index 4ed08746b..1a064f91b 100644 --- a/2015/CVE-2015-2743.md +++ b/2015/CVE-2015-2743.md @@ -14,5 +14,5 @@ PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x - http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html #### Github -No PoCs found on GitHub currently. +- https://github.com/pyllyukko/user.js diff --git a/2015/CVE-2015-3276.md b/2015/CVE-2015-3276.md index 54ff2a907..f86571e46 100644 --- a/2015/CVE-2015-3276.md +++ b/2015/CVE-2015-3276.md @@ -15,4 +15,5 @@ The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/chnzzh/OpenSSL-CVE-lib +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2015/CVE-2015-3306.md b/2015/CVE-2015-3306.md index e3fea627c..d763269f1 100644 --- a/2015/CVE-2015-3306.md +++ b/2015/CVE-2015-3306.md @@ -55,6 +55,7 @@ The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write t - https://github.com/lnick2023/nicenice - https://github.com/m4udSec/ProFTPD_CVE-2015-3306 - https://github.com/maxbardreausupdevinci/jokertitoolbox +- https://github.com/mr-exo/shodan-dorks - https://github.com/nodoyuna09/eHacking_LABS - https://github.com/nootropics/propane - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2015/CVE-2015-4852.md b/2015/CVE-2015-4852.md index 74b44338a..d6325a9aa 100644 --- a/2015/CVE-2015-4852.md +++ b/2015/CVE-2015-4852.md @@ -67,6 +67,7 @@ The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3. - https://github.com/password520/RedTeamer - https://github.com/psadmin-io/weblogic-patching-scripts - https://github.com/qiqiApink/apkRepair +- https://github.com/rabbitmask/WeblogicScan - https://github.com/roo7break/serialator - https://github.com/rosewachera-rw/vulnassessment - https://github.com/safe6Sec/WeblogicVuln diff --git a/2016/CVE-2016-0143.md b/2016/CVE-2016-0143.md index f210dadc0..a3d054563 100644 --- a/2016/CVE-2016-0143.md +++ b/2016/CVE-2016-0143.md @@ -13,5 +13,6 @@ The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 a - https://www.exploit-db.com/exploits/39712/ #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2016/CVE-2016-0171.md b/2016/CVE-2016-0171.md index 3c20b45c0..40acc9237 100644 --- a/2016/CVE-2016-0171.md +++ b/2016/CVE-2016-0171.md @@ -15,5 +15,6 @@ The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 #### Github - https://github.com/CyberRoute/rdpscan +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2016/CVE-2016-0638.md b/2016/CVE-2016-0638.md index 6a30bd2f9..85cde6095 100644 --- a/2016/CVE-2016-0638.md +++ b/2016/CVE-2016-0638.md @@ -57,6 +57,7 @@ Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusi - https://github.com/openx-org/BLEN - https://github.com/password520/RedTeamer - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/safe6Sec/WeblogicVuln - https://github.com/safe6Sec/wlsEnv diff --git a/2016/CVE-2016-10033.md b/2016/CVE-2016-10033.md index fcda2eeea..9cad68133 100644 --- a/2016/CVE-2016-10033.md +++ b/2016/CVE-2016-10033.md @@ -172,6 +172,7 @@ The mailSend function in the isMail transport in PHPMailer before 5.2.18 might a - https://github.com/morkamimi/poop - https://github.com/nFnK/PHPMailer - https://github.com/natsootail/alumni +- https://github.com/nh0k016/Haki-Store - https://github.com/nyamleeze/commit_testing - https://github.com/opsxcq/exploit-CVE-2016-10033 - https://github.com/paralelo14/CVE_2016-10033 diff --git a/2016/CVE-2016-10045.md b/2016/CVE-2016-10045.md index 0593003b8..47fc0585e 100644 --- a/2016/CVE-2016-10045.md +++ b/2016/CVE-2016-10045.md @@ -123,6 +123,7 @@ The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to - https://github.com/morkamimi/poop - https://github.com/nFnK/PHPMailer - https://github.com/natsootail/alumni +- https://github.com/nh0k016/Haki-Store - https://github.com/nyamleeze/commit_testing - https://github.com/pctechsupport123/php - https://github.com/pedro823/cve-2016-10033-45 diff --git a/2016/CVE-2016-1409.md b/2016/CVE-2016-1409.md new file mode 100644 index 000000000..90e9824a7 --- /dev/null +++ b/2016/CVE-2016-1409.md @@ -0,0 +1,17 @@ +### [CVE-2016-1409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1409) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2016/CVE-2016-2107.md b/2016/CVE-2016-2107.md index 00d00261c..cbb1b3a0e 100644 --- a/2016/CVE-2016-2107.md +++ b/2016/CVE-2016-2107.md @@ -29,6 +29,7 @@ The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does #### Github - https://github.com/1o24er/Python- +- https://github.com/20142995/sectool - https://github.com/ARPSyndicate/cvemon - https://github.com/CVEDB/PoC-List - https://github.com/CVEDB/awesome-cve-repo diff --git a/2016/CVE-2016-3088.md b/2016/CVE-2016-3088.md index bc43cb12e..515ab3dd2 100644 --- a/2016/CVE-2016-3088.md +++ b/2016/CVE-2016-3088.md @@ -46,7 +46,9 @@ The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remot - https://github.com/hktalent/bug-bounty - https://github.com/jiushill/haq5201314 - https://github.com/jweny/pocassistdb +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/lnick2023/nicenice - https://github.com/openx-org/BLEN - https://github.com/pravinsrc/NOTES-windows-kernel-links diff --git a/2016/CVE-2016-3510.md b/2016/CVE-2016-3510.md index 4d0e572f1..8514477c6 100644 --- a/2016/CVE-2016-3510.md +++ b/2016/CVE-2016-3510.md @@ -87,6 +87,7 @@ Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusi - https://github.com/orgTestCodacy11KRepos110MB/repo-5832-java-deserialization-exploits - https://github.com/password520/RedTeamer - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/ranjan-prp/PayloadsAllTheThings - https://github.com/ravijainpro/payloads_xss diff --git a/2016/CVE-2016-5423.md b/2016/CVE-2016-5423.md new file mode 100644 index 000000000..bd892f727 --- /dev/null +++ b/2016/CVE-2016-5423.md @@ -0,0 +1,17 @@ +### [CVE-2016-5423](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5423) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/digoal/blog + diff --git a/2016/CVE-2016-6380.md b/2016/CVE-2016-6380.md new file mode 100644 index 000000000..fb3ac4787 --- /dev/null +++ b/2016/CVE-2016-6380.md @@ -0,0 +1,17 @@ +### [CVE-2016-6380](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6380) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2017/CVE-2017-0143.md b/2017/CVE-2017-0143.md index 911309983..133b63c7f 100644 --- a/2017/CVE-2017-0143.md +++ b/2017/CVE-2017-0143.md @@ -33,6 +33,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks - https://github.com/Esther7171/Ice +- https://github.com/GhostTroops/scan4all - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/H3xL00m/MS17-010_CVE-2017-0143 - https://github.com/HacTF/poc--exp @@ -102,7 +103,9 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/infosecn1nja/AD-Attack-Defense - https://github.com/jeredbare/ms17-010_to_slack - https://github.com/k4u5h41/MS17-010_CVE-2017-0143 +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups - https://github.com/liorsivan/hackthebox-machines - https://github.com/lnick2023/nicenice diff --git a/2017/CVE-2017-0144.md b/2017/CVE-2017-0144.md index de22718aa..80555f69b 100644 --- a/2017/CVE-2017-0144.md +++ b/2017/CVE-2017-0144.md @@ -39,6 +39,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Frat1n/Escalibur_Framework - https://github.com/FutureComputing4AI/ClarAVy - https://github.com/GhostTroops/TOP +- https://github.com/GhostTroops/scan4all - https://github.com/GoDsUnReAL/fun - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/Itz-Ayanokoji/All-in-one-termux-tools @@ -105,7 +106,9 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/jbmihoub/all-poc - https://github.com/joyce8/MalDICT - https://github.com/just0rg/Security-Interview +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/kdcloverkid/https-github.com-kdcloverkid-awesome-termux-hacking - https://github.com/kgwanjala/oscp-cheatsheet - https://github.com/kimocoder/eternalblue diff --git a/2017/CVE-2017-0145.md b/2017/CVE-2017-0145.md index db3bd6a0c..83cd9e38f 100644 --- a/2017/CVE-2017-0145.md +++ b/2017/CVE-2017-0145.md @@ -30,6 +30,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks - https://github.com/GhostTroops/TOP +- https://github.com/GhostTroops/scan4all - https://github.com/GoDsUnReAL/fun - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/Itz-Ayanokoji/All-in-one-termux-tools @@ -72,6 +73,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/hktalent/scan4all - https://github.com/infosecn1nja/AD-Attack-Defense - https://github.com/jbmihoub/all-poc +- https://github.com/k8gege/PowerLadon - https://github.com/kdcloverkid/https-github.com-kdcloverkid-awesome-termux-hacking - https://github.com/lnick2023/nicenice - https://github.com/may215/awesome-termux-hacking diff --git a/2017/CVE-2017-0146.md b/2017/CVE-2017-0146.md index 9bf3118fa..188abf50e 100644 --- a/2017/CVE-2017-0146.md +++ b/2017/CVE-2017-0146.md @@ -22,6 +22,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Cruxer8Mech/Idk - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +- https://github.com/GhostTroops/scan4all - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense @@ -51,6 +52,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense- - https://github.com/hktalent/scan4all - https://github.com/infosecn1nja/AD-Attack-Defense +- https://github.com/k8gege/PowerLadon - https://github.com/lnick2023/nicenice - https://github.com/merlinepedra/SCAN4LL - https://github.com/merlinepedra25/SCAN4ALL-1 diff --git a/2017/CVE-2017-0147.md b/2017/CVE-2017-0147.md index 800424a41..3e3d78cb0 100644 --- a/2017/CVE-2017-0147.md +++ b/2017/CVE-2017-0147.md @@ -19,6 +19,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/FutureComputing4AI/ClarAVy +- https://github.com/GhostTroops/scan4all - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/Kiz619ao630/StepwisePolicy3 - https://github.com/Lynk4/Windows-Server-2008-VAPT diff --git a/2017/CVE-2017-0148.md b/2017/CVE-2017-0148.md index c976819e2..0bfbbaf7c 100644 --- a/2017/CVE-2017-0148.md +++ b/2017/CVE-2017-0148.md @@ -21,6 +21,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/Cruxer8Mech/Idk - https://github.com/Cyberwatch/cyberwatch_api_powershell - https://github.com/ErdemOzgen/ActiveDirectoryAttacks +- https://github.com/GhostTroops/scan4all - https://github.com/Guccifer808/doublepulsar-scanner-golang - https://github.com/HakaKali/CVE-2017-0148 - https://github.com/Kiz619ao630/StepwisePolicy3 @@ -51,6 +52,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense- - https://github.com/hktalent/scan4all - https://github.com/infosecn1nja/AD-Attack-Defense +- https://github.com/k8gege/PowerLadon - https://github.com/lnick2023/nicenice - https://github.com/maragard/genestealer - https://github.com/merlinepedra/SCAN4LL diff --git a/2017/CVE-2017-0785.md b/2017/CVE-2017-0785.md index 81cb45af2..5f2fa464e 100644 --- a/2017/CVE-2017-0785.md +++ b/2017/CVE-2017-0785.md @@ -79,6 +79,7 @@ A information disclosure vulnerability in the Android system (bluetooth). Produc - https://github.com/rootabeta/shellfish - https://github.com/rootcode369/shellfish - https://github.com/severnake/Pentest-Tools +- https://github.com/sgxgsx/BlueToolkit - https://github.com/sh4rknado/BlueBorn - https://github.com/sigbitsadmin/diff - https://github.com/skhjacksonheights/blSCAN_skh diff --git a/2017/CVE-2017-1000250.md b/2017/CVE-2017-1000250.md index 9e2c13e96..6ebe1d44d 100644 --- a/2017/CVE-2017-1000250.md +++ b/2017/CVE-2017-1000250.md @@ -21,4 +21,5 @@ All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an in - https://github.com/giterlizzi/secdb-feeds - https://github.com/hw5773/blueborne - https://github.com/olav-st/CVE-2017-1000250-PoC +- https://github.com/sgxgsx/BlueToolkit diff --git a/2017/CVE-2017-1000251.md b/2017/CVE-2017-1000251.md index f43988500..a9dd5736e 100644 --- a/2017/CVE-2017-1000251.md +++ b/2017/CVE-2017-1000251.md @@ -19,6 +19,7 @@ The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux ke - https://github.com/ArmisSecurity/blueborne - https://github.com/AxelRoudaut/THC_BlueBorne - https://github.com/CrackSoft900/Blue-Borne +- https://github.com/Cyber-Cole/Network_Analysis_with_NMAP_and_Wireshark - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Lexus89/blueborne - https://github.com/Lukembou/Vulnerability-Scanning @@ -46,6 +47,7 @@ The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux ke - https://github.com/ndk191/linux-kernel-exploitation - https://github.com/own2pwn/blueborne-CVE-2017-1000251-POC - https://github.com/qazbnm456/awesome-cve-poc +- https://github.com/sgxgsx/BlueToolkit - https://github.com/ssr-111/linux-kernel-exploitation - https://github.com/tlatkdgus1/blueborne-CVE-2017-1000251 - https://github.com/xairy/linux-kernel-exploitation diff --git a/2017/CVE-2017-10125.md b/2017/CVE-2017-10125.md index 458c4651c..125873822 100644 --- a/2017/CVE-2017-10125.md +++ b/2017/CVE-2017-10125.md @@ -13,5 +13,5 @@ Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployme - http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html #### Github -No PoCs found on GitHub currently. +- https://github.com/RoganDawes/P4wnP1 diff --git a/2017/CVE-2017-10271.md b/2017/CVE-2017-10271.md index 5939a52e1..a3ea7a4bb 100644 --- a/2017/CVE-2017-10271.md +++ b/2017/CVE-2017-10271.md @@ -207,6 +207,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/qince1455373819/awesome-honeypots - https://github.com/r0eXpeR/redteam_vul - https://github.com/r4b3rt/CVE-2017-10271 +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/rambleZzz/weblogic_CVE_2017_10271 - https://github.com/ranjan-prp/PayloadsAllTheThings diff --git a/2017/CVE-2017-11283.md b/2017/CVE-2017-11283.md index 8884fc0c1..c2a09fb84 100644 --- a/2017/CVE-2017-11283.md +++ b/2017/CVE-2017-11283.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/BrittanyKuhn/javascript-tutorial - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/gyyyy/footprint - https://github.com/klausware/Java-Deserialization-Cheat-Sheet - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet diff --git a/2017/CVE-2017-12087.md b/2017/CVE-2017-12087.md new file mode 100644 index 000000000..8d7bbd25e --- /dev/null +++ b/2017/CVE-2017-12087.md @@ -0,0 +1,17 @@ +### [CVE-2017-12087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12087) +![](https://img.shields.io/static/v1?label=Product&message=Tinysvcmdns&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=heap%20overflow&color=brighgreen) + +### Description + +An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2017/CVE-2017-12130.md b/2017/CVE-2017-12130.md index f3121c58e..5da51589a 100644 --- a/2017/CVE-2017-12130.md +++ b/2017/CVE-2017-12130.md @@ -13,5 +13,5 @@ An exploitable NULL pointer dereference vulnerability exists in the tinysvcmdns - https://talosintelligence.com/vulnerability_reports/TALOS-2017-0486 #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2017/CVE-2017-12149.md b/2017/CVE-2017-12149.md index ee16e1a3c..58b929ce4 100644 --- a/2017/CVE-2017-12149.md +++ b/2017/CVE-2017-12149.md @@ -56,6 +56,7 @@ In Jboss Application Server as shipped with Red Hat Enterprise Application Platf - https://github.com/TSY244/scan_node - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/VVeakee/CVE-2017-12149 - https://github.com/Weik1/Artillery - https://github.com/Xcatolin/jboss-deserialization diff --git a/2017/CVE-2017-12615.md b/2017/CVE-2017-12615.md index 727404a63..d56913481 100644 --- a/2017/CVE-2017-12615.md +++ b/2017/CVE-2017-12615.md @@ -45,6 +45,7 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e. - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Weik1/Artillery - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YgorAlberto/Ethical-Hacker @@ -73,7 +74,9 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e. - https://github.com/ianxtianxt/CVE-2017-12615 - https://github.com/ilhamrzr/ApacheTomcat - https://github.com/jweny/pocassistdb +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/lions2012/Penetration_Testing_POC - https://github.com/lnick2023/nicenice - https://github.com/lp008/Hack-readme diff --git a/2017/CVE-2017-12629.md b/2017/CVE-2017-12629.md index 4b0e92a78..363b618c3 100644 --- a/2017/CVE-2017-12629.md +++ b/2017/CVE-2017-12629.md @@ -45,6 +45,7 @@ Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before - https://github.com/mustblade/solr_hacktool - https://github.com/p4d0rn/Siren - https://github.com/password520/RedTeamer +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/ronoski/j2ee-rscan - https://github.com/tdwyer/PoC_CVE-2017-3164_CVE-2017-1262 - https://github.com/veracode-research/solr-injection diff --git a/2017/CVE-2017-13716.md b/2017/CVE-2017-13716.md index 879ba6730..0fb97f6fd 100644 --- a/2017/CVE-2017-13716.md +++ b/2017/CVE-2017-13716.md @@ -19,5 +19,6 @@ No PoCs from references. - https://github.com/siddharthraopotukuchi/trivy - https://github.com/simiyo/trivy - https://github.com/t31m0/Vulnerability-Scanner-for-Containers +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/umahari/security diff --git a/2017/CVE-2017-14159.md b/2017/CVE-2017-14159.md index 033a124fb..8d36ac853 100644 --- a/2017/CVE-2017-14159.md +++ b/2017/CVE-2017-14159.md @@ -15,4 +15,5 @@ slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privilege #### Github - https://github.com/andir/nixos-issue-db-example - https://github.com/jparrill/preview-grafeas +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2017/CVE-2017-16905.md b/2017/CVE-2017-16905.md index df2571fbc..29e07a2e2 100644 --- a/2017/CVE-2017-16905.md +++ b/2017/CVE-2017-16905.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups - https://github.com/Hacker-Fighter001/Bug-Bounty-Hunter-Articles - https://github.com/ImranTheThirdEye/Awesome-Bugbounty-Writeups +- https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups - https://github.com/Prodrious/writeups - https://github.com/R3dg0/writeups diff --git a/2017/CVE-2017-17740.md b/2017/CVE-2017-17740.md index 7bb72765c..385ce9e63 100644 --- a/2017/CVE-2017-17740.md +++ b/2017/CVE-2017-17740.md @@ -15,4 +15,5 @@ contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops #### Github - https://github.com/andir/nixos-issue-db-example +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2017/CVE-2017-18018.md b/2017/CVE-2017-18018.md index c078f9687..c4e6083cc 100644 --- a/2017/CVE-2017-18018.md +++ b/2017/CVE-2017-18018.md @@ -27,4 +27,5 @@ No PoCs from references. - https://github.com/garethr/snykout - https://github.com/mauraneh/WIK-DPS-TP02 - https://github.com/phonito/phonito-scanner-action +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2017/CVE-2017-18861.md b/2017/CVE-2017-18861.md new file mode 100644 index 000000000..4cd33d072 --- /dev/null +++ b/2017/CVE-2017-18861.md @@ -0,0 +1,17 @@ +### [CVE-2017-18861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18861) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Certain NETGEAR devices are affected by CSRF. This affects ReadyNAS Surveillance 1.4.3-15-x86 and earlier and ReadyNAS Surveillance 1.1.4-5-ARM and earlier. + +### POC + +#### Reference +- https://kb.netgear.com/000038435/Security-Advisory-for-ReadyNAS-Surveillance-CSRF-Remote-Code-Execution-PSV-2017-0578 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2017/CVE-2017-2624.md b/2017/CVE-2017-2624.md index 4cda73584..5dac8e36a 100644 --- a/2017/CVE-2017-2624.md +++ b/2017/CVE-2017-2624.md @@ -13,5 +13,5 @@ It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check - https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/ #### Github -No PoCs found on GitHub currently. +- https://github.com/nediazla/LinuxFundamentals diff --git a/2017/CVE-2017-2625.md b/2017/CVE-2017-2625.md index bf5cc65f6..ab0603b70 100644 --- a/2017/CVE-2017-2625.md +++ b/2017/CVE-2017-2625.md @@ -13,5 +13,5 @@ It was discovered that libXdmcp before 1.1.2 including used weak entropy to gene - https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/ #### Github -No PoCs found on GitHub currently. +- https://github.com/nediazla/LinuxFundamentals diff --git a/2017/CVE-2017-2626.md b/2017/CVE-2017-2626.md index 7b7ae86ba..1373ee6aa 100644 --- a/2017/CVE-2017-2626.md +++ b/2017/CVE-2017-2626.md @@ -14,4 +14,5 @@ It was discovered that libICE before 1.0.9-8 used a weak entropy to generate key #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/nediazla/LinuxFundamentals diff --git a/2017/CVE-2017-3248.md b/2017/CVE-2017-3248.md index 8c328827e..84d4e8eff 100644 --- a/2017/CVE-2017-3248.md +++ b/2017/CVE-2017-3248.md @@ -67,6 +67,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go - https://github.com/quentinhardy/scriptsAndExploits +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/rockmelodies/rocComExpRce - https://github.com/rudinyu/KB diff --git a/2017/CVE-2017-3506.md b/2017/CVE-2017-3506.md index fe1c418db..51b03cd8d 100644 --- a/2017/CVE-2017-3506.md +++ b/2017/CVE-2017-3506.md @@ -81,6 +81,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/pwnagelabs/VEF - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/safe6Sec/WeblogicVuln - https://github.com/safe6Sec/wlsEnv diff --git a/2017/CVE-2017-5223.md b/2017/CVE-2017-5223.md index 697b6609f..dbb05752b 100644 --- a/2017/CVE-2017-5223.md +++ b/2017/CVE-2017-5223.md @@ -113,6 +113,7 @@ An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method a - https://github.com/morkamimi/poop - https://github.com/nFnK/PHPMailer - https://github.com/natsootail/alumni +- https://github.com/nh0k016/Haki-Store - https://github.com/nyamleeze/commit_testing - https://github.com/pctechsupport123/php - https://github.com/prakashshubham13/portfolio diff --git a/2017/CVE-2017-5244.md b/2017/CVE-2017-5244.md index 8bfe48c42..a9962697a 100644 --- a/2017/CVE-2017-5244.md +++ b/2017/CVE-2017-5244.md @@ -18,6 +18,7 @@ Routes used to stop running Metasploit tasks (either particular ones or all task - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups - https://github.com/Hacker-Fighter001/Bug-Bounty-Hunter-Articles - https://github.com/ImranTheThirdEye/Awesome-Bugbounty-Writeups +- https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups - https://github.com/Prodrious/writeups - https://github.com/R3dg0/writeups diff --git a/2017/CVE-2017-6770.md b/2017/CVE-2017-6770.md new file mode 100644 index 000000000..05ff15fa8 --- /dev/null +++ b/2017/CVE-2017-6770.md @@ -0,0 +1,17 @@ +### [CVE-2017-6770](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6770) +![](https://img.shields.io/static/v1?label=Product&message=Multiple%20Cisco%20Products&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20&color=brighgreen) + +### Description + +Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast OSPF LSA type 1 packets. No other LSA type packets can trigger this vulnerability. OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability. Cisco Bug IDs: CSCva74756, CSCve47393, CSCve47401. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2017/CVE-2017-7243.md b/2017/CVE-2017-7243.md index 048f35c2b..1e1afb08a 100644 --- a/2017/CVE-2017-7243.md +++ b/2017/CVE-2017-7243.md @@ -13,5 +13,6 @@ Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial No PoCs from references. #### Github +- https://github.com/Samsung/cotopaxi - https://github.com/q40603/Continuous-Invivo-Fuzz diff --git a/2017/CVE-2017-7269.md b/2017/CVE-2017-7269.md index d422903ac..3c940cd60 100644 --- a/2017/CVE-2017-7269.md +++ b/2017/CVE-2017-7269.md @@ -46,6 +46,7 @@ Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in In - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks - https://github.com/ThanHuuTuan/CVE-2017-7269 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/ZTK-009/RedTeamer diff --git a/2017/CVE-2017-8360.md b/2017/CVE-2017-8360.md index 2a91a16cf..882ffcd48 100644 --- a/2017/CVE-2017-8360.md +++ b/2017/CVE-2017-8360.md @@ -14,5 +14,6 @@ Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZB #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/ffffffff0x/Dork-Admin - https://github.com/thom-s/nessus-compliance diff --git a/2017/CVE-2017-8514.md b/2017/CVE-2017-8514.md index 36b18490c..838b23815 100644 --- a/2017/CVE-2017-8514.md +++ b/2017/CVE-2017-8514.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups - https://github.com/Hacker-Fighter001/Bug-Bounty-Hunter-Articles - https://github.com/ImranTheThirdEye/Awesome-Bugbounty-Writeups +- https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups - https://github.com/Prodrious/writeups - https://github.com/R3dg0/writeups diff --git a/2017/CVE-2017-8759.md b/2017/CVE-2017-8759.md index 59585964a..e967e2679 100644 --- a/2017/CVE-2017-8759.md +++ b/2017/CVE-2017-8759.md @@ -120,6 +120,7 @@ Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow - https://github.com/smashinu/CVE-2017-8759Expoit - https://github.com/sumas/APT_CyberCriminal_Campagin_Collections - https://github.com/svbjdbk123/- +- https://github.com/sythass/CVE-2017-8759 - https://github.com/t31m0/Red-Teaming-Toolkit - https://github.com/thezimtex/red-team - https://github.com/twensoo/PersistentThreat diff --git a/2017/CVE-2017-9805.md b/2017/CVE-2017-9805.md index fefde3aca..c5e8026c5 100644 --- a/2017/CVE-2017-9805.md +++ b/2017/CVE-2017-9805.md @@ -52,6 +52,7 @@ The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x bef - https://github.com/Lone-Ranger/apache-struts-pwn_CVE-2017-9805 - https://github.com/Muhammd/Awesome-Payloads - https://github.com/Nieuport/PayloadsAllTheThings +- https://github.com/NikolaKostadinov01/Cyber-Security-Base-project-two - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/PalindromeLabs/Java-Deserialization-CVEs diff --git a/2018/CVE-2018-0893.md b/2018/CVE-2018-0893.md index c349e67de..7bd0b545f 100644 --- a/2018/CVE-2018-0893.md +++ b/2018/CVE-2018-0893.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures - https://github.com/lnick2023/nicenice - https://github.com/qazbnm456/awesome-cve-poc diff --git a/2018/CVE-2018-1000021.md b/2018/CVE-2018-1000021.md index c79605b06..1f7d5f351 100644 --- a/2018/CVE-2018-1000021.md +++ b/2018/CVE-2018-1000021.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/adegoodyer/ubuntu +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2018/CVE-2018-1000861.md b/2018/CVE-2018-1000861.md index 1a2b178ea..8711efe38 100644 --- a/2018/CVE-2018-1000861.md +++ b/2018/CVE-2018-1000861.md @@ -45,6 +45,7 @@ A code execution vulnerability exists in the Stapler web framework used by Jenki - https://github.com/TheBeastofwar/JenkinsExploit-GUI - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/Zompire/cc_talk_2021 diff --git a/2018/CVE-2018-1058.md b/2018/CVE-2018-1058.md index fe5249d1a..60d10a567 100644 --- a/2018/CVE-2018-1058.md +++ b/2018/CVE-2018-1058.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/claranet/terraform-azurerm-db-postgresql - https://github.com/claranet/terraform-azurerm-db-postgresql-flexible - https://github.com/claranet/terraform-postgresql-database-configuration +- https://github.com/digoal/blog - https://github.com/hxysaury/saury-vulnhub - https://github.com/ngadminq/Bei-Gai-penetration-test-guide - https://github.com/stilet/postgraphile-simple-express-starter diff --git a/2018/CVE-2018-1260.md b/2018/CVE-2018-1260.md index c93651e3f..fa2cac85e 100644 --- a/2018/CVE-2018-1260.md +++ b/2018/CVE-2018-1260.md @@ -18,5 +18,6 @@ No PoCs from references. - https://github.com/Drun1baby/CVE-Reproduction-And-Analysis - https://github.com/SexyBeast233/SecBooks - https://github.com/ax1sX/SpringSecurity +- https://github.com/gyyyy/footprint - https://github.com/langu-xyz/JavaVulnMap diff --git a/2018/CVE-2018-1261.md b/2018/CVE-2018-1261.md index c85318b68..ae15816ce 100644 --- a/2018/CVE-2018-1261.md +++ b/2018/CVE-2018-1261.md @@ -16,6 +16,7 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/ExpLangcn/FuYao-Go - https://github.com/ax1sX/SpringSecurity +- https://github.com/gyyyy/footprint - https://github.com/jpbprakash/vuln - https://github.com/mile9299/zip-slip-vulnerability - https://github.com/snyk/zip-slip-vulnerability diff --git a/2018/CVE-2018-12679.md b/2018/CVE-2018-12679.md new file mode 100644 index 000000000..e0dd1b357 --- /dev/null +++ b/2018/CVE-2018-12679.md @@ -0,0 +1,17 @@ +### [CVE-2018-12679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12679) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +The Serialize.deserialize() method in CoAPthon3 1.0 and 1.0.1 mishandles certain exceptions, leading to a denial of service in applications that use this library (e.g., the standard CoAP server, CoAP client, example collect CoAP server and client) when they receive crafted CoAP messages. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2018/CVE-2018-16845.md b/2018/CVE-2018-16845.md index 2fa452780..abd3f23e4 100644 --- a/2018/CVE-2018-16845.md +++ b/2018/CVE-2018-16845.md @@ -17,6 +17,7 @@ nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_mod - https://github.com/ConstantaNF/RPM - https://github.com/Dekkert/dz6_soft_distribution - https://github.com/adastraaero/OTUS_LinuxProf +- https://github.com/alisaesage/Disclosures - https://github.com/anitazhaochen/anitazhaochen.github.io - https://github.com/badd1e/Disclosures - https://github.com/rmtec/modeswitcher diff --git a/2018/CVE-2018-18264.md b/2018/CVE-2018-18264.md index 20fb263c3..0d39966a1 100644 --- a/2018/CVE-2018-18264.md +++ b/2018/CVE-2018-18264.md @@ -19,4 +19,5 @@ No PoCs from references. - https://github.com/d4n-sec/d4n-sec.github.io - https://github.com/g3rzi/HackingKubernetes - https://github.com/hacking-kubernetes/hacking-kubernetes.info +- https://github.com/magnologan/awesome-k8s-security diff --git a/2018/CVE-2018-18428.md b/2018/CVE-2018-18428.md index 0988c2ef2..f0dee6a95 100644 --- a/2018/CVE-2018-18428.md +++ b/2018/CVE-2018-18428.md @@ -15,5 +15,5 @@ TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream acc - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5497.php #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2018/CVE-2018-18483.md b/2018/CVE-2018-18483.md index 8633c9b9b..758e875d5 100644 --- a/2018/CVE-2018-18483.md +++ b/2018/CVE-2018-18483.md @@ -16,5 +16,6 @@ The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Bi #### Github - https://github.com/fokypoky/places-list - https://github.com/fuzz-evaluator/MemLock-Fuzz-eval +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/wcventure/MemLock-Fuzz diff --git a/2018/CVE-2018-19067.md b/2018/CVE-2018-19067.md index f59a72754..174556116 100644 --- a/2018/CVE-2018-19067.md +++ b/2018/CVE-2018-19067.md @@ -13,5 +13,5 @@ An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and A - https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2018/CVE-2018-19077.md b/2018/CVE-2018-19077.md index 7889f55c9..615b0825e 100644 --- a/2018/CVE-2018-19077.md +++ b/2018/CVE-2018-19077.md @@ -13,5 +13,5 @@ An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2. - https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2018/CVE-2018-19417.md b/2018/CVE-2018-19417.md new file mode 100644 index 000000000..21a984f5e --- /dev/null +++ b/2018/CVE-2018-19417.md @@ -0,0 +1,17 @@ +### [CVE-2018-19417](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19417) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parse_publish_vhdr() that parses MQTT PUBLISH messages with a variable length header uses memcpy to input data into a fixed size buffer. The allocated buffer can fit only MQTT_MAX_TOPIC_LENGTH (default 64) bytes, and a length check is missing. This could lead to Remote Code Execution via a stack-smashing attack (overwriting the function return address). Contiki-NG does not separate the MQTT server from other servers and the OS modules, so access to all memory regions is possible. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2018/CVE-2018-19518.md b/2018/CVE-2018-19518.md index a5357b4c8..1ebea7ed3 100644 --- a/2018/CVE-2018-19518.md +++ b/2018/CVE-2018-19518.md @@ -23,6 +23,7 @@ University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in P - https://github.com/C-starm/PoC-and-Exp-of-Vulnerabilities - https://github.com/HacTF/poc--exp - https://github.com/SexyBeast233/SecBooks +- https://github.com/Threekiii/Awesome-POC - https://github.com/avboy1337/Vulnerabilities - https://github.com/bb33bb/Vulnerabilities - https://github.com/ensimag-security/CVE-2018-19518 diff --git a/2018/CVE-2018-19860.md b/2018/CVE-2018-19860.md new file mode 100644 index 000000000..baee6d9b6 --- /dev/null +++ b/2018/CVE-2018-19860.md @@ -0,0 +1,17 @@ +### [CVE-2018-19860](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19860) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2018/CVE-2018-20225.md b/2018/CVE-2018-20225.md index dd9afa5f1..d38d78f12 100644 --- a/2018/CVE-2018-20225.md +++ b/2018/CVE-2018-20225.md @@ -16,5 +16,6 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/cbdq-io/docker-grype - https://github.com/jedie/manage_django_project +- https://github.com/pkjmesra/PKScreener - https://github.com/sonatype-nexus-community/ossindex-python diff --git a/2018/CVE-2018-20250.md b/2018/CVE-2018-20250.md index 7d75e090b..f2cc9d413 100644 --- a/2018/CVE-2018-20250.md +++ b/2018/CVE-2018-20250.md @@ -61,6 +61,7 @@ In WinRAR versions prior to and including 5.61, There is path traversal vulnerab - https://github.com/Saidul-M-Khan/Red-Teaming-Toolkit - https://github.com/Team-BT5/WinAFL-RDP - https://github.com/Th3k33n/RedTeam +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/WyAtu/CVE-2018-20250 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2018/CVE-2018-20673.md b/2018/CVE-2018-20673.md index 969729642..bf902cbce 100644 --- a/2018/CVE-2018-20673.md +++ b/2018/CVE-2018-20673.md @@ -16,4 +16,5 @@ The demangle_template function in cplus-dem.c in GNU libiberty, as distributed i - https://github.com/ARPSyndicate/cvemon - https://github.com/fokypoky/places-list - https://github.com/phonito/phonito-vulnerable-container +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2018/CVE-2018-20712.md b/2018/CVE-2018-20712.md index d37a364a3..85d2cfdd3 100644 --- a/2018/CVE-2018-20712.md +++ b/2018/CVE-2018-20712.md @@ -15,4 +15,5 @@ A heap-based buffer over-read exists in the function d_expression_1 in cp-demang #### Github - https://github.com/phonito/phonito-vulnerable-container +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2018/CVE-2018-2628.md b/2018/CVE-2018-2628.md index 833ebf87e..037284d0f 100644 --- a/2018/CVE-2018-2628.md +++ b/2018/CVE-2018-2628.md @@ -105,6 +105,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/password520/RedTeamer - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/reph0r/Poc-Exp-Tools - https://github.com/reph0r/poc-exp diff --git a/2018/CVE-2018-2893.md b/2018/CVE-2018-2893.md index 87727cd8a..7fd8d3079 100644 --- a/2018/CVE-2018-2893.md +++ b/2018/CVE-2018-2893.md @@ -89,6 +89,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go - https://github.com/qianl0ng/CVE-2018-2893 +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/ryanInf/CVE-2018-2893 - https://github.com/safe6Sec/WeblogicVuln diff --git a/2018/CVE-2018-2894.md b/2018/CVE-2018-2894.md index 46f9017e7..9b3ca31ff 100644 --- a/2018/CVE-2018-2894.md +++ b/2018/CVE-2018-2894.md @@ -98,7 +98,9 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/jbmihoub/all-poc - https://github.com/jiangsir404/POC-S - https://github.com/jwxa2015/pocs +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/k8gege/PyLadon - https://github.com/kdandy/pentest_tools - https://github.com/kenuoseclab/Weblogic-scan @@ -119,6 +121,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/pwnagelabs/VEF - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/ranjan-prp/PayloadsAllTheThings - https://github.com/ravijainpro/payloads_xss diff --git a/2018/CVE-2018-5144.md b/2018/CVE-2018-5144.md index cb1c4d7a8..8281843a1 100644 --- a/2018/CVE-2018-5144.md +++ b/2018/CVE-2018-5144.md @@ -14,5 +14,6 @@ An integer overflow can occur during conversion of text to some Unicode characte No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2018/CVE-2018-5178.md b/2018/CVE-2018-5178.md index 382dde848..5dd606aa2 100644 --- a/2018/CVE-2018-5178.md +++ b/2018/CVE-2018-5178.md @@ -16,5 +16,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2018/CVE-2018-5383.md b/2018/CVE-2018-5383.md index 7a970d6f0..e5aed7234 100644 --- a/2018/CVE-2018-5383.md +++ b/2018/CVE-2018-5383.md @@ -20,5 +20,6 @@ Bluetooth firmware or operating system software drivers in macOS versions before - https://github.com/AlexandrBing/broadcom-bt-firmware - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit - https://github.com/winterheart/broadcom-bt-firmware diff --git a/2018/CVE-2018-6376.md b/2018/CVE-2018-6376.md index c52491388..79816b54a 100644 --- a/2018/CVE-2018-6376.md +++ b/2018/CVE-2018-6376.md @@ -55,6 +55,7 @@ No PoCs from references. - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/readloud/Pentesting-Bible - https://github.com/ridhopratama29/zimbohack +- https://github.com/sp4rkw/Cyberspace_Security_Learning - https://github.com/t31m0/PENTESTING-BIBLE - https://github.com/vincentfer/PENTESTING-BIBLE- - https://github.com/whoami-chmod777/Pentesting-Bible diff --git a/2018/CVE-2018-6389.md b/2018/CVE-2018-6389.md index 763b9eb5f..13083335f 100644 --- a/2018/CVE-2018-6389.md +++ b/2018/CVE-2018-6389.md @@ -45,6 +45,7 @@ In WordPress through 4.9.2, unauthenticated attackers can cause a denial of serv - https://github.com/Jetserver/CVE-2018-6389-FIX - https://github.com/JulienGadanho/cve-2018-6389-php-patcher - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups - https://github.com/Prodrious/writeups - https://github.com/R3dg0/writeups @@ -56,6 +57,7 @@ In WordPress through 4.9.2, unauthenticated attackers can cause a denial of serv - https://github.com/SunDance29/for-learning - https://github.com/Tanvi20/Week-7-Alternative-Assignment-wp-cve - https://github.com/TheBountyBox/Awesome-Writeups +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/WazeHell/CVE-2018-6389 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YemiBeshe/Codepath-WP1 diff --git a/2018/CVE-2018-6829.md b/2018/CVE-2018-6829.md index 83919eb63..6baed829c 100644 --- a/2018/CVE-2018-6829.md +++ b/2018/CVE-2018-6829.md @@ -24,4 +24,5 @@ cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages direc - https://github.com/fokypoky/places-list - https://github.com/garethr/snykout - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2018/CVE-2018-6981.md b/2018/CVE-2018-6981.md index a74a45532..0e1410037 100644 --- a/2018/CVE-2018-6981.md +++ b/2018/CVE-2018-6981.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/Apri1y/Red-Team-links - https://github.com/Echocipher/Resource-list - https://github.com/Ondrik8/RED-Team +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures - https://github.com/dk47os3r/hongduiziliao - https://github.com/hasee2018/Safety-net-information diff --git a/2018/CVE-2018-7600.md b/2018/CVE-2018-7600.md index 64f09c04b..5d76ba23e 100644 --- a/2018/CVE-2018-7600.md +++ b/2018/CVE-2018-7600.md @@ -227,6 +227,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - https://github.com/sobinge/--1 - https://github.com/sobinge/PayloadsAllTheThings - https://github.com/sobinge/PayloadsAllThesobinge +- https://github.com/soch4n/CVE-2018-7600 - https://github.com/stillHere3000/KnownMalware - https://github.com/superfish9/pt - https://github.com/t0m4too/t0m4to @@ -244,6 +245,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - https://github.com/winterwolf32/PayloadsAllTheThings - https://github.com/xbl3/awesome-cve-poc_qazbnm456 - https://github.com/xhref/OSCP +- https://github.com/xonoxitron/INE-eJPT-Certification-Exam-Notes-Cheat-Sheet - https://github.com/yak0d3/dDumper - https://github.com/ynsmroztas/drupalhunter - https://github.com/zeralot/Dectect-CVE diff --git a/2018/CVE-2018-8120.md b/2018/CVE-2018-8120.md index b0311f2eb..ee3b8b00b 100644 --- a/2018/CVE-2018-8120.md +++ b/2018/CVE-2018-8120.md @@ -60,6 +60,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/SomUrim/windows-kernel-exploits-clone - https://github.com/StartZYP/CVE-2018-8120 - https://github.com/ThunderJie/CVE +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Y0n0Y/cve-2018-8120-exp - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2018/CVE-2018-9996.md b/2018/CVE-2018-9996.md index 5f6c950d4..b9d2d51e8 100644 --- a/2018/CVE-2018-9996.md +++ b/2018/CVE-2018-9996.md @@ -18,6 +18,7 @@ An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU B - https://github.com/SZU-SE/Stack-overflow-Fuzzer-TestSuite - https://github.com/andir/nixos-issue-db-example - https://github.com/junxzm1990/afl-pt +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/tzf-key/MemLock_Benchmark - https://github.com/tzf-omkey/MemLock_Benchmark - https://github.com/wcventure/MemLock_Benchmark diff --git a/2019/CVE-2019-0570.md b/2019/CVE-2019-0570.md index cae0129ee..84ac1b98f 100644 --- a/2019/CVE-2019-0570.md +++ b/2019/CVE-2019-0570.md @@ -20,5 +20,6 @@ An elevation of privilege vulnerability exists when the Windows Runtime improper - https://www.exploit-db.com/exploits/46184/ #### Github +- https://github.com/Cyber-Cole/Network_Analysis_with_NMAP_and_Wireshark - https://github.com/punishell/WindowsLegacyCVE diff --git a/2019/CVE-2019-0583.md b/2019/CVE-2019-0583.md new file mode 100644 index 000000000..4ae189f1a --- /dev/null +++ b/2019/CVE-2019-0583.md @@ -0,0 +1,27 @@ +### [CVE-2019-0583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0583) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Servers&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20RT%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) + +### Description + +A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0584. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Cyber-Cole/Network_Analysis_with_NMAP_and_Wireshark + diff --git a/2019/CVE-2019-0604.md b/2019/CVE-2019-0604.md index e665cfaa6..d4c2b352f 100644 --- a/2019/CVE-2019-0604.md +++ b/2019/CVE-2019-0604.md @@ -56,6 +56,7 @@ No PoCs from references. - https://github.com/hktalent/ysoserial.net - https://github.com/jbmihoub/all-poc - https://github.com/k8gege/CVE-2019-0604 +- https://github.com/k8gege/PowerLadon - https://github.com/likescam/CVE-2019-0604_sharepoint_CVE - https://github.com/linhlhq/CVE-2019-0604 - https://github.com/lnick2023/nicenice diff --git a/2019/CVE-2019-0708.md b/2019/CVE-2019-0708.md index 23ec76380..c00aa02dc 100644 --- a/2019/CVE-2019-0708.md +++ b/2019/CVE-2019-0708.md @@ -149,6 +149,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/TinToSer/bluekeep-exploit - https://github.com/Tk369/Rdp0708 - https://github.com/Tracehowler/Bible +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/UraSecTeam/CVE-2019-0708 - https://github.com/Wh1teZe/solo-blog - https://github.com/Whiteh4tWolf/Attack-Defense @@ -281,6 +282,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/jwmoss/PSTenable - https://github.com/k4yt3x/pwsearch - https://github.com/k8gege/CVE-2019-0708 +- https://github.com/k8gege/PowerLadon - https://github.com/kenuoseclab/HostScan - https://github.com/kevthehermit/attackerkb-api - https://github.com/kryptoslogic/rdppot @@ -411,6 +413,7 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - https://github.com/xiaoqin00/PwnDatas-DB-Project - https://github.com/xiaoy-sec/Pentest_Note - https://github.com/xinyu2428/Nessus_CSV +- https://github.com/xonoxitron/INE-eJPT-Certification-Exam-Notes-Cheat-Sheet - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/ycdxsb/PocOrExp_in_Github - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2019/CVE-2019-0717.md b/2019/CVE-2019-0717.md index 587ce565b..fbd7d109a 100644 --- a/2019/CVE-2019-0717.md +++ b/2019/CVE-2019-0717.md @@ -1,14 +1,15 @@ ### [CVE-2019-0717](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0717) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) ### Description -A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0718, CVE-2019-0723. +A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. ### POC @@ -16,5 +17,6 @@ A denial of service vulnerability exists when Microsoft Hyper-V Network Switch o No PoCs from references. #### Github +- https://github.com/alisaesage/Disclosures - https://github.com/badd1e/Disclosures diff --git a/2019/CVE-2019-0803.md b/2019/CVE-2019-0803.md index 94a348e14..58bb447f0 100644 --- a/2019/CVE-2019-0803.md +++ b/2019/CVE-2019-0803.md @@ -35,6 +35,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SecWiki/windows-kernel-exploits - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/ZTK-009/RedTeamer diff --git a/2019/CVE-2019-0863.md b/2019/CVE-2019-0863.md index 89f7f7bc0..bf8ffe210 100644 --- a/2019/CVE-2019-0863.md +++ b/2019/CVE-2019-0863.md @@ -28,6 +28,7 @@ An elevation of privilege vulnerability exists in the way Windows Error Reportin - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-10028.md b/2019/CVE-2019-10028.md index 3a6224c76..84df634c2 100644 --- a/2019/CVE-2019-10028.md +++ b/2019/CVE-2019-10028.md @@ -17,5 +17,6 @@ No PoCs from references. - https://github.com/ForAllSecure/Mayhem-with-TravisCI-netflix-dial-example - https://github.com/ForAllSecure/VulnerabilitiesLab - https://github.com/ForAllSecure/fuzzing-essentials-federal +- https://github.com/Samsung/cotopaxi - https://github.com/devdevdany/Mayhem-with-TravisCI-netflix-dial-example diff --git a/2019/CVE-2019-1003000.md b/2019/CVE-2019-1003000.md index 856ce2c77..4029a2d4a 100644 --- a/2019/CVE-2019-1003000.md +++ b/2019/CVE-2019-1003000.md @@ -46,6 +46,7 @@ A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier - https://github.com/huimzjty/vulwiki - https://github.com/jaychouzzk/- - https://github.com/jbmihoub/all-poc +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/purple-WL/Jenkins_CVE-2019-1003000 - https://github.com/reph0r/poc-exp - https://github.com/reph0r/poc-exp-tools diff --git a/2019/CVE-2019-1003005.md b/2019/CVE-2019-1003005.md index dbd548f25..8714edc6c 100644 --- a/2019/CVE-2019-1003005.md +++ b/2019/CVE-2019-1003005.md @@ -20,6 +20,7 @@ A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/N0body007/jenkins-rce-2017-2018-2019 - https://github.com/TheBeastofwar/JenkinsExploit-GUI +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-1003029.md b/2019/CVE-2019-1003029.md index 2da08ad23..d90f0eb92 100644 --- a/2019/CVE-2019-1003029.md +++ b/2019/CVE-2019-1003029.md @@ -27,6 +27,7 @@ A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and - https://github.com/PwnAwan/Pwn_Jenkins - https://github.com/Rajchowdhury420/Secure-or-Break-Jenkins - https://github.com/TheBeastofwar/JenkinsExploit-GUI +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-10173.md b/2019/CVE-2019-10173.md index f2ba69e87..bd12e064b 100644 --- a/2019/CVE-2019-10173.md +++ b/2019/CVE-2019-10173.md @@ -26,6 +26,7 @@ It was found that xstream API version 1.4.10 before 1.4.11 introduced a regressi - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/OWASP/www-project-ide-vulscanner - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-10758.md b/2019/CVE-2019-10758.md index 4a0314cb3..02549fb65 100644 --- a/2019/CVE-2019-10758.md +++ b/2019/CVE-2019-10758.md @@ -30,6 +30,7 @@ mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-11043.md b/2019/CVE-2019-11043.md index eb2c3e999..c3a50cf16 100644 --- a/2019/CVE-2019-11043.md +++ b/2019/CVE-2019-11043.md @@ -47,6 +47,7 @@ In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/aaron3238/phpfpmexploit @@ -89,6 +90,7 @@ In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in - https://github.com/johnkilene/CUDB - https://github.com/jptr218/php_hack - https://github.com/k8gege/CVE-2019-11043 +- https://github.com/k8gege/PowerLadon - https://github.com/konterlim/nextcloud - https://github.com/kriskhub/CVE-2019-11043 - https://github.com/lindemer/CVE-2019-11043 diff --git a/2019/CVE-2019-11247.md b/2019/CVE-2019-11247.md index 5f95a826d..bbe8e60bd 100644 --- a/2019/CVE-2019-11247.md +++ b/2019/CVE-2019-11247.md @@ -19,5 +19,6 @@ No PoCs from references. - https://github.com/cloudnative-security/hacking-kubernetes - https://github.com/g3rzi/HackingKubernetes - https://github.com/hacking-kubernetes/hacking-kubernetes.info +- https://github.com/magnologan/awesome-k8s-security - https://github.com/stackrox/blog-examples diff --git a/2019/CVE-2019-11249.md b/2019/CVE-2019-11249.md index 423c6047a..b50233c85 100644 --- a/2019/CVE-2019-11249.md +++ b/2019/CVE-2019-11249.md @@ -22,5 +22,6 @@ No PoCs from references. - https://github.com/atesemre/awesome-cloud-native-security - https://github.com/hacking-kubernetes/hacking-kubernetes.info - https://github.com/iridium-soda/container-escape-exploits +- https://github.com/magnologan/awesome-k8s-security - https://github.com/noirfate/k8s_debug diff --git a/2019/CVE-2019-1125.md b/2019/CVE-2019-1125.md index 901a73f11..46b88b447 100644 --- a/2019/CVE-2019-1125.md +++ b/2019/CVE-2019-1125.md @@ -1,16 +1,43 @@ ### [CVE-2019-1125](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) ### Description -An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. +An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further.On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125.Microsoft released a security update on July 9, 2019 that addresses the vulnerability through a software change that mitigates how the CPU speculatively accesses memory. Note that this vulnerability does not require a microcode update from your device OEM. ### POC diff --git a/2019/CVE-2019-11358.md b/2019/CVE-2019-11358.md index 1d7e16a97..e641d4608 100644 --- a/2019/CVE-2019-11358.md +++ b/2019/CVE-2019-11358.md @@ -269,6 +269,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/Andrew-Renfro/Andrew-Renfro - https://github.com/AndrewF1234/ftc_2022_0117 - https://github.com/Andy3153/BroBotsFTC_2019-2020 +- https://github.com/AndyLiang925/FTC16093-2024 - https://github.com/AnikaMahesh/FirstTechChallengeFreightFrenzy - https://github.com/AnirudhJagannathan/FTC18108RobotController-7.0 - https://github.com/AnishJag/FTCFreightFrenzy @@ -323,6 +324,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/AuslinD/PowerPlay2022-2023 - https://github.com/AuslinD/rookiecamp2021 - https://github.com/AusreisserSF/FtcUltimateGoal +- https://github.com/AvivDukhovich/Centerstage_22993 - https://github.com/AvocadoRobotics/AvocadoBot - https://github.com/Avon-Roborioles/2023-21945 - https://github.com/Avyuuu/Philobots-2020-2021 @@ -2277,6 +2279,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/TudorFerecus/Programare - https://github.com/TudorFerecus/Programare-Brave-Bots-Freight-Frenzy - https://github.com/TudorFerecus/cod27-2 +- https://github.com/Tudorix/FTC_Research - https://github.com/TullyNYGuy/FtcRobotController - https://github.com/Tundrabots7083/18190-robot-code-2021-2022 - https://github.com/Tundrabots7083/7083-2023-2024 @@ -3561,6 +3564,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/rh-robotics/Panda-WMI - https://github.com/rh-robotics/Robot-Games-2022-T3 - https://github.com/rhindle/FF_Om_FtcRobotController2021-22 +- https://github.com/rhindle/FtcRobotController-LK-91 - https://github.com/rhindle/FtcRobotController-ftc265-example - https://github.com/rhindle/FtcRobotController80 - https://github.com/rhindle/Old_FF_Om_FtcRobotController2021-22 @@ -3865,6 +3869,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - https://github.com/thvulpe/Geneva - https://github.com/tia-tai/SLAM-Shady-22279 - https://github.com/tieburke/13105_2021-22_FINAL +- https://github.com/tikhonsmovzh/PackCollect - https://github.com/timmyjr11/Team14436-FTC-Power-Play-2022-2023 - https://github.com/titanium-knights/all-knighters-23-24 - https://github.com/titanium-knights/bakedbreadbot diff --git a/2019/CVE-2019-1144.md b/2019/CVE-2019-1144.md index 52e8f3775..932153c02 100644 --- a/2019/CVE-2019-1144.md +++ b/2019/CVE-2019-1144.md @@ -1,16 +1,43 @@ ### [CVE-2019-1144](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1144) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-1145.md b/2019/CVE-2019-1145.md index cef9ab077..01f204450 100644 --- a/2019/CVE-2019-1145.md +++ b/2019/CVE-2019-1145.md @@ -1,16 +1,43 @@ ### [CVE-2019-1145](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1145) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-1148.md b/2019/CVE-2019-1148.md index b0b55d1cb..0a2192a33 100644 --- a/2019/CVE-2019-1148.md +++ b/2019/CVE-2019-1148.md @@ -1,17 +1,45 @@ ### [CVE-2019-1148](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1148) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) ### Description -An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1153. +An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory. ### POC diff --git a/2019/CVE-2019-1149.md b/2019/CVE-2019-1149.md index 79d4303ed..2ba0bcbaf 100644 --- a/2019/CVE-2019-1149.md +++ b/2019/CVE-2019-1149.md @@ -1,17 +1,45 @@ ### [CVE-2019-1149](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1149) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-1150.md b/2019/CVE-2019-1150.md index 6fe12bf2c..01edc6e17 100644 --- a/2019/CVE-2019-1150.md +++ b/2019/CVE-2019-1150.md @@ -1,16 +1,43 @@ ### [CVE-2019-1150](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1150) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1151, CVE-2019-1152. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-1151.md b/2019/CVE-2019-1151.md index 15f1b519d..6abeda095 100644 --- a/2019/CVE-2019-1151.md +++ b/2019/CVE-2019-1151.md @@ -1,17 +1,45 @@ ### [CVE-2019-1151](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1151) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1152. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-11510.md b/2019/CVE-2019-11510.md index 0f2a8733e..f1226e223 100644 --- a/2019/CVE-2019-11510.md +++ b/2019/CVE-2019-11510.md @@ -46,6 +46,7 @@ In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7 - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-1152.md b/2019/CVE-2019-1152.md index 481753726..6a51aa143 100644 --- a/2019/CVE-2019-1152.md +++ b/2019/CVE-2019-1152.md @@ -1,16 +1,43 @@ ### [CVE-2019-1152](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1152) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151. +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.There are multiple ways an attacker could exploit the vulnerability:In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file.The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. ### POC diff --git a/2019/CVE-2019-1153.md b/2019/CVE-2019-1153.md index 1052ef69e..258f2648e 100644 --- a/2019/CVE-2019-1153.md +++ b/2019/CVE-2019-1153.md @@ -1,17 +1,45 @@ ### [CVE-2019-1153](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1153) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) ### Description -An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1078, CVE-2019-1148. +An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory. ### POC diff --git a/2019/CVE-2019-1158.md b/2019/CVE-2019-1158.md index 9c7437fa0..b8cef056b 100644 --- a/2019/CVE-2019-1158.md +++ b/2019/CVE-2019-1158.md @@ -1,16 +1,43 @@ ### [CVE-2019-1158](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1158) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) ### Description -An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1143, CVE-2019-1154. +An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. ### POC diff --git a/2019/CVE-2019-1159.md b/2019/CVE-2019-1159.md index 39c2a198b..f6dc0a5ba 100644 --- a/2019/CVE-2019-1159.md +++ b/2019/CVE-2019-1159.md @@ -1,16 +1,43 @@ ### [CVE-2019-1159](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1159) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Systems%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) ### Description -An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1164. +An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. ### POC diff --git a/2019/CVE-2019-1161.md b/2019/CVE-2019-1161.md index 1ce515638..cbf56d210 100644 --- a/2019/CVE-2019-1161.md +++ b/2019/CVE-2019-1161.md @@ -1,38 +1,16 @@ ### [CVE-2019-1161](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1161) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Forefront%20Endpoint%20Protection&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Forefront%20Endpoint%20Protection%202010&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Security%20Essentials&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20System%20Center&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201607%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201607%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201703%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201703%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20Version%201709%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%2010%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%207%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%207%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%208.1%20for%2032-bit%20systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%208.1%20for%20x64-based%20systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20RT%208.1&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20R2%20for%20Itanium-Based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20R2%20for%20x64-based%20Systems%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20R2%20for%20x64-based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20for%2032-bit%20Systems%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20for%2032-bit%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202008%20for%20Itanium-Based%20Systems&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202012%20R2&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202012&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202016%20%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20on%20Windows%20Server%202016&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20System%20Center%202012%20Endpoint%20Protection&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20System%20Center%202012%20R2%20Endpoint%20Protection&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20System%20Center%20Endpoint%20Protection&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20N%2FA%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) ### Description -An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'. +An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again.The update addresses the vulnerability and blocks the arbitrary deletion. ### POC diff --git a/2019/CVE-2019-1170.md b/2019/CVE-2019-1170.md index 9dd27c7f3..e1e60944a 100644 --- a/2019/CVE-2019-1170.md +++ b/2019/CVE-2019-1170.md @@ -1,16 +1,17 @@ ### [CVE-2019-1170](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1170) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) ### Description -An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape, aka 'Windows NTFS Elevation of Privilege Vulnerability'. +An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.The security update addresses the vulnerability by preventing sandboxed processes from creating reparse points targeting inaccessible files. ### POC diff --git a/2019/CVE-2019-11708.md b/2019/CVE-2019-11708.md index c31ddb541..388717bc0 100644 --- a/2019/CVE-2019-11708.md +++ b/2019/CVE-2019-11708.md @@ -34,6 +34,7 @@ Insufficient vetting of parameters passed with the Prompt:Open IPC message betwe - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/Sp0pielar/CVE-2019-9791 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-1172.md b/2019/CVE-2019-1172.md index 63e53b5a9..43212ab9a 100644 --- a/2019/CVE-2019-1172.md +++ b/2019/CVE-2019-1172.md @@ -1,16 +1,30 @@ ### [CVE-2019-1172](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1172) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) ### Description -An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session, aka 'Windows Information Disclosure Vulnerability'. +An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account.To exploit the vulnerability, an attacker would have to trick a user into browsing to a specially crafted website, allowing the attacker to steal the user's token.The security update addresses the vulnerability by correcting how MSA handles cookies. ### POC diff --git a/2019/CVE-2019-1181.md b/2019/CVE-2019-1181.md index 182c5b8db..e991b04a0 100644 --- a/2019/CVE-2019-1181.md +++ b/2019/CVE-2019-1181.md @@ -1,16 +1,38 @@ ### [CVE-2019-1181](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1181) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20Android&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20IoS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1182, CVE-2019-1222, CVE-2019-1226. +A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. ### POC diff --git a/2019/CVE-2019-1182.md b/2019/CVE-2019-1182.md index 31979a295..9640cc407 100644 --- a/2019/CVE-2019-1182.md +++ b/2019/CVE-2019-1182.md @@ -1,16 +1,38 @@ ### [CVE-2019-1182](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1182) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20Android&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20IoS&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Remote%20Desktop%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201703&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201709&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1222, CVE-2019-1226. +A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. ### POC diff --git a/2019/CVE-2019-1184.md b/2019/CVE-2019-1184.md index 95f5dbbac..1039f1b55 100644 --- a/2019/CVE-2019-1184.md +++ b/2019/CVE-2019-1184.md @@ -1,16 +1,19 @@ ### [CVE-2019-1184](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1184) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) ### Description -An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1186. +An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses this vulnerability by correcting unprotected COM calls. ### POC diff --git a/2019/CVE-2019-1205.md b/2019/CVE-2019-1205.md index be8c70752..d86d105cc 100644 --- a/2019/CVE-2019-1205.md +++ b/2019/CVE-2019-1205.md @@ -1,14 +1,18 @@ ### [CVE-2019-1205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1205) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202016%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019%20for%20Mac&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20Online%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Office%20365%20ProPlus&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1201. +A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could then take actions on behalf of the logged-on user with the same permissions as the current user.To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software.Two possible email attack scenarios exist for this vulnerability:With the first email attack scenario, an attacker could send a specially crafted email message to the user and wait for the user to click on the message. When the message renders via Microsoft Word in the Outlook Preview Pane, an attack could be triggered.With the second scenario, an attacker could attach a specially crafted file to an email, send it to a user, and convince them to open it.In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or other message, and then convince the user to open the specially crafted file.The security update addresses the vulnerability by correcting how Microsoft Word handles files in memory.For users who view their emails in Outlook, the Preview Pane attack vector can be mitigated by disabling this feature. The following registry keys can be set to disable the Preview Pane in Outlook on Windows, either via manual editing of the registry or by modifying Group Policy.Note Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.Outlook 2010:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\OptionsDWORD: DisableReadingPaneValue: 1Outlook 2013:HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\OptionsDWORD: DisableReadingPaneValue: 1Outlook 2016, Outlook 2019, and Office 365 ProPlus:HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\OptionsDWORD: DisableReadingPaneValue: 1 ### POC diff --git a/2019/CVE-2019-1211.md b/2019/CVE-2019-1211.md index 197f42380..a343e12d6 100644 --- a/2019/CVE-2019-1211.md +++ b/2019/CVE-2019-1211.md @@ -1,13 +1,16 @@ ### [CVE-2019-1211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1211) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202017%20version%2015.9%20(includes%2015.0%20-%2015.8)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202017&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202019&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202019%20version%2016.0&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202019%20version%2016.2&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=15.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=15.9.0%3C%20publication%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=16.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) ### Description -An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files, aka 'Git for Visual Studio Elevation of Privilege Vulnerability'. +An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user.To exploit the vulnerability, an authenticated attacker would need to modify Git configuration files on a system prior to a full installation of the application. The attacker would then need to convince another user on the system to execute specific Git commands.The update addresses the issue by changing the permissions required to edit configuration files. ### POC diff --git a/2019/CVE-2019-1218.md b/2019/CVE-2019-1218.md index 3065d44a8..0098caf0f 100644 --- a/2019/CVE-2019-1218.md +++ b/2019/CVE-2019-1218.md @@ -1,11 +1,11 @@ ### [CVE-2019-1218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1218) ![](https://img.shields.io/static/v1?label=Product&message=Outlook%20for%20iOS&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) ### Description -A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages, aka 'Outlook iOS Spoofing Vulnerability'. +A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim.The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user.The security update addresses the vulnerability by correcting how Outlook iOS parses specially crafted email messages. ### POC diff --git a/2019/CVE-2019-1222.md b/2019/CVE-2019-1222.md index 3e8697dff..2cc61fde3 100644 --- a/2019/CVE-2019-1222.md +++ b/2019/CVE-2019-1222.md @@ -1,16 +1,19 @@ ### [CVE-2019-1222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1222) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1226. +A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. ### POC diff --git a/2019/CVE-2019-1226.md b/2019/CVE-2019-1226.md index 0b7175953..cd78a4543 100644 --- a/2019/CVE-2019-1226.md +++ b/2019/CVE-2019-1226.md @@ -1,16 +1,21 @@ ### [CVE-2019-1226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1226) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) ### Description -A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1222. +A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. ### POC diff --git a/2019/CVE-2019-12409.md b/2019/CVE-2019-12409.md index 1c3a32093..4be71be6e 100644 --- a/2019/CVE-2019-12409.md +++ b/2019/CVE-2019-12409.md @@ -32,6 +32,7 @@ The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/d4n-sec/d4n-sec.github.io diff --git a/2019/CVE-2019-1253.md b/2019/CVE-2019-1253.md index 8d6dad242..98774a9f8 100644 --- a/2019/CVE-2019-1253.md +++ b/2019/CVE-2019-1253.md @@ -33,6 +33,7 @@ An elevation of privilege vulnerability exists when the Windows AppX Deployment - https://github.com/SexurityAnalyst/Watson - https://github.com/SofianeHamlaoui/Conti-Clear - https://github.com/TheJoyOfHacking/rasta-mouse-Watson +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/deadjakk/patch-checker diff --git a/2019/CVE-2019-12727.md b/2019/CVE-2019-12727.md index 98bf3a5b9..61dd4ccd9 100644 --- a/2019/CVE-2019-12727.md +++ b/2019/CVE-2019-12727.md @@ -13,5 +13,5 @@ On Ubiquiti airCam 3.1.4 devices, a Denial of Service vulnerability exists in th - https://github.com/X-C3LL/PoC-CVEs/blob/master/Aircam-DoS/Aircam-DoS.py #### Github -No PoCs found on GitHub currently. +- https://github.com/Samsung/cotopaxi diff --git a/2019/CVE-2019-13051.md b/2019/CVE-2019-13051.md index 5b4c1b392..4ec3f30bb 100644 --- a/2019/CVE-2019-13051.md +++ b/2019/CVE-2019-13051.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2019/CVE-2019-1322.md b/2019/CVE-2019-1322.md index 90a898bcf..60936dc73 100644 --- a/2019/CVE-2019-1322.md +++ b/2019/CVE-2019-1322.md @@ -37,6 +37,7 @@ An elevation of privilege vulnerability exists when Windows improperly handles a - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SofianeHamlaoui/Conti-Clear +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/ZTK-009/RedTeamer diff --git a/2019/CVE-2019-13272.md b/2019/CVE-2019-13272.md index 3200ceebf..73d9dd429 100644 --- a/2019/CVE-2019-13272.md +++ b/2019/CVE-2019-13272.md @@ -60,6 +60,7 @@ In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the - https://github.com/Snoopy-Sec/Localroot-ALL-CVE - https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability - https://github.com/Tharana/vulnerability-exploitation +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Waseem27-art/ART-TOOLKIT - https://github.com/Whiteh4tWolf/xcoderootsploit - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-1388.md b/2019/CVE-2019-1388.md index 5b4ae63f3..20d1ad89f 100644 --- a/2019/CVE-2019-1388.md +++ b/2019/CVE-2019-1388.md @@ -45,6 +45,7 @@ No PoCs from references. - https://github.com/Shadowven/Vulnerability_Reproduction - https://github.com/SofianeHamlaoui/Conti-Clear - https://github.com/TCM-Course-Resources/Windows-Privilege-Escalation-Resources +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YgorAlberto/Ethical-Hacker - https://github.com/YgorAlberto/ygoralberto.github.io diff --git a/2019/CVE-2019-1405.md b/2019/CVE-2019-1405.md index af533d470..ac1842d23 100644 --- a/2019/CVE-2019-1405.md +++ b/2019/CVE-2019-1405.md @@ -38,6 +38,7 @@ An elevation of privilege vulnerability exists when the Windows Universal Plug a - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SofianeHamlaoui/Conti-Clear +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/ZTK-009/RedTeamer diff --git a/2019/CVE-2019-14323.md b/2019/CVE-2019-14323.md new file mode 100644 index 000000000..2486cf6a8 --- /dev/null +++ b/2019/CVE-2019-14323.md @@ -0,0 +1,17 @@ +### [CVE-2019-14323](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14323) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +SSDP Responder 1.x through 1.5 mishandles incoming network messages, leading to a stack-based buffer overflow by 1 byte. This results in a crash of the server, but only when strict stack checking is enabled. This is caused by an off-by-one error in ssdp_recv in ssdpd.c. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2019/CVE-2019-14431.md b/2019/CVE-2019-14431.md new file mode 100644 index 000000000..7370a3881 --- /dev/null +++ b/2019/CVE-2019-14431.md @@ -0,0 +1,17 @@ +### [CVE-2019-14431](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14431) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server mishandles the fragment length value provided in the DTLS message. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2019/CVE-2019-1458.md b/2019/CVE-2019-1458.md index 181d63223..21e6fac29 100644 --- a/2019/CVE-2019-1458.md +++ b/2019/CVE-2019-1458.md @@ -41,6 +41,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/SexyBeast233/SecBooks - https://github.com/SofianeHamlaoui/Conti-Clear - https://github.com/TamilHackz/windows-exploitation +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/albinjoshy03/windows-kernel-exploits @@ -74,6 +75,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - https://github.com/whitfieldsdad/epss - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- - https://github.com/xbl3/awesome-cve-poc_qazbnm456 +- https://github.com/xonoxitron/INE-eJPT-Certification-Exam-Notes-Cheat-Sheet - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/ycdxsb/WindowsPrivilegeEscalation - https://github.com/yedada-wei/- diff --git a/2019/CVE-2019-15107.md b/2019/CVE-2019-15107.md index e6223838b..0a34b0ee9 100644 --- a/2019/CVE-2019-15107.md +++ b/2019/CVE-2019-15107.md @@ -62,6 +62,7 @@ An issue was discovered in Webmin <=1.920. The parameter old in password_change. - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce - https://github.com/Tuz-Wwsd/CVE-2019-15107_detection +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YeezyTaughtMe1/HTB-Postman - https://github.com/Z0fhack/Goby_POC diff --git a/2019/CVE-2019-15642.md b/2019/CVE-2019-15642.md index 5dcbf4051..525a16c71 100644 --- a/2019/CVE-2019-15642.md +++ b/2019/CVE-2019-15642.md @@ -27,6 +27,7 @@ No PoCs from references. - https://github.com/Miraitowa70/POC-Notes - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-16131.md b/2019/CVE-2019-16131.md index d566a6b73..dcd9b82c6 100644 --- a/2019/CVE-2019-16131.md +++ b/2019/CVE-2019-16131.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-16132.md b/2019/CVE-2019-16132.md index 29a3f216e..49acaeb70 100644 --- a/2019/CVE-2019-16132.md +++ b/2019/CVE-2019-16132.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-16278.md b/2019/CVE-2019-16278.md index 298052d8b..c0afad30d 100644 --- a/2019/CVE-2019-16278.md +++ b/2019/CVE-2019-16278.md @@ -32,6 +32,7 @@ Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NHPT/CVE-2019-16278 - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YeezyTaughtMe1/Traverxec - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-16279.md b/2019/CVE-2019-16279.md index bb4de3faa..7ba04caed 100644 --- a/2019/CVE-2019-16279.md +++ b/2019/CVE-2019-16279.md @@ -21,6 +21,7 @@ No PoCs from references. - https://github.com/InesMartins31/iot-cves - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-16309.md b/2019/CVE-2019-16309.md index fed16343f..7bf5f322f 100644 --- a/2019/CVE-2019-16309.md +++ b/2019/CVE-2019-16309.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-16313.md b/2019/CVE-2019-16313.md index 4238dd1b0..c2df760b1 100644 --- a/2019/CVE-2019-16313.md +++ b/2019/CVE-2019-16313.md @@ -29,6 +29,7 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/StarCrossPortal/scalpel - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-16314.md b/2019/CVE-2019-16314.md index 7dab04a3d..2d89bd521 100644 --- a/2019/CVE-2019-16314.md +++ b/2019/CVE-2019-16314.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/chalern/Pentest-Tools diff --git a/2019/CVE-2019-16336.md b/2019/CVE-2019-16336.md index e36a6eef5..32ad831e5 100644 --- a/2019/CVE-2019-16336.md +++ b/2019/CVE-2019-16336.md @@ -16,4 +16,5 @@ The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE component 3.61 and - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2019/CVE-2019-16346.md b/2019/CVE-2019-16346.md index db09d65cc..b04cf34a0 100644 --- a/2019/CVE-2019-16346.md +++ b/2019/CVE-2019-16346.md @@ -14,4 +14,5 @@ ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when c #### Github - https://github.com/Marsman1996/pocs +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2019/CVE-2019-16347.md b/2019/CVE-2019-16347.md index ff26472b4..10c20c695 100644 --- a/2019/CVE-2019-16347.md +++ b/2019/CVE-2019-16347.md @@ -14,4 +14,5 @@ ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when #### Github - https://github.com/Marsman1996/pocs +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2019/CVE-2019-16759.md b/2019/CVE-2019-16759.md index ffbdd3a00..290aa551b 100644 --- a/2019/CVE-2019-16759.md +++ b/2019/CVE-2019-16759.md @@ -38,6 +38,7 @@ vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/VengfullSecurityOperations/BTCMixingBowl - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC diff --git a/2019/CVE-2019-16920.md b/2019/CVE-2019-16920.md index cfda7d92b..41e4343e8 100644 --- a/2019/CVE-2019-16920.md +++ b/2019/CVE-2019-16920.md @@ -27,6 +27,7 @@ Unauthenticated remote code execution occurs in D-Link products such as DIR-655C - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2019/CVE-2019-17003.md b/2019/CVE-2019-17003.md index 12c85dd6b..48f63ffba 100644 --- a/2019/CVE-2019-17003.md +++ b/2019/CVE-2019-17003.md @@ -19,6 +19,7 @@ Scanning a QR code that contained a javascript: URL would have resulted in the J - https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups - https://github.com/Hacker-Fighter001/Bug-Bounty-Hunter-Articles - https://github.com/ImranTheThirdEye/Awesome-Bugbounty-Writeups +- https://github.com/Neelakandan-A/BugBounty_CheatSheet - https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups - https://github.com/Prodrious/writeups - https://github.com/R3dg0/writeups diff --git a/2019/CVE-2019-17060.md b/2019/CVE-2019-17060.md index 655e7dead..f65ef4084 100644 --- a/2019/CVE-2019-17060.md +++ b/2019/CVE-2019-17060.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2019/CVE-2019-17061.md b/2019/CVE-2019-17061.md index a7df86e1e..be86acdaf 100644 --- a/2019/CVE-2019-17061.md +++ b/2019/CVE-2019-17061.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2019/CVE-2019-17424.md b/2019/CVE-2019-17424.md index 0d47a36da..22f7ba772 100644 --- a/2019/CVE-2019-17424.md +++ b/2019/CVE-2019-17424.md @@ -19,6 +19,7 @@ A stack-based buffer overflow in the processPrivilage() function in IOS/process- - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-17506.md b/2019/CVE-2019-17506.md index 651cb4c9e..20a7e578c 100644 --- a/2019/CVE-2019-17506.md +++ b/2019/CVE-2019-17506.md @@ -28,5 +28,6 @@ No PoCs from references. - https://github.com/bigblackhat/oFx - https://github.com/d4n-sec/d4n-sec.github.io - https://github.com/openx-org/BLEN +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/sobinge/nuclei-templates diff --git a/2019/CVE-2019-17556.md b/2019/CVE-2019-17556.md index 286382221..83488dd20 100644 --- a/2019/CVE-2019-17556.md +++ b/2019/CVE-2019-17556.md @@ -22,6 +22,7 @@ No PoCs from references. - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-17558.md b/2019/CVE-2019-17558.md index 1c46884e0..e4b74171b 100644 --- a/2019/CVE-2019-17558.md +++ b/2019/CVE-2019-17558.md @@ -65,6 +65,7 @@ Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution - https://github.com/neilzhang1/Chinese-Charts - https://github.com/openx-org/BLEN - https://github.com/p4d0rn/Siren +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pinkieli/GitHub-Chinese-Top-Charts - https://github.com/qingyuanfeiniao/Chinese-Top-Charts - https://github.com/rockmelodies/rocComExpRce diff --git a/2019/CVE-2019-17564.md b/2019/CVE-2019-17564.md index fd83110b7..762114f9c 100644 --- a/2019/CVE-2019-17564.md +++ b/2019/CVE-2019-17564.md @@ -32,6 +32,7 @@ No PoCs from references. - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Whoopsunix/PPPRASP - https://github.com/Whoopsunix/PPPVULNS - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-17621.md b/2019/CVE-2019-17621.md index acfc262dd..b1b03160b 100644 --- a/2019/CVE-2019-17621.md +++ b/2019/CVE-2019-17621.md @@ -24,6 +24,7 @@ The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks - https://github.com/Squirre17/CVE-2019-17621 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Vu1nT0tal/IoT-vulhub - https://github.com/VulnTotal-Team/IoT-vulhub - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-17662.md b/2019/CVE-2019-17662.md index 5bd44ea95..8e8ec902b 100644 --- a/2019/CVE-2019-17662.md +++ b/2019/CVE-2019-17662.md @@ -24,6 +24,7 @@ ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise - https://github.com/MuirlandOracle/CVE-2019-17662 - https://github.com/OriGlassman/Workshop-in-Information-Security - https://github.com/Tamagaft/CVE-2019-17662 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/bl4ck574r/CVE-2019-17662 diff --git a/2019/CVE-2019-18370.md b/2019/CVE-2019-18370.md index 4c5a7bf29..5661a14c5 100644 --- a/2019/CVE-2019-18370.md +++ b/2019/CVE-2019-18370.md @@ -28,6 +28,7 @@ An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/UltramanGaia/POC-EXP - https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-18371.md b/2019/CVE-2019-18371.md index 6903201ec..4c929c79b 100644 --- a/2019/CVE-2019-18371.md +++ b/2019/CVE-2019-18371.md @@ -29,6 +29,7 @@ An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/UltramanGaia/POC-EXP - https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2019/CVE-2019-18634.md b/2019/CVE-2019-18634.md index d82652a03..dddcadabd 100644 --- a/2019/CVE-2019-18634.md +++ b/2019/CVE-2019-18634.md @@ -38,6 +38,7 @@ In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigg - https://github.com/SirElmard/ethical_hacking - https://github.com/Srinunaik000/Srinunaik000 - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources +- https://github.com/TH3xACE/SUDO_KILLER - https://github.com/TheJoyOfHacking/saleemrashid-sudo-cve-2019-18634 - https://github.com/Timirepo/CVE_Exploits - https://github.com/Y3A/CVE-2019-18634 diff --git a/2019/CVE-2019-18939.md b/2019/CVE-2019-18939.md index fb62ff16e..0b7f56491 100644 --- a/2019/CVE-2019-18939.md +++ b/2019/CVE-2019-18939.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/abhav/nvd_scrapper +- https://github.com/muchdogesec/cve2stix diff --git a/2019/CVE-2019-19011.md b/2019/CVE-2019-19011.md index c13b15109..5d1641ffd 100644 --- a/2019/CVE-2019-19011.md +++ b/2019/CVE-2019-19011.md @@ -13,5 +13,5 @@ MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ng - https://github.com/miniupnp/ngiflib/issues/16 #### Github -No PoCs found on GitHub currently. +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2019/CVE-2019-19192.md b/2019/CVE-2019-19192.md index 29d647d3a..b9abe22e5 100644 --- a/2019/CVE-2019-19192.md +++ b/2019/CVE-2019-19192.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2019/CVE-2019-19634.md b/2019/CVE-2019-19634.md index 505f92582..cb9b83188 100644 --- a/2019/CVE-2019-19634.md +++ b/2019/CVE-2019-19634.md @@ -20,6 +20,7 @@ class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2019/CVE-2019-19781.md b/2019/CVE-2019-19781.md index 9f996ba36..d10922a81 100644 --- a/2019/CVE-2019-19781.md +++ b/2019/CVE-2019-19781.md @@ -77,6 +77,7 @@ An issue was discovered in Citrix Application Delivery Controller (ADC) and Gate - https://github.com/StarCrossPortal/scalpel - https://github.com/Staubgeborener/stars - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Underwood12/CVE-2019-19782 - https://github.com/VDISEC/CVE-2019-19871-AuditGuide - https://github.com/VladRico/CVE-2019-19781 diff --git a/2019/CVE-2019-19844.md b/2019/CVE-2019-19844.md index 5fa757a04..9c2dbf21a 100644 --- a/2019/CVE-2019-19844.md +++ b/2019/CVE-2019-19844.md @@ -25,6 +25,7 @@ Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account tak - https://github.com/Mohzeela/external-secret - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Pad0y/Django2_dailyfresh +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/andripwn/django_cve201919844 diff --git a/2019/CVE-2019-19882.md b/2019/CVE-2019-19882.md index 69c184b49..27394f990 100644 --- a/2019/CVE-2019-19882.md +++ b/2019/CVE-2019-19882.md @@ -21,4 +21,5 @@ No PoCs from references. - https://github.com/fokypoky/places-list - https://github.com/garethr/snykout - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2019/CVE-2019-20215.md b/2019/CVE-2019-20215.md index 46eb70cb2..0d9f1281e 100644 --- a/2019/CVE-2019-20215.md +++ b/2019/CVE-2019-20215.md @@ -19,6 +19,7 @@ D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2019/CVE-2019-2107.md b/2019/CVE-2019-2107.md index b7b3f6302..8e7c3ff13 100644 --- a/2019/CVE-2019-2107.md +++ b/2019/CVE-2019-2107.md @@ -25,6 +25,7 @@ In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds - https://github.com/GhostTroops/TOP - https://github.com/JERRY123S/all-poc - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-2725.md b/2019/CVE-2019-2725.md index f609b2da0..ea01e4400 100644 --- a/2019/CVE-2019-2725.md +++ b/2019/CVE-2019-2725.md @@ -80,6 +80,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/Soundaryakambhampati/test-6 - https://github.com/Threekiii/Awesome-POC - https://github.com/TopScrew/CVE-2019-2725 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Waseem27-art/ART-TOOLKIT - https://github.com/Weik1/Artillery - https://github.com/WingsSec/Meppo @@ -134,7 +135,9 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/jiangsir404/POC-S - https://github.com/jiansiting/CVE-2019-2725 - https://github.com/jweny/pocassistdb +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon +- https://github.com/k8gege/PowerLadon - https://github.com/kdandy/pentest_tools - https://github.com/kenuoseclab/Weblogic-scan - https://github.com/kerlingcode/CVE-2019-2725 @@ -170,6 +173,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/qazbnm456/awesome-web-security - https://github.com/qi4L/WeblogicScan.go - https://github.com/r0eXpeR/redteam_vul +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/retr0-13/Pentest-Tools - https://github.com/rockmelodies/rocComExpRce diff --git a/2019/CVE-2019-2729.md b/2019/CVE-2019-2729.md index 8b8d5eaec..3f0a3362f 100644 --- a/2019/CVE-2019-2729.md +++ b/2019/CVE-2019-2729.md @@ -71,6 +71,7 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - https://github.com/pwnagelabs/VEF - https://github.com/qi4L/WeblogicScan.go - https://github.com/qianxiao996/FrameScan +- https://github.com/rabbitmask/WeblogicScan - https://github.com/rabbitmask/WeblogicScanLot - https://github.com/rockmelodies/rocComExpRce - https://github.com/ruthlezs/CVE-2019-2729-Exploit diff --git a/2019/CVE-2019-2890.md b/2019/CVE-2019-2890.md index 20e34ce0c..b13d0cee9 100644 --- a/2019/CVE-2019-2890.md +++ b/2019/CVE-2019-2890.md @@ -72,6 +72,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/pjgmonteiro/Pentest-tools - https://github.com/qazbnm456/awesome-cve-poc - https://github.com/qi4L/WeblogicScan.go +- https://github.com/rabbitmask/WeblogicScan - https://github.com/readloud/Awesome-Stars - https://github.com/retr0-13/Pentest-Tools - https://github.com/severnake/Pentest-Tools diff --git a/2019/CVE-2019-7580.md b/2019/CVE-2019-7580.md index 943842b5d..8aa5bad76 100644 --- a/2019/CVE-2019-7580.md +++ b/2019/CVE-2019-7580.md @@ -21,6 +21,7 @@ ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via th - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/Shenkongyin/CUC-2023 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2019/CVE-2019-7609.md b/2019/CVE-2019-7609.md index 75b7c1f44..1db1dc92b 100644 --- a/2019/CVE-2019-7609.md +++ b/2019/CVE-2019-7609.md @@ -40,6 +40,7 @@ Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2019 diff --git a/2019/CVE-2019-8286.md b/2019/CVE-2019-8286.md index 5bdea4266..492f1b59a 100644 --- a/2019/CVE-2019-8286.md +++ b/2019/CVE-2019-8286.md @@ -13,5 +13,5 @@ Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kas - https://support.kaspersky.com/general/vulnerability.aspx?el=12430#110719 #### Github -No PoCs found on GitHub currently. +- https://github.com/ffffffff0x/Digital-Privacy diff --git a/2019/CVE-2019-8341.md b/2019/CVE-2019-8341.md index 104723338..ee76d7806 100644 --- a/2019/CVE-2019-8341.md +++ b/2019/CVE-2019-8341.md @@ -16,4 +16,5 @@ - https://github.com/ARPSyndicate/cvemon - https://github.com/TesterCC/exp_poc_library - https://github.com/adindrabkin/llama_facts +- https://github.com/vin01/bogus-cves diff --git a/2019/CVE-2019-9004.md b/2019/CVE-2019-9004.md index 2142a40e0..bf6c7cebd 100644 --- a/2019/CVE-2019-9004.md +++ b/2019/CVE-2019-9004.md @@ -14,6 +14,7 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Samsung/cotopaxi - https://github.com/ThingzDefense/IoT-Flock - https://github.com/eclipse-wakaama/wakaama - https://github.com/eclipse/wakaama diff --git a/2019/CVE-2019-9506.md b/2019/CVE-2019-9506.md index 28b09bfd0..cff77776e 100644 --- a/2019/CVE-2019-9506.md +++ b/2019/CVE-2019-9506.md @@ -24,6 +24,7 @@ The Bluetooth BR/EDR specification up to and including version 5.1 permits suffi - https://github.com/engn33r/awesome-bluetooth-security - https://github.com/francozappa/knob - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/sgxgsx/BlueToolkit - https://github.com/u10427687/bluetooth-KNOB - https://github.com/winterheart/broadcom-bt-firmware diff --git a/2019/CVE-2019-9621.md b/2019/CVE-2019-9621.md index ee372b132..75b5059f0 100644 --- a/2019/CVE-2019-9621.md +++ b/2019/CVE-2019-9621.md @@ -23,6 +23,7 @@ Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, an - https://github.com/anquanscan/sec-tools - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub +- https://github.com/k8gege/PowerLadon - https://github.com/k8gege/ZimbraExploit - https://github.com/nth347/Zimbra-RCE-exploit diff --git a/2019/CVE-2019-9747.md b/2019/CVE-2019-9747.md new file mode 100644 index 000000000..d98650815 --- /dev/null +++ b/2019/CVE-2019-9747.md @@ -0,0 +1,17 @@ +### [CVE-2019-9747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9747) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multicast DNS) packet triggers an infinite loop while parsing an mDNS query. When mDNS compressed labels point to each other, the function uncompress_nlabel goes into an infinite loop trying to analyze the packet with an mDNS query. As a result, the mDNS server hangs after receiving the malicious mDNS packet. NOTE: the product's web site states "This project is un-maintained, and has been since 2013. ... There are known vulnerabilities ... You are advised to NOT use this library for any new projects / products." + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2019/CVE-2019-9749.md b/2019/CVE-2019-9749.md new file mode 100644 index 000000000..b820161ab --- /dev/null +++ b/2019/CVE-2019-9749.md @@ -0,0 +1,17 @@ +### [CVE-2019-9749](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9749) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin acts as an MQTT broker (server), it mishandles incoming network messages. After processing a crafted packet, the plugin's mqtt_packet_drop function (in /plugins/in_mqtt/mqtt_prot.c) executes the memmove() function with a negative size parameter. That leads to a crash of the whole Fluent Bit server via a SIGSEGV signal. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2019/CVE-2019-9750.md b/2019/CVE-2019-9750.md new file mode 100644 index 000000000..7bc2e0e5f --- /dev/null +++ b/2019/CVE-2019-9750.md @@ -0,0 +1,17 @@ +### [CVE-2019-9750](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9750) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a "4.01 Unauthorized" response is mishandled. NOTE: the vendor states "While this is an interesting attack, there is no plan for maintainer to fix, as we are migrating to IoTivity Lite." + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2019/CVE-2019-9928.md b/2019/CVE-2019-9928.md new file mode 100644 index 000000000..19a8d1c52 --- /dev/null +++ b/2019/CVE-2019-9928.md @@ -0,0 +1,17 @@ +### [CVE-2019-9928](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9928) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/Samsung/cotopaxi + diff --git a/2020/CVE-2020-0554.md b/2020/CVE-2020-0554.md index 0bd7a1921..7908ffd74 100644 --- a/2020/CVE-2020-0554.md +++ b/2020/CVE-2020-0554.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/apachecn-archive/Middleware-Vulnerability-detection diff --git a/2020/CVE-2020-0601.md b/2020/CVE-2020-0601.md index e6e3296f9..664d243e8 100644 --- a/2020/CVE-2020-0601.md +++ b/2020/CVE-2020-0601.md @@ -71,6 +71,7 @@ A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) valid - https://github.com/ShayNehmad/twoplustwo - https://github.com/SherlockSec/CVE-2020-0601 - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Yamato-Security/EnableWindowsLogSettings - https://github.com/YoannDqr/CVE-2020-0601 diff --git a/2020/CVE-2020-0609.md b/2020/CVE-2020-0609.md index e2e9fa52f..84ebbdd77 100644 --- a/2020/CVE-2020-0609.md +++ b/2020/CVE-2020-0609.md @@ -29,6 +29,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Sh0ckFR/Infosec-Useful-Stuff - https://github.com/SofianeHamlaoui/Conti-Clear +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-0610.md b/2020/CVE-2020-0610.md index 77d06e904..1f6a5324d 100644 --- a/2020/CVE-2020-0610.md +++ b/2020/CVE-2020-0610.md @@ -27,6 +27,7 @@ No PoCs from references. - https://github.com/MalwareTech/RDGScanner - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Sh0ckFR/Infosec-Useful-Stuff +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-0618.md b/2020/CVE-2020-0618.md index 058274b2f..2a9f22ad3 100644 --- a/2020/CVE-2020-0618.md +++ b/2020/CVE-2020-0618.md @@ -40,6 +40,7 @@ A remote code execution vulnerability exists in Microsoft SQL Server Reporting S - https://github.com/Saidul-M-Khan/PENTESTING-BIBLE - https://github.com/SexyBeast233/SecBooks - https://github.com/SohelParashar/.Net-Deserialization-Cheat-Sheet +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/apachecn-archive/Middleware-Vulnerability-detection diff --git a/2020/CVE-2020-0668.md b/2020/CVE-2020-0668.md index 7871fd849..8d17ad94e 100644 --- a/2020/CVE-2020-0668.md +++ b/2020/CVE-2020-0668.md @@ -39,6 +39,7 @@ An elevation of privilege vulnerability exists in the way that the Windows Kerne - https://github.com/Nan3r/CVE-2020-0668 - https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame - https://github.com/RedCursorSecurityConsulting/CVE-2020-0668 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Wh04m1001/CVE-2023-29343 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-0674.md b/2020/CVE-2020-0674.md index 3f1719b12..a0775d898 100644 --- a/2020/CVE-2020-0674.md +++ b/2020/CVE-2020-0674.md @@ -42,6 +42,7 @@ A remote code execution vulnerability exists in the way that the scripting engin - https://github.com/Neko-chanQwQ/CVE-2020-0674-PoC - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-0683.md b/2020/CVE-2020-0683.md index 4c752dd86..80beccc91 100644 --- a/2020/CVE-2020-0683.md +++ b/2020/CVE-2020-0683.md @@ -47,6 +47,7 @@ An elevation of privilege vulnerability exists in the Windows Installer when MSI - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-0688.md b/2020/CVE-2020-0688.md index 73fd838ff..e1bea8ac8 100644 --- a/2020/CVE-2020-0688.md +++ b/2020/CVE-2020-0688.md @@ -68,6 +68,7 @@ A remote code execution vulnerability exists in Microsoft Exchange software when - https://github.com/ShawnDEvans/smbmap - https://github.com/SofianeHamlaoui/Conti-Clear - https://github.com/TheKickPuncher/CVE-2020-0688-Python3 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/ViperXSecurity/OpenResearch - https://github.com/W01fh4cker/CVE-2020-0688-GUI - https://github.com/Waseem27-art/ART-TOOLKIT diff --git a/2020/CVE-2020-0728.md b/2020/CVE-2020-0728.md index 659683a7e..c6f0db647 100644 --- a/2020/CVE-2020-0728.md +++ b/2020/CVE-2020-0728.md @@ -30,6 +30,7 @@ An information vulnerability exists when Windows Modules Installer Service impro - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-0767.md b/2020/CVE-2020-0767.md index acd6825ed..375fd3862 100644 --- a/2020/CVE-2020-0767.md +++ b/2020/CVE-2020-0767.md @@ -41,6 +41,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-0787.md b/2020/CVE-2020-0787.md index 62f281986..7d7a8eb53 100644 --- a/2020/CVE-2020-0787.md +++ b/2020/CVE-2020-0787.md @@ -48,6 +48,7 @@ An elevation of privilege vulnerability exists when the Windows Background Intel - https://github.com/SexurityAnalyst/WinPwn - https://github.com/SexyBeast233/SecBooks - https://github.com/SofianeHamlaoui/Conti-Clear +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/albinjoshy03/windows-kernel-exploits diff --git a/2020/CVE-2020-0796.md b/2020/CVE-2020-0796.md index b8658309a..1ffc6d7d6 100644 --- a/2020/CVE-2020-0796.md +++ b/2020/CVE-2020-0796.md @@ -148,6 +148,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/Threekiii/Awesome-POC - https://github.com/TinToSer/CVE-2020-0796-LPE - https://github.com/TinToSer/cve2020-0796 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/UraSecTeam/smbee - https://github.com/WinMin/Protocol-Vul - https://github.com/YIXINSHUWU/Penetration_Testing_POC @@ -243,6 +244,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - https://github.com/jweny/pocassistdb - https://github.com/k0imet/CVE-POCs - https://github.com/k4t3pro/SMBGhost +- https://github.com/k8gege/Aggressor - https://github.com/k8gege/Ladon - https://github.com/k8gege/PyLadon - https://github.com/kdandy/WinPwn diff --git a/2020/CVE-2020-10134.md b/2020/CVE-2020-10134.md index b77d70cd0..102d1c4ee 100644 --- a/2020/CVE-2020-10134.md +++ b/2020/CVE-2020-10134.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-10135.md b/2020/CVE-2020-10135.md index 203e9e583..db9438e61 100644 --- a/2020/CVE-2020-10135.md +++ b/2020/CVE-2020-10135.md @@ -26,6 +26,7 @@ Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/marcinguy/CVE-2020-10135-BIAS - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/sgxgsx/BlueToolkit - https://github.com/soosmile/POC - https://github.com/winterheart/broadcom-bt-firmware diff --git a/2020/CVE-2020-10189.md b/2020/CVE-2020-10189.md index 5c3474cb3..9d8eebe29 100644 --- a/2020/CVE-2020-10189.md +++ b/2020/CVE-2020-10189.md @@ -35,6 +35,7 @@ Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution b - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/XRSec/AWVS14-Update - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC diff --git a/2020/CVE-2020-10199.md b/2020/CVE-2020-10199.md index 6e08432ae..671f073fb 100644 --- a/2020/CVE-2020-10199.md +++ b/2020/CVE-2020-10199.md @@ -45,6 +45,7 @@ Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/aleenzz/CVE-2020-10199 diff --git a/2020/CVE-2020-10204.md b/2020/CVE-2020-10204.md index 1193a7945..53ee228cf 100644 --- a/2020/CVE-2020-10204.md +++ b/2020/CVE-2020-10204.md @@ -39,6 +39,7 @@ Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/apachecn-archive/Middleware-Vulnerability-detection diff --git a/2020/CVE-2020-10238.md b/2020/CVE-2020-10238.md index ab95b660c..9094a038d 100644 --- a/2020/CVE-2020-10238.md +++ b/2020/CVE-2020-10238.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/HoangKien1020/CVE-2020-10238 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-10239.md b/2020/CVE-2020-10239.md index a66b55534..7fd6073f0 100644 --- a/2020/CVE-2020-10239.md +++ b/2020/CVE-2020-10239.md @@ -20,6 +20,7 @@ No PoCs from references. - https://github.com/HoangKien1020/CVE-2020-10238 - https://github.com/HoangKien1020/CVE-2020-10239 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-1048.md b/2020/CVE-2020-1048.md index 2114e355b..d0d8c59c8 100644 --- a/2020/CVE-2020-1048.md +++ b/2020/CVE-2020-1048.md @@ -40,6 +40,7 @@ An elevation of privilege vulnerability exists when the Windows Print Spooler se - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SafeBreach-Labs/Spooler - https://github.com/ScioShield/sibyl-gpt +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/VoidSec/CVE-2020-1337 - https://github.com/Y3A/cve-2020-1048 - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-1054.md b/2020/CVE-2020-1054.md index 89cf65fba..c9c35151e 100644 --- a/2020/CVE-2020-1054.md +++ b/2020/CVE-2020-1054.md @@ -46,6 +46,7 @@ An elevation of privilege vulnerability exists in Windows when the Windows kerne - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks - https://github.com/TamilHackz/windows-exploitation +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 @@ -62,6 +63,7 @@ An elevation of privilege vulnerability exists in Windows when the Windows kerne - https://github.com/password520/Penetration_PoC - https://github.com/soosmile/POC - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC- +- https://github.com/xonoxitron/INE-eJPT-Certification-Exam-Notes-Cheat-Sheet - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/ycdxsb/Exploits - https://github.com/ycdxsb/WindowsPrivilegeEscalation diff --git a/2020/CVE-2020-1066.md b/2020/CVE-2020-1066.md index c153dcf8e..84da615e2 100644 --- a/2020/CVE-2020-1066.md +++ b/2020/CVE-2020-1066.md @@ -27,6 +27,7 @@ No PoCs from references. - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cbwang505/CVE-2020-1066-EXP diff --git a/2020/CVE-2020-10673.md b/2020/CVE-2020-10673.md index d98c8038e..3e89529e1 100644 --- a/2020/CVE-2020-10673.md +++ b/2020/CVE-2020-10673.md @@ -28,6 +28,7 @@ FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-10713.md b/2020/CVE-2020-10713.md index ae0ef248b..cc51b1232 100644 --- a/2020/CVE-2020-10713.md +++ b/2020/CVE-2020-10713.md @@ -25,6 +25,7 @@ A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NaverCloudPlatform/shim-review - https://github.com/Rodrigo-NR/shim-review +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/YeongSeokLee/shim-review - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-10749.md b/2020/CVE-2020-10749.md index da326e1f3..990b5afa1 100644 --- a/2020/CVE-2020-10749.md +++ b/2020/CVE-2020-10749.md @@ -22,6 +22,7 @@ No PoCs from references. - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/knqyf263/CVE-2020-10749 +- https://github.com/magnologan/awesome-k8s-security - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/soosmile/POC diff --git a/2020/CVE-2020-1088.md b/2020/CVE-2020-1088.md index 31f02b3a2..cfc0c7fb2 100644 --- a/2020/CVE-2020-1088.md +++ b/2020/CVE-2020-1088.md @@ -27,6 +27,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-11154.md b/2020/CVE-2020-11154.md index 07bb42c8b..55449c55e 100644 --- a/2020/CVE-2020-11154.md +++ b/2020/CVE-2020-11154.md @@ -14,4 +14,5 @@ u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to #### Github - https://github.com/TinyNiko/android_bulletin_notes +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-11155.md b/2020/CVE-2020-11155.md index 9f6813c21..105d77948 100644 --- a/2020/CVE-2020-11155.md +++ b/2020/CVE-2020-11155.md @@ -14,4 +14,5 @@ u'Buffer overflow while processing PDU packet in bluetooth due to lack of check #### Github - https://github.com/TinyNiko/android_bulletin_notes +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-11156.md b/2020/CVE-2020-11156.md index 4780536b3..841859b38 100644 --- a/2020/CVE-2020-11156.md +++ b/2020/CVE-2020-11156.md @@ -14,4 +14,5 @@ u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid le #### Github - https://github.com/TinyNiko/android_bulletin_notes +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-11651.md b/2020/CVE-2020-11651.md index c41fe8847..8806ea75a 100644 --- a/2020/CVE-2020-11651.md +++ b/2020/CVE-2020-11651.md @@ -47,6 +47,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC @@ -61,6 +62,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/dozernz/cve-2020-11651 - https://github.com/dwoz/salt-rekey - https://github.com/fanjq99/CVE-2020-11652 +- https://github.com/ffffffff0x/Dork-Admin - https://github.com/fofapro/vulfocus - https://github.com/gobysec/Goby - https://github.com/hardsoftsecurity/CVE-2020-11651-PoC diff --git a/2020/CVE-2020-11652.md b/2020/CVE-2020-11652.md index 81a682517..1bcbd7acf 100644 --- a/2020/CVE-2020-11652.md +++ b/2020/CVE-2020-11652.md @@ -36,6 +36,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/apachecn-archive/Middleware-Vulnerability-detection @@ -47,6 +48,7 @@ An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dwoz/salt-rekey - https://github.com/fanjq99/CVE-2020-11652 +- https://github.com/ffffffff0x/Dork-Admin - https://github.com/fofapro/vulfocus - https://github.com/hardsoftsecurity/CVE-2020-11651-PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-11890.md b/2020/CVE-2020-11890.md index c8cd1e1ec..0b118515b 100644 --- a/2020/CVE-2020-11890.md +++ b/2020/CVE-2020-11890.md @@ -21,6 +21,7 @@ No PoCs from references. - https://github.com/HoangKien1020/CVE-2020-11890 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-11996.md b/2020/CVE-2020-11996.md index d6b635fb8..90f5b6cc4 100644 --- a/2020/CVE-2020-11996.md +++ b/2020/CVE-2020-11996.md @@ -18,6 +18,7 @@ A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 - https://github.com/ARPSyndicate/cvemon - https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/dromara/J2EEFAST - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996 diff --git a/2020/CVE-2020-12351.md b/2020/CVE-2020-12351.md index aabf2b965..5d8711893 100644 --- a/2020/CVE-2020-12351.md +++ b/2020/CVE-2020-12351.md @@ -38,6 +38,7 @@ Improper input validation in BlueZ may allow an unauthenticated user to potentia - https://github.com/ndk191/linux-kernel-exploitation - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/sereok3/buffer-overflow-writeups +- https://github.com/sgxgsx/BlueToolkit - https://github.com/shannonmullins/hopp - https://github.com/soosmile/POC - https://github.com/ssr-111/linux-kernel-exploitation diff --git a/2020/CVE-2020-12352.md b/2020/CVE-2020-12352.md index bc1532d18..de02cc6cc 100644 --- a/2020/CVE-2020-12352.md +++ b/2020/CVE-2020-12352.md @@ -35,6 +35,7 @@ Improper access control in BlueZ may allow an unauthenticated user to potentiall - https://github.com/khanhnd123/linux-kernel-exploitation - https://github.com/knd06/linux-kernel-exploitation - https://github.com/ndk191/linux-kernel-exploitation +- https://github.com/sgxgsx/BlueToolkit - https://github.com/shannonmullins/hopp - https://github.com/ssr-111/linux-kernel-exploitation - https://github.com/xairy/linux-kernel-exploitation diff --git a/2020/CVE-2020-12695.md b/2020/CVE-2020-12695.md index 08243f424..2ecfd568f 100644 --- a/2020/CVE-2020-12695.md +++ b/2020/CVE-2020-12695.md @@ -25,6 +25,7 @@ The Open Connectivity Foundation UPnP specification before 2020-04-17 does not f - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/WinMin/Protocol-Vul - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-12753.md b/2020/CVE-2020-12753.md index 25af34148..1751d828b 100644 --- a/2020/CVE-2020-12753.md +++ b/2020/CVE-2020-12753.md @@ -20,6 +20,7 @@ An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, a - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-1281.md b/2020/CVE-2020-1281.md index fce430580..d1ed19748 100644 --- a/2020/CVE-2020-1281.md +++ b/2020/CVE-2020-1281.md @@ -31,6 +31,7 @@ A remote code execution vulnerability exists when Microsoft Windows OLE fails to - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-1313.md b/2020/CVE-2020-1313.md index c31fdf90c..ddada6dcf 100644 --- a/2020/CVE-2020-1313.md +++ b/2020/CVE-2020-1313.md @@ -33,6 +33,7 @@ An elevation of privilege vulnerability exists when the Windows Update Orchestra - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-1337.md b/2020/CVE-2020-1337.md index 497e54b0b..fb7bd56c4 100644 --- a/2020/CVE-2020-1337.md +++ b/2020/CVE-2020-1337.md @@ -59,6 +59,7 @@ An elevation of privilege vulnerability exists when the Windows Print Spooler se - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SafeBreach-Labs/Spooler - https://github.com/ScioShield/sibyl-gpt +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/VoidSec/CVE-2020-1337 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-1350.md b/2020/CVE-2020-1350.md index 128aa2702..d34368f27 100644 --- a/2020/CVE-2020-1350.md +++ b/2020/CVE-2020-1350.md @@ -39,6 +39,7 @@ A remote code execution vulnerability exists in Windows Domain Name System serve - https://github.com/T13nn3s/CVE-2020-1350 - https://github.com/TheCyberViking/Insider_Threat_Bait - https://github.com/TrinityCryptx/OSCP-Resources +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/WinMin/Protocol-Vul - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-1362.md b/2020/CVE-2020-1362.md index 770ec1a12..ce6d988ee 100644 --- a/2020/CVE-2020-1362.md +++ b/2020/CVE-2020-1362.md @@ -38,6 +38,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/Q4n/CVE-2020-1362 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-14181.md b/2020/CVE-2020-14181.md index eb244e9ac..0fbe6ef8d 100644 --- a/2020/CVE-2020-14181.md +++ b/2020/CVE-2020-14181.md @@ -44,6 +44,7 @@ Affected versions of Atlassian Jira Server and Data Center allow an unauthentica - https://github.com/merlinepedra/nuclei-templates - https://github.com/merlinepedra25/nuclei-templates - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2020/CVE-2020-14644.md b/2020/CVE-2020-14644.md index 5dfdfff52..9a0959ac7 100644 --- a/2020/CVE-2020-14644.md +++ b/2020/CVE-2020-14644.md @@ -26,6 +26,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-14645.md b/2020/CVE-2020-14645.md index 906d4fffa..0a0ec9565 100644 --- a/2020/CVE-2020-14645.md +++ b/2020/CVE-2020-14645.md @@ -31,6 +31,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/Schira4396/CVE-2020-14645 - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Y4er/CVE-2020-14645 - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-1472.md b/2020/CVE-2020-1472.md index 3b27c8f20..93e914728 100644 --- a/2020/CVE-2020-1472.md +++ b/2020/CVE-2020-1472.md @@ -68,6 +68,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/Austin-Src/CVE-Checker - https://github.com/Awrrays/Pentest-Tips - https://github.com/B-nD/report +- https://github.com/B34MR/zeroscan - https://github.com/BC-SECURITY/Invoke-ZeroLogon - https://github.com/CPO-EH/CVE-2020-1472_ZeroLogonChecker - https://github.com/CPO-EH/SharpZeroLogon @@ -377,6 +378,7 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - https://github.com/zareefrj/ZeroLogon - https://github.com/zer010bs/zeroscan - https://github.com/zeronetworks/zerologon +- https://github.com/zflemingg1/AM0N-Eye - https://github.com/zha0/CVE-2020-1474 - https://github.com/zha0/WeaponizeKali.sh - https://github.com/zizzs3228/PENTEST diff --git a/2020/CVE-2020-14882.md b/2020/CVE-2020-14882.md index d92ba9aa6..6757ac24b 100644 --- a/2020/CVE-2020-14882.md +++ b/2020/CVE-2020-14882.md @@ -55,6 +55,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/MacAsure/WL_Scan_GO - https://github.com/Manor99/CVE-2020-14882- - https://github.com/MicahFleming/Risk-Assessment-Cap-Stone- +- https://github.com/MichaelKoczwara/Awesome-CobaltStrike-Defence - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/N0Coriander/CVE-2020-14882-14883 - https://github.com/NS-Sp4ce/CVE-2020-14882 @@ -178,6 +179,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/xinyisleep/pocscan - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/yaklang/vulinone +- https://github.com/yhy0/ExpDemo-JavaFX - https://github.com/yichensec/Bug_writer - https://github.com/yyzsec/2021SecWinterTask - https://github.com/zer0yu/Awesome-CobaltStrike diff --git a/2020/CVE-2020-15257.md b/2020/CVE-2020-15257.md index 00fda5177..6e37bffd7 100644 --- a/2020/CVE-2020-15257.md +++ b/2020/CVE-2020-15257.md @@ -30,6 +30,7 @@ No PoCs from references. - https://github.com/brant-ruan/awesome-container-escape - https://github.com/cdk-team/CDK - https://github.com/developer3000S/PoC-in-GitHub +- https://github.com/eriksjolund/podman-networking-docs - https://github.com/h4ckm310n/Container-Vulnerability-Exploit - https://github.com/hktalent/bug-bounty - https://github.com/iridium-soda/container-escape-exploits diff --git a/2020/CVE-2020-15531.md b/2020/CVE-2020-15531.md index 1a2be41da..049183ddd 100644 --- a/2020/CVE-2020-15531.md +++ b/2020/CVE-2020-15531.md @@ -14,5 +14,5 @@ Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overflow via pa - https://www.youtube.com/watch?v=saoTr1NwdzM #### Github -No PoCs found on GitHub currently. +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-15719.md b/2020/CVE-2020-15719.md index ac41d34b0..2575ddb4f 100644 --- a/2020/CVE-2020-15719.md +++ b/2020/CVE-2020-15719.md @@ -16,4 +16,5 @@ libldap in certain third-party OpenLDAP packages has a certificate-validation fl #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/cyr3con-ai/cyRating-check-k8s-webhook +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2020/CVE-2020-15778.md b/2020/CVE-2020-15778.md index 07b44b326..d61d21893 100644 --- a/2020/CVE-2020-15778.md +++ b/2020/CVE-2020-15778.md @@ -33,6 +33,7 @@ No PoCs from references. - https://github.com/TarikVUT/secure-fedora38 - https://github.com/Threekiii/Awesome-POC - https://github.com/Totes5706/TotesHTB +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network diff --git a/2020/CVE-2020-15802.md b/2020/CVE-2020-15802.md index 81b091c2b..dd2b44b09 100644 --- a/2020/CVE-2020-15802.md +++ b/2020/CVE-2020-15802.md @@ -24,4 +24,5 @@ No PoCs from references. - https://github.com/engn33r/awesome-bluetooth-security - https://github.com/francozappa/blur - https://github.com/goblimey/learn-unix +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-16040.md b/2020/CVE-2020-16040.md index 89cd4881c..d70ed68aa 100644 --- a/2020/CVE-2020-16040.md +++ b/2020/CVE-2020-16040.md @@ -29,5 +29,6 @@ Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowe - https://github.com/ret2eax/exploits - https://github.com/ret2eax/ret2eax - https://github.com/singularseclab/Browser_Exploits +- https://github.com/tanjiti/sec_profile - https://github.com/yuvaly0/exploits diff --git a/2020/CVE-2020-1938.md b/2020/CVE-2020-1938.md index 14221bf50..3f9add2d3 100644 --- a/2020/CVE-2020-1938.md +++ b/2020/CVE-2020-1938.md @@ -79,6 +79,7 @@ When using the Apache JServ Protocol (AJP), care must be taken when trusting inc - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Awesome-Redteam - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Umesh2807/Ghostcat - https://github.com/Warelock/cve-2020-1938 - https://github.com/Waseem27-art/ART-TOOLKIT diff --git a/2020/CVE-2020-1947.md b/2020/CVE-2020-1947.md index 9e7638492..e8ef53ed8 100644 --- a/2020/CVE-2020-1947.md +++ b/2020/CVE-2020-1947.md @@ -31,6 +31,7 @@ No PoCs from references. - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks - https://github.com/StarkChristmas/CVE-2020-1947 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-1948.md b/2020/CVE-2020-1948.md index 57ed4fc53..925f8ca35 100644 --- a/2020/CVE-2020-1948.md +++ b/2020/CVE-2020-1948.md @@ -30,6 +30,7 @@ No PoCs from references. - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Whoopsunix/PPPRASP - https://github.com/Whoopsunix/PPPVULNS - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-24490.md b/2020/CVE-2020-24490.md index e605ba0d8..b3740ff88 100644 --- a/2020/CVE-2020-24490.md +++ b/2020/CVE-2020-24490.md @@ -35,6 +35,7 @@ No PoCs from references. - https://github.com/ndk191/linux-kernel-exploitation - https://github.com/oscomp/proj283-Automated-Security-Testing-of-Protocol-Stacks-in-OS-kernels - https://github.com/sereok3/buffer-overflow-writeups +- https://github.com/sgxgsx/BlueToolkit - https://github.com/shannonmullins/hopp - https://github.com/ssr-111/linux-kernel-exploitation - https://github.com/xairy/linux-kernel-exploitation diff --git a/2020/CVE-2020-25078.md b/2020/CVE-2020-25078.md index 020ad7a7f..b93ae9896 100644 --- a/2020/CVE-2020-25078.md +++ b/2020/CVE-2020-25078.md @@ -47,6 +47,7 @@ No PoCs from references. - https://github.com/jorhelp/Ingram - https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2020/CVE-2020-2546.md b/2020/CVE-2020-2546.md index 663935616..1658b9275 100644 --- a/2020/CVE-2020-2546.md +++ b/2020/CVE-2020-2546.md @@ -29,6 +29,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/Live-Hack-CVE/CVE-2020-2884 - https://github.com/Live-Hack-CVE/CVE-2020-2915 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-2551.md b/2020/CVE-2020-2551.md index d4392f568..821343ca7 100644 --- a/2020/CVE-2020-2551.md +++ b/2020/CVE-2020-2551.md @@ -70,6 +70,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/SummerSec/BlogPapers - https://github.com/SummerSec/BlogParpers - https://github.com/TacticsTeam/sg_ysoserial +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Waseem27-art/ART-TOOLKIT - https://github.com/Weik1/Artillery - https://github.com/WhiteHSBG/JNDIExploit diff --git a/2020/CVE-2020-2555.md b/2020/CVE-2020-2555.md index 50071f34d..17e306414 100644 --- a/2020/CVE-2020-2555.md +++ b/2020/CVE-2020-2555.md @@ -74,6 +74,7 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo - https://github.com/R0ser1/GadgetInspector - https://github.com/SexyBeast233/SecBooks - https://github.com/TacticsTeam/sg_ysoserial +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Uvemode/CVE-2020-2555 - https://github.com/Weik1/Artillery - https://github.com/WhiteHSBG/JNDIExploit diff --git a/2020/CVE-2020-26555.md b/2020/CVE-2020-26555.md index e0a1d5028..239cdfc10 100644 --- a/2020/CVE-2020-26555.md +++ b/2020/CVE-2020-26555.md @@ -17,4 +17,5 @@ Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B th - https://github.com/Live-Hack-CVE/CVE-2020-26555 - https://github.com/engn33r/awesome-bluetooth-security - https://github.com/goblimey/learn-unix +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-26556.md b/2020/CVE-2020-26556.md index 955ab28a3..a8f04ca43 100644 --- a/2020/CVE-2020-26556.md +++ b/2020/CVE-2020-26556.md @@ -16,4 +16,5 @@ Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearb - https://github.com/ARPSyndicate/cvemon - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-26557.md b/2020/CVE-2020-26557.md index 12ca588e0..a8f7de27f 100644 --- a/2020/CVE-2020-26557.md +++ b/2020/CVE-2020-26557.md @@ -15,4 +15,5 @@ Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearb #### Github - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-26558.md b/2020/CVE-2020-26558.md index c5cfc7694..0ed97f3ee 100644 --- a/2020/CVE-2020-26558.md +++ b/2020/CVE-2020-26558.md @@ -17,4 +17,5 @@ Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 throu - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/Live-Hack-CVE/CVE-2020-26558 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-26559.md b/2020/CVE-2020-26559.md index 9f5be2b0b..475b082d7 100644 --- a/2020/CVE-2020-26559.md +++ b/2020/CVE-2020-26559.md @@ -15,4 +15,5 @@ Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may perm #### Github - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-26560.md b/2020/CVE-2020-26560.md index d4d914d28..2eacd8cbe 100644 --- a/2020/CVE-2020-26560.md +++ b/2020/CVE-2020-26560.md @@ -15,4 +15,5 @@ Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may perm #### Github - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-2696.md b/2020/CVE-2020-2696.md index 4b3f0615f..1c48bb0c3 100644 --- a/2020/CVE-2020-2696.md +++ b/2020/CVE-2020-2696.md @@ -24,6 +24,7 @@ Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common - https://github.com/EchoGin404/gongkaishouji - https://github.com/Live-Hack-CVE/CVE-2020-2696 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-2798.md b/2020/CVE-2020-2798.md index 11720355e..192aefd63 100644 --- a/2020/CVE-2020-2798.md +++ b/2020/CVE-2020-2798.md @@ -25,6 +25,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/JERRY123S/all-poc - https://github.com/Live-Hack-CVE/CVE-2020-2798 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-2801.md b/2020/CVE-2020-2801.md index e95ada135..b5d2acbfb 100644 --- a/2020/CVE-2020-2801.md +++ b/2020/CVE-2020-2801.md @@ -24,6 +24,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/JERRY123S/all-poc - https://github.com/Live-Hack-CVE/CVE-2020-2801 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-2883.md b/2020/CVE-2020-2883.md index 561f6be67..ada27d438 100644 --- a/2020/CVE-2020-2883.md +++ b/2020/CVE-2020-2883.md @@ -58,6 +58,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/Qynklee/POC_CVE-2020-2883 - https://github.com/SexyBeast233/SecBooks - https://github.com/Shadowven/Vulnerability_Reproduction +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Weik1/Artillery - https://github.com/WhiteHSBG/JNDIExploit - https://github.com/Y4er/CVE-2020-2883 diff --git a/2020/CVE-2020-2884.md b/2020/CVE-2020-2884.md index 1b8c86a84..ae9c40056 100644 --- a/2020/CVE-2020-2884.md +++ b/2020/CVE-2020-2884.md @@ -25,6 +25,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - https://github.com/JERRY123S/all-poc - https://github.com/Live-Hack-CVE/CVE-2020-2884 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-2915.md b/2020/CVE-2020-2915.md index fdbe93e2e..11b80cba4 100644 --- a/2020/CVE-2020-2915.md +++ b/2020/CVE-2020-2915.md @@ -24,6 +24,7 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo - https://github.com/JERRY123S/all-poc - https://github.com/Live-Hack-CVE/CVE-2020-2915 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-2950.md b/2020/CVE-2020-2950.md index b4ee3c6a9..35eaf08dc 100644 --- a/2020/CVE-2020-2950.md +++ b/2020/CVE-2020-2950.md @@ -27,6 +27,7 @@ Vulnerability in the Oracle Business Intelligence Enterprise Edition product of - https://github.com/JERRY123S/all-poc - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/cyberanand1337x/bug-bounty-2022 diff --git a/2020/CVE-2020-3452.md b/2020/CVE-2020-3452.md index 68e165bf8..c202cc3d6 100644 --- a/2020/CVE-2020-3452.md +++ b/2020/CVE-2020-3452.md @@ -63,6 +63,7 @@ A vulnerability in the web services interface of Cisco Adaptive Security Applian - https://github.com/SexyBeast233/SecBooks - https://github.com/SouthWind0/southwind0.github.io - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Veids/CVE-2020-3452_auto - https://github.com/XDev05/CVE-2020-3452-PoC - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-3543.md b/2020/CVE-2020-3543.md new file mode 100644 index 000000000..361b659f4 --- /dev/null +++ b/2020/CVE-2020-3543.md @@ -0,0 +1,17 @@ +### [CVE-2020-3543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3543) +![](https://img.shields.io/static/v1?label=Product&message=Cisco%20Video%20Surveillance%208000%20Series%20IP%20Cameras%20&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400&color=brighgreen) + +### Description + +A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of certain Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending certain Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to cause the affected device to continuously consume memory, which could cause the device to crash and reload, resulting in a DOS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2020/CVE-2020-35473.md b/2020/CVE-2020-35473.md index e0663e0e0..faaf76b3f 100644 --- a/2020/CVE-2020-35473.md +++ b/2020/CVE-2020-35473.md @@ -14,4 +14,5 @@ An information leakage vulnerability in the Bluetooth Low Energy advertisement s #### Github - https://github.com/Live-Hack-CVE/CVE-2020-35473 +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-36325.md b/2020/CVE-2020-36325.md new file mode 100644 index 000000000..940377bab --- /dev/null +++ b/2020/CVE-2020-36325.md @@ -0,0 +1,17 @@ +### [CVE-2020-36325](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36325) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** DISPUTED ** An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/testing-felickz/docker-scout-demo + diff --git a/2020/CVE-2020-3703.md b/2020/CVE-2020-3703.md index e3847efb2..ec288f144 100644 --- a/2020/CVE-2020-3703.md +++ b/2020/CVE-2020-3703.md @@ -14,4 +14,5 @@ u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check f #### Github - https://github.com/TinyNiko/android_bulletin_notes +- https://github.com/sgxgsx/BlueToolkit diff --git a/2020/CVE-2020-5245.md b/2020/CVE-2020-5245.md index 105579103..984405327 100644 --- a/2020/CVE-2020-5245.md +++ b/2020/CVE-2020-5245.md @@ -1,11 +1,11 @@ ### [CVE-2020-5245](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5245) ![](https://img.shields.io/static/v1?label=Product&message=dropwizard-validation&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.3.0%2C%20%3C%201.3.19%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-74%3A%20Improper%20Neutralization%20of%20Special%20Elements%20in%20Output%20Used%20by%20a%20Downstream%20Component%20('Injection')&color=brighgreen) ### Description -Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2. +Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature.The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2. ### POC diff --git a/2020/CVE-2020-5260.md b/2020/CVE-2020-5260.md index 1d8ecca11..5fa6e7f22 100644 --- a/2020/CVE-2020-5260.md +++ b/2020/CVE-2020-5260.md @@ -21,6 +21,7 @@ Affected versions of Git have a vulnerability whereby Git can be tricked into se - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Yutaro-B18016/Use-wslgit - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-5398.md b/2020/CVE-2020-5398.md index a8106a3c9..2d1060f22 100644 --- a/2020/CVE-2020-5398.md +++ b/2020/CVE-2020-5398.md @@ -30,6 +30,7 @@ In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1. - https://github.com/IkerSaint/VULNAPP-vulnerable-app - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/NetW0rK1le3r/awesome-hacking-lists +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/ax1sX/SpringSecurity diff --git a/2020/CVE-2020-5410.md b/2020/CVE-2020-5410.md index d82388432..2c597a522 100644 --- a/2020/CVE-2020-5410.md +++ b/2020/CVE-2020-5410.md @@ -36,6 +36,7 @@ No PoCs from references. - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-5504.md b/2020/CVE-2020-5504.md index 63ebec323..013ec62d3 100644 --- a/2020/CVE-2020-5504.md +++ b/2020/CVE-2020-5504.md @@ -19,6 +19,7 @@ In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the use - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-5509.md b/2020/CVE-2020-5509.md index 77f4a8598..953114429 100644 --- a/2020/CVE-2020-5509.md +++ b/2020/CVE-2020-5509.md @@ -22,6 +22,7 @@ PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executabl - https://github.com/EchoGin404/gongkaishouji - https://github.com/FULLSHADE/CVE-2020-5509 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-5551.md b/2020/CVE-2020-5551.md new file mode 100644 index 000000000..28e996890 --- /dev/null +++ b/2020/CVE-2020-5551.md @@ -0,0 +1,17 @@ +### [CVE-2020-5551](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5551) +![](https://img.shields.io/static/v1?label=Product&message=DCU%20(Display%20Control%20Unit)&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial-of-service%20(DoS)&color=brighgreen) + +### Description + +Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command. The affected DCUs are installed in Lexus (LC, LS, NX, RC, RC F), TOYOTA CAMRY, and TOYOTA SIENNA manufactured in the regions other than Japan from Oct. 2016 to Oct. 2019. An attacker with certain knowledge on the target vehicle control system may be able to send some diagnostic commands to ECUs with some limited availability impacts; the vendor states critical vehicle controls such as driving, turning, and stopping are not affected. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2020/CVE-2020-5902.md b/2020/CVE-2020-5902.md index 3a6588904..5a17b4da0 100644 --- a/2020/CVE-2020-5902.md +++ b/2020/CVE-2020-5902.md @@ -54,6 +54,7 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - https://github.com/CVEDB/awesome-cve-repo - https://github.com/CVEDB/top - https://github.com/CnHack3r/Penetration_PoC +- https://github.com/DinoBytes/RVASec-2024-Consumer-Routers-Still-Suck - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/ElcapitanoO7x/bugbounty-Tips @@ -100,6 +101,7 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - https://github.com/TheCyberViking/CVE-2020-5902-Vuln-Checker - https://github.com/TheCyberViking/TheCyberViking - https://github.com/Threekiii/Awesome-POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Un4gi/CVE-2020-5902 - https://github.com/Waseem27-art/ART-TOOLKIT - https://github.com/WingsSec/Meppo diff --git a/2020/CVE-2020-6286.md b/2020/CVE-2020-6286.md index 6c74d2bef..56bc6729d 100644 --- a/2020/CVE-2020-6286.md +++ b/2020/CVE-2020-6286.md @@ -25,6 +25,7 @@ No PoCs from references. - https://github.com/GhostTroops/TOP - https://github.com/JERRY123S/all-poc - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/alphaSeclab/sec-daily-2020 diff --git a/2020/CVE-2020-6287.md b/2020/CVE-2020-6287.md index db69775d8..17f9fb113 100644 --- a/2020/CVE-2020-6287.md +++ b/2020/CVE-2020-6287.md @@ -34,6 +34,7 @@ SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7. - https://github.com/Onapsis/vulnerability_advisories - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-7246.md b/2020/CVE-2020-7246.md index 2db1668fa..c481f869f 100644 --- a/2020/CVE-2020-7246.md +++ b/2020/CVE-2020-7246.md @@ -30,6 +30,7 @@ A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An a - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks - https://github.com/TobinShields/qdPM9.1_Exploit +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/arafatansari/QDPMSEC diff --git a/2020/CVE-2020-7471.md b/2020/CVE-2020-7471.md index 4ffa722a4..225f2f9d8 100644 --- a/2020/CVE-2020-7471.md +++ b/2020/CVE-2020-7471.md @@ -29,6 +29,7 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/SurfRid3r/Django_vulnerability_analysis - https://github.com/Tempuss/CTF_CVE-2020-7471 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/aeyesec/CVE-2022-34265 diff --git a/2020/CVE-2020-8163.md b/2020/CVE-2020-8163.md index aa5c3f316..2833a9594 100644 --- a/2020/CVE-2020-8163.md +++ b/2020/CVE-2020-8163.md @@ -24,6 +24,7 @@ The is a code injection vulnerability in versions of Rails prior to 5.0.1 that w - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/TK-Elliot/CVE-2020-8163 - https://github.com/TKLinux966/CVE-2020-8163 +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/aalexpereira/pipelines-tricks diff --git a/2020/CVE-2020-8193.md b/2020/CVE-2020-8193.md index 0c93ce707..612987070 100644 --- a/2020/CVE-2020-8193.md +++ b/2020/CVE-2020-8193.md @@ -34,6 +34,7 @@ Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58 - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/XRSec/AWVS14-Update - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC diff --git a/2020/CVE-2020-8558.md b/2020/CVE-2020-8558.md index 9a7b734f3..06792fa19 100644 --- a/2020/CVE-2020-8558.md +++ b/2020/CVE-2020-8558.md @@ -38,6 +38,7 @@ No PoCs from references. - https://github.com/jassics/awesome-aws-security - https://github.com/jqsl2012/TopNews - https://github.com/leveryd/leveryd +- https://github.com/magnologan/awesome-k8s-security - https://github.com/noirfate/k8s_debug - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2020/CVE-2020-8559.md b/2020/CVE-2020-8559.md index 8017082b6..39aa8105b 100644 --- a/2020/CVE-2020-8559.md +++ b/2020/CVE-2020-8559.md @@ -26,6 +26,7 @@ The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.1 - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/iakat/stars - https://github.com/katlol/stars +- https://github.com/magnologan/awesome-k8s-security - https://github.com/noirfate/k8s_debug - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/pen4uin/awesome-cloud-native-security diff --git a/2020/CVE-2020-8597.md b/2020/CVE-2020-8597.md index 5cddecdf5..18c35f670 100644 --- a/2020/CVE-2020-8597.md +++ b/2020/CVE-2020-8597.md @@ -24,6 +24,7 @@ eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the - https://github.com/JLLeitschuh/bulk-security-pr-generator - https://github.com/Juanezm/openwrt-redmi-ac2100 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/WinMin/CVE-2020-8597 - https://github.com/WinMin/Protocol-Vul - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-8634.md b/2020/CVE-2020-8634.md index a6a99915f..797e9b5bb 100644 --- a/2020/CVE-2020-8634.md +++ b/2020/CVE-2020-8634.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-8635.md b/2020/CVE-2020-8635.md index c6a00aa48..1a7fe5f7e 100644 --- a/2020/CVE-2020-8635.md +++ b/2020/CVE-2020-8635.md @@ -19,6 +19,7 @@ No PoCs from references. - https://github.com/EchoGin404/- - https://github.com/EchoGin404/gongkaishouji - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-8794.md b/2020/CVE-2020-8794.md index 3c6bff4af..e5c84bd7a 100644 --- a/2020/CVE-2020-8794.md +++ b/2020/CVE-2020-8794.md @@ -20,6 +20,7 @@ OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds - https://github.com/EchoGin404/gongkaishouji - https://github.com/Live-Hack-CVE/CVE-2020-8794 - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-8813.md b/2020/CVE-2020-8813.md index 0ecaf0984..5819be92a 100644 --- a/2020/CVE-2020-8813.md +++ b/2020/CVE-2020-8813.md @@ -28,6 +28,7 @@ graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary O - https://github.com/Live-Hack-CVE/CVE-2020-8813 - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/apachecn-archive/Middleware-Vulnerability-detection diff --git a/2020/CVE-2020-8840.md b/2020/CVE-2020-8840.md index 98aed4c06..de3603f5e 100644 --- a/2020/CVE-2020-8840.md +++ b/2020/CVE-2020-8840.md @@ -33,6 +33,7 @@ FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JN - https://github.com/OWASP/www-project-ide-vulscanner - https://github.com/PalindromeLabs/Java-Deserialization-CVEs - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/Veraxy00/CVE-2020-8840 - https://github.com/Wfzsec/FastJson1.2.62-RCE - https://github.com/YIXINSHUWU/Penetration_Testing_POC diff --git a/2020/CVE-2020-9374.md b/2020/CVE-2020-9374.md index aedfc5867..acc072932 100644 --- a/2020/CVE-2020-9374.md +++ b/2020/CVE-2020-9374.md @@ -22,6 +22,7 @@ On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerabilit - https://github.com/ElberTavares/routers-exploit - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/SexyBeast233/SecBooks +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-9376.md b/2020/CVE-2020-9376.md index f3aa44759..4d473ea74 100644 --- a/2020/CVE-2020-9376.md +++ b/2020/CVE-2020-9376.md @@ -22,6 +22,7 @@ - https://github.com/EchoGin404/gongkaishouji - https://github.com/HimmelAward/Goby_POC - https://github.com/Mr-xn/Penetration_Testing_POC +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/Z0fhack/Goby_POC - https://github.com/ZTK-009/Penetration_PoC diff --git a/2020/CVE-2020-9377.md b/2020/CVE-2020-9377.md index 8270dc98f..1ca5b3564 100644 --- a/2020/CVE-2020-9377.md +++ b/2020/CVE-2020-9377.md @@ -20,6 +20,7 @@ - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/hasee2018/Penetration_Testing_POC diff --git a/2020/CVE-2020-9402.md b/2020/CVE-2020-9402.md index 11e1dbd11..ac530791e 100644 --- a/2020/CVE-2020-9402.md +++ b/2020/CVE-2020-9402.md @@ -24,6 +24,7 @@ No PoCs from references. - https://github.com/SexyBeast233/SecBooks - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/bakery312/Vulhub-Reproduce diff --git a/2020/CVE-2020-9484.md b/2020/CVE-2020-9484.md index 666102c06..e79472efb 100644 --- a/2020/CVE-2020-9484.md +++ b/2020/CVE-2020-9484.md @@ -56,6 +56,7 @@ When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8. - https://github.com/RepublicR0K/CVE-2020-9484 - https://github.com/SexyBeast233/SecBooks - https://github.com/Spacial/awesome-csirt +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/VICXOR/CVE-2020-9484 - https://github.com/Xslover/CVE-2020-9484-Scanner - https://github.com/Y4tacker/JavaSec diff --git a/2020/CVE-2020-9496.md b/2020/CVE-2020-9496.md index 05cb87180..c8baefff1 100644 --- a/2020/CVE-2020-9496.md +++ b/2020/CVE-2020-9496.md @@ -49,6 +49,7 @@ XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scriptin - https://github.com/merlinepedra25/nuclei-templates - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2020/CVE-2020-9547.md b/2020/CVE-2020-9547.md index 642c1b148..a41ddd01e 100644 --- a/2020/CVE-2020-9547.md +++ b/2020/CVE-2020-9547.md @@ -28,6 +28,7 @@ FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee - https://github.com/NetW0rK1le3r/awesome-hacking-lists - https://github.com/OWASP/www-project-ide-vulscanner - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2020/CVE-2020-9548.md b/2020/CVE-2020-9548.md index 140ec7a3f..ada21a737 100644 --- a/2020/CVE-2020-9548.md +++ b/2020/CVE-2020-9548.md @@ -27,6 +27,7 @@ FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee - https://github.com/Mr-xn/Penetration_Testing_POC - https://github.com/OWASP/www-project-ide-vulscanner - https://github.com/PalindromeLabs/Java-Deserialization-CVEs +- https://github.com/Tyro-Shan/gongkaishouji - https://github.com/YIXINSHUWU/Penetration_Testing_POC - https://github.com/ZTK-009/Penetration_PoC - https://github.com/developer3000S/PoC-in-GitHub diff --git a/2021/CVE-2021-1675.md b/2021/CVE-2021-1675.md index 8b0dfe2cd..e0115e35d 100644 --- a/2021/CVE-2021-1675.md +++ b/2021/CVE-2021-1675.md @@ -70,6 +70,7 @@ Windows Print Spooler Remote Code Execution Vulnerability - https://github.com/AndrewTrube/CVE-2021-1675 - https://github.com/Anonymous-Family/Zero-day-scanning - https://github.com/AshikAhmed007/Active-Directory-Exploitation-Cheat-Sheet +- https://github.com/B34MR/zeroscan - https://github.com/BC-SECURITY/Moriarty - https://github.com/BOFs/CobaltStrike - https://github.com/BeetleChunks/SpoolSploit diff --git a/2021/CVE-2021-20090.md b/2021/CVE-2021-20090.md index 2df61c781..f6dc79a55 100644 --- a/2021/CVE-2021-20090.md +++ b/2021/CVE-2021-20090.md @@ -18,6 +18,7 @@ A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 fi - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/ArrestX/--POC +- https://github.com/DinoBytes/RVASec-2024-Consumer-Routers-Still-Suck - https://github.com/HimmelAward/Goby_POC - https://github.com/KayCHENvip/vulnerability-poc - https://github.com/Miraitowa70/POC-Notes diff --git a/2021/CVE-2021-21315.md b/2021/CVE-2021-21315.md index 797787d8d..62a5fabe5 100644 --- a/2021/CVE-2021-21315.md +++ b/2021/CVE-2021-21315.md @@ -46,6 +46,7 @@ No PoCs from references. - https://github.com/mintoolkit/mint - https://github.com/mmk-1/kubernetes-poc - https://github.com/n1sh1th/CVE-POC +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/slimtoolkit/slim - https://github.com/soosmile/POC - https://github.com/superlink996/chunqiuyunjingbachang diff --git a/2021/CVE-2021-21972.md b/2021/CVE-2021-21972.md index 9cf1fdfaf..e9a014200 100644 --- a/2021/CVE-2021-21972.md +++ b/2021/CVE-2021-21972.md @@ -126,6 +126,7 @@ The vSphere Client (HTML5) contains a remote code execution vulnerability in a v - https://github.com/oscpname/OSCP_cheat - https://github.com/password520/CVE-2021-21972 - https://github.com/password520/LadonGo +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-22005.md b/2021/CVE-2021-22005.md index 81a30deec..65f061d45 100644 --- a/2021/CVE-2021-22005.md +++ b/2021/CVE-2021-22005.md @@ -67,6 +67,7 @@ The vCenter Server contains an arbitrary file upload vulnerability in the Analyt - https://github.com/manas3c/CVE-POC - https://github.com/nday-ldgz/ZoomEye-dork - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-22205.md b/2021/CVE-2021-22205.md index c728bab24..11e895390 100644 --- a/2021/CVE-2021-22205.md +++ b/2021/CVE-2021-22205.md @@ -95,6 +95,7 @@ An issue has been discovered in GitLab CE/EE affecting all versions starting fro - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/octane23/CASE-STUDY-1 - https://github.com/overgrowncarrot1/DejaVu-CVE-2021-22205 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-22986.md b/2021/CVE-2021-22986.md index 83e228a3d..14e84a1dd 100644 --- a/2021/CVE-2021-22986.md +++ b/2021/CVE-2021-22986.md @@ -79,6 +79,7 @@ On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/openx-org/BLEN - https://github.com/papa-anniekey/CustomSignatures +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list @@ -101,6 +102,7 @@ On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before - https://github.com/xinyisleep/pocscan - https://github.com/xuetusummer/Penetration_Testing_POC - https://github.com/yaunsky/CVE-202122986-EXP +- https://github.com/yhy0/ExpDemo-JavaFX - https://github.com/youwizard/CVE-POC - https://github.com/zecool/cve - https://github.com/zmylml/yangzifun diff --git a/2021/CVE-2021-25735.md b/2021/CVE-2021-25735.md index 8a24b0197..a4be016f1 100644 --- a/2021/CVE-2021-25735.md +++ b/2021/CVE-2021-25735.md @@ -27,6 +27,7 @@ No PoCs from references. - https://github.com/developer-guy/awesome-falco - https://github.com/k0mi-tg/CVE-POC - https://github.com/khu-capstone-design/kubernetes-vulnerability-investigation +- https://github.com/magnologan/awesome-k8s-security - https://github.com/manas3c/CVE-POC - https://github.com/noirfate/k8s_debug - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-25737.md b/2021/CVE-2021-25737.md index c41fdc0e3..128b4a96e 100644 --- a/2021/CVE-2021-25737.md +++ b/2021/CVE-2021-25737.md @@ -20,5 +20,6 @@ No PoCs from references. - https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground - https://github.com/atesemre/awesome-cloud-native-security - https://github.com/kajogo777/kubernetes-misconfigured +- https://github.com/magnologan/awesome-k8s-security - https://github.com/reni2study/Cloud-Native-Security2 diff --git a/2021/CVE-2021-25740.md b/2021/CVE-2021-25740.md index 08d69d69a..c12f41c50 100644 --- a/2021/CVE-2021-25740.md +++ b/2021/CVE-2021-25740.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground - https://github.com/hacking-kubernetes/hacking-kubernetes.info - https://github.com/kajogo777/kubernetes-misconfigured +- https://github.com/magnologan/awesome-k8s-security diff --git a/2021/CVE-2021-25741.md b/2021/CVE-2021-25741.md index d4c3e6c7b..c74540bd9 100644 --- a/2021/CVE-2021-25741.md +++ b/2021/CVE-2021-25741.md @@ -31,6 +31,7 @@ No PoCs from references. - https://github.com/iridium-soda/container-escape-exploits - https://github.com/k0mi-tg/CVE-POC - https://github.com/khu-capstone-design/kubernetes-vulnerability-investigation +- https://github.com/magnologan/awesome-k8s-security - https://github.com/manas3c/CVE-POC - https://github.com/noirfate/k8s_debug - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-26084.md b/2021/CVE-2021-26084.md index 030c53e82..08b6952db 100644 --- a/2021/CVE-2021-26084.md +++ b/2021/CVE-2021-26084.md @@ -146,6 +146,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/ouwenjin/- - https://github.com/p0nymc1/CVE-2021-26084 - https://github.com/pathakabhi24/Pentest-Tools +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-pentest-note - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/pentest-note diff --git a/2021/CVE-2021-26295.md b/2021/CVE-2021-26295.md index 537b3f98e..9e3e0a8d2 100644 --- a/2021/CVE-2021-26295.md +++ b/2021/CVE-2021-26295.md @@ -58,6 +58,7 @@ Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated at - https://github.com/manas3c/CVE-POC - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-28139.md b/2021/CVE-2021-28139.md index 023b94409..92f63f49f 100644 --- a/2021/CVE-2021-28139.md +++ b/2021/CVE-2021-28139.md @@ -15,4 +15,5 @@ The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does n #### Github - https://github.com/JeffroMF/awesome-bluetooth-security321 - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2021/CVE-2021-28310.md b/2021/CVE-2021-28310.md index 4089743eb..affbbaacd 100644 --- a/2021/CVE-2021-28310.md +++ b/2021/CVE-2021-28310.md @@ -31,6 +31,7 @@ No PoCs from references. - https://github.com/Rafael-Svechinskaya/IOC_for_CVE-2021-28310 - https://github.com/SYRTI/POC_to_review - https://github.com/WhooAmii/POC_to_review +- https://github.com/cylaris/awesomekql - https://github.com/k0mi-tg/CVE-POC - https://github.com/manas3c/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2021/CVE-2021-29441.md b/2021/CVE-2021-29441.md index 9e7cbce17..3014121fa 100644 --- a/2021/CVE-2021-29441.md +++ b/2021/CVE-2021-29441.md @@ -28,6 +28,7 @@ No PoCs from references. - https://github.com/Threekiii/Awesome-Exploit - https://github.com/Threekiii/Awesome-POC - https://github.com/Threekiii/Vulhub-Reproduce +- https://github.com/Tsojan/TsojanScan - https://github.com/WhooAmii/POC_to_review - https://github.com/Whoopsunix/nacosScan - https://github.com/bakery312/Vulhub-Reproduce diff --git a/2021/CVE-2021-30461.md b/2021/CVE-2021-30461.md index 57d1b8a78..53c673716 100644 --- a/2021/CVE-2021-30461.md +++ b/2021/CVE-2021-30461.md @@ -35,6 +35,7 @@ No PoCs from references. - https://github.com/daedalus/CVE-2021-30461 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/openx-org/BLEN +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/puckiestyle/CVE-2021-30461 - https://github.com/soosmile/POC - https://github.com/trhacknon/Pocingit diff --git a/2021/CVE-2021-30465.md b/2021/CVE-2021-30465.md index 064e4af9f..b44a7ad02 100644 --- a/2021/CVE-2021-30465.md +++ b/2021/CVE-2021-30465.md @@ -30,6 +30,7 @@ No PoCs from references. - https://github.com/h4ckm310n/Container-Vulnerability-Exploit - https://github.com/iridium-soda/container-escape-exploits - https://github.com/kaosagnt/ansible-everyday +- https://github.com/magnologan/awesome-k8s-security - https://github.com/reni2study/Cloud-Native-Security2 - https://github.com/superfish9/pt - https://github.com/wllenyj/safe-path-rs diff --git a/2021/CVE-2021-32256.md b/2021/CVE-2021-32256.md index 95e917911..159783e20 100644 --- a/2021/CVE-2021-32256.md +++ b/2021/CVE-2021-32256.md @@ -13,5 +13,5 @@ An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. I - https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1927070 #### Github -No PoCs found on GitHub currently. +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2021/CVE-2021-35068.md b/2021/CVE-2021-35068.md index 2279e4a34..7571aed52 100644 --- a/2021/CVE-2021-35068.md +++ b/2021/CVE-2021-35068.md @@ -14,5 +14,6 @@ Lack of null check while freeing the device information buffer in the Bluetooth #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/sgxgsx/BlueToolkit - https://github.com/xmpf/qualcomm-bulletins diff --git a/2021/CVE-2021-3520.md b/2021/CVE-2021-3520.md index 2d6243e8b..0bf33965d 100644 --- a/2021/CVE-2021-3520.md +++ b/2021/CVE-2021-3520.md @@ -16,4 +16,5 @@ There's a flaw in lz4. An attacker who submits a crafted file to an application #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2021/CVE-2021-37580.md b/2021/CVE-2021-37580.md index 32b77c97b..3b165d9cc 100644 --- a/2021/CVE-2021-37580.md +++ b/2021/CVE-2021-37580.md @@ -39,6 +39,7 @@ No PoCs from references. - https://github.com/langligelang/langligelang - https://github.com/lions2012/Penetration_Testing_POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-3899.md b/2021/CVE-2021-3899.md new file mode 100644 index 000000000..2fc28a68b --- /dev/null +++ b/2021/CVE-2021-3899.md @@ -0,0 +1,24 @@ +### [CVE-2021-3899](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3899) +![](https://img.shields.io/static/v1?label=Product&message=Apport&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%202.21.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root. + +### POC + +#### Reference +- https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1948376 + +#### Github +- https://github.com/NaInSec/CVE-PoC-in-GitHub +- https://github.com/WhooAmii/POC_to_review +- https://github.com/k0mi-tg/CVE-POC +- https://github.com/liumuqing/CVE-2021-3899_PoC +- https://github.com/manas3c/CVE-POC +- https://github.com/whoforget/CVE-POC +- https://github.com/youwizard/CVE-POC +- https://github.com/zecool/cve + diff --git a/2021/CVE-2021-3942.md b/2021/CVE-2021-3942.md new file mode 100644 index 000000000..496c2a55a --- /dev/null +++ b/2021/CVE-2021-3942.md @@ -0,0 +1,17 @@ +### [CVE-2021-3942](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3942) +![](https://img.shields.io/static/v1?label=Product&message=HP%20Print%20products%20and%20Digital%20Sending%20products&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20See%20HP%20Security%20Bulletin%20reference%20for%20affected%20versions.%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2021/CVE-2021-4034.md b/2021/CVE-2021-4034.md index bb35b098f..550f8ed13 100644 --- a/2021/CVE-2021-4034.md +++ b/2021/CVE-2021-4034.md @@ -231,6 +231,7 @@ A local privilege escalation vulnerability was found on polkit's pkexec utility. - https://github.com/darkerego/pwnkit - https://github.com/deathsticksguy/CEHv12Practical - https://github.com/defhacks/cve-2021-4034 +- https://github.com/dejavudwh/dejavudwh - https://github.com/deoxykev/CVE-2021-4034-Rust - https://github.com/drapl0n/pwnKit - https://github.com/dzonerzy/poc-cve-2021-4034 diff --git a/2021/CVE-2021-40655.md b/2021/CVE-2021-40655.md index 1ce0dad0a..cce11d28e 100644 --- a/2021/CVE-2021-40655.md +++ b/2021/CVE-2021-40655.md @@ -13,5 +13,5 @@ An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2. - https://www.dlink.com/en/security-bulletin/ #### Github -No PoCs found on GitHub currently. +- https://github.com/Ostorlab/KEV diff --git a/2021/CVE-2021-41773.md b/2021/CVE-2021-41773.md index ba43f722a..ac671851b 100644 --- a/2021/CVE-2021-41773.md +++ b/2021/CVE-2021-41773.md @@ -248,6 +248,7 @@ A flaw was found in a change made to path normalization in Apache HTTP Server 2. - https://github.com/numanturle/CVE-2021-41773 - https://github.com/orangmuda/CVE-2021-41773 - https://github.com/oscpname/OSCP_cheat +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-42013.md b/2021/CVE-2021-42013.md index 36421247d..afa4bc87e 100644 --- a/2021/CVE-2021-42013.md +++ b/2021/CVE-2021-42013.md @@ -139,6 +139,7 @@ It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was in - https://github.com/nitishbadole/oscp-note-3 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/oscpname/OSCP_cheat +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-42306.md b/2021/CVE-2021-42306.md index 24c0a2289..36800f8e5 100644 --- a/2021/CVE-2021-42306.md +++ b/2021/CVE-2021-42306.md @@ -9,7 +9,7 @@ ### Description -

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential  on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a user or service in the tenant with application read access to read the private key data that was added to the application.

Azure AD addressed this vulnerability by preventing disclosure of any private key values added to the application.

Microsoft has identified services that could manifest this vulnerability, and steps that customers should take to be protected. Refer to the FAQ section for more information.

For more details on this issue, please refer to the MSRC Blog Entry.

+An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential  on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a user or service in the tenant with application read access to read the private key data that was added to the application.Azure AD addressed this vulnerability by preventing disclosure of any private key values added to the application.Microsoft has identified services that could manifest this vulnerability, and steps that customers should take to be protected. Refer to the FAQ section for more information.For more details on this issue, please refer to the MSRC Blog Entry. ### POC @@ -18,5 +18,6 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/Azure/Azure-Sentinel-Notebooks - https://github.com/SummitRoute/csp_security_mistakes diff --git a/2021/CVE-2021-43798.md b/2021/CVE-2021-43798.md index 4efc6c295..28e4ac7b4 100644 --- a/2021/CVE-2021-43798.md +++ b/2021/CVE-2021-43798.md @@ -111,6 +111,7 @@ Grafana is an open-source platform for monitoring and observability. Grafana ver - https://github.com/nuker/CVE-2021-43798 - https://github.com/openx-org/BLEN - https://github.com/pedrohavay/exploit-grafana-CVE-2021-43798 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/persees/grafana_exploits - https://github.com/rnsss/CVE-2021-43798-poc - https://github.com/rodpwn/CVE-2021-43798-mass_scanner diff --git a/2021/CVE-2021-43890.md b/2021/CVE-2021-43890.md index f2f5cb195..02211070f 100644 --- a/2021/CVE-2021-43890.md +++ b/2021/CVE-2021-43890.md @@ -5,7 +5,7 @@ ### Description -

We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader.

An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Please see the Security Updates table for the link to the updated app. Alternatively you can download and install the Installer using the links provided in the FAQ section.

Please see the Mitigations and Workaround sections for important information about steps you can take to protect your system from this vulnerability.

December 27 2023 Update:

In recent months, Microsoft Threat Intelligence has seen an increase in activity from threat actors leveraging social engineering and phishing techniques to target Windows OS users and utilizing the ms-appinstaller URI scheme.

To address this increase in activity, we have updated the App Installer to disable the ms-appinstaller protocol by default and recommend other potential mitigations.

+We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader.An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Please see the Security Updates table for the link to the updated app. Alternatively you can download and install the Installer using the links provided in the FAQ section.Please see the Mitigations and Workaround sections for important information about steps you can take to protect your system from this vulnerability.December 27 2023 Update:In recent months, Microsoft Threat Intelligence has seen an increase in activity from threat actors leveraging social engineering and phishing techniques to target Windows OS users and utilizing the ms-appinstaller URI scheme.To address this increase in activity, we have updated the App Installer to disable the ms-appinstaller protocol by default and recommend other potential mitigations. ### POC diff --git a/2021/CVE-2021-44228.md b/2021/CVE-2021-44228.md index b4a304ce1..4491e06e1 100644 --- a/2021/CVE-2021-44228.md +++ b/2021/CVE-2021-44228.md @@ -717,6 +717,9 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - https://github.com/defcon250/log4jScanner - https://github.com/dehlirious/LogIPAnalyzer - https://github.com/demilson/Log4Shell +- https://github.com/demining/Chinese-version-of-Bitcoin-blockchain-cryptanalysis +- https://github.com/demining/Japanese-version-of-Bitcoin-blockchain-cryptanalysis +- https://github.com/demining/Korean-version-of-Bitcoin-blockchain-cryptanalysis - https://github.com/demining/Log4j-Vulnerability - https://github.com/demonrvm/Log4ShellRemediation - https://github.com/desquezzee/Jpg-Png-Exploit-Slient-Builder-Exploit-Database-Cve-2023-Malware diff --git a/2021/CVE-2021-45232.md b/2021/CVE-2021-45232.md index c1b0a5f5a..304d11c09 100644 --- a/2021/CVE-2021-45232.md +++ b/2021/CVE-2021-45232.md @@ -52,6 +52,7 @@ No PoCs from references. - https://github.com/lions2012/Penetration_Testing_POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/openx-org/BLEN +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/awesome-vulnerability-research - https://github.com/pen4uin/vulnerability-research - https://github.com/pen4uin/vulnerability-research-list diff --git a/2021/CVE-2021-45346.md b/2021/CVE-2021-45346.md index fe5b5e5ed..2705867ad 100644 --- a/2021/CVE-2021-45346.md +++ b/2021/CVE-2021-45346.md @@ -16,4 +16,5 @@ - https://github.com/ARPSyndicate/cvemon - https://github.com/GrigGM/05-virt-04-docker-hw - https://github.com/guyinatuxedo/Beyond_Oblivion +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2021/CVE-2021-46905.md b/2021/CVE-2021-46905.md index e38724b02..01b38a9b5 100644 --- a/2021/CVE-2021-46905.md +++ b/2021/CVE-2021-46905.md @@ -1,6 +1,6 @@ ### [CVE-2021-46905](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46905) ![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=92028d7a31e5%3C%205c17cfe155d2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=a462067d7c8e%3C%205871761c5f0f%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) ### Description diff --git a/2022/CVE-2022-0563.md b/2022/CVE-2022-0563.md index b5e066048..222cd791d 100644 --- a/2022/CVE-2022-0563.md +++ b/2022/CVE-2022-0563.md @@ -23,5 +23,6 @@ No PoCs from references. - https://github.com/denoslab/ensf400-lab10-ssc - https://github.com/fokypoky/places-list - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/toyhoshi/helm diff --git a/2022/CVE-2022-0847.md b/2022/CVE-2022-0847.md index 3dc182b6c..81c74a311 100644 --- a/2022/CVE-2022-0847.md +++ b/2022/CVE-2022-0847.md @@ -58,6 +58,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure - https://github.com/DataDog/dirtypipe-container-breakout-poc - https://github.com/DataFox/CVE-2022-0847 - https://github.com/DevataDev/PiracyTools +- https://github.com/Disturbante/Linux-Pentest - https://github.com/DylanBarbe/dirty-pipe-clone-4-root - https://github.com/DylanBarbe/hj - https://github.com/EGI-Federation/SVG-advisories diff --git a/2022/CVE-2022-1388.md b/2022/CVE-2022-1388.md index 762a773b2..3bf62f619 100644 --- a/2022/CVE-2022-1388.md +++ b/2022/CVE-2022-1388.md @@ -153,6 +153,7 @@ On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5. - https://github.com/nvk0x/CVE-2022-1388-exploit - https://github.com/omnigodz/CVE-2022-1388 - https://github.com/pauloink/CVE-2022-1388 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/psc4re/nuclei-templates - https://github.com/qusaialhaddad/F5-BigIP-CVE-2022-1388 - https://github.com/revanmalang/CVE-2022-1388 diff --git a/2022/CVE-2022-1970.md b/2022/CVE-2022-1970.md index 775d1ce6f..4ed6d4c5e 100644 --- a/2022/CVE-2022-1970.md +++ b/2022/CVE-2022-1970.md @@ -1,11 +1,11 @@ ### [CVE-2022-1970](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1970) -![](https://img.shields.io/static/v1?label=Product&message=Keycloak&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=%3D%2018.0.0%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=URL%20Redirection%20to%20Untrusted%20Site%20('Open%20Redirect')&color=brighgreen) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue) ### Description -keycloak 18.0.0: open redirect in auth endpoint via the redirect_uri parameter. +** REJECT ** The originally reported issue in https://github.com/syedsohaibkarim/OpenRedirect-Keycloak18.0.0 is a known misconfiguration, and recommendation already exists in the Keycloak documentation to mitigate the issue: https://www.keycloak.org/docs/latest/server_admin/index.html#open-redirectors. ### POC diff --git a/2022/CVE-2022-22075.md b/2022/CVE-2022-22075.md new file mode 100644 index 000000000..d41447450 --- /dev/null +++ b/2022/CVE-2022-22075.md @@ -0,0 +1,17 @@ +### [CVE-2022-22075](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22075) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20APQ8009%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%20Information%20Exposure&color=brighgreen) + +### Description + +Information Disclosure in Graphics during GPU context switch. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/pittisl/perfinfer-code + diff --git a/2022/CVE-2022-22088.md b/2022/CVE-2022-22088.md new file mode 100644 index 000000000..ff5a56331 --- /dev/null +++ b/2022/CVE-2022-22088.md @@ -0,0 +1,17 @@ +### [CVE-2022-22088](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22088) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20APQ8009%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-22916.md b/2022/CVE-2022-22916.md index cf64396e7..777a73fc7 100644 --- a/2022/CVE-2022-22916.md +++ b/2022/CVE-2022-22916.md @@ -24,6 +24,7 @@ O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerabilit - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/trhacknon/Pocingit - https://github.com/whoforget/CVE-POC +- https://github.com/wy876/POC - https://github.com/youwizard/CVE-POC - https://github.com/zecool/cve diff --git a/2022/CVE-2022-22947.md b/2022/CVE-2022-22947.md index d0b45f9ba..aede5d5bc 100644 --- a/2022/CVE-2022-22947.md +++ b/2022/CVE-2022-22947.md @@ -160,6 +160,7 @@ In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are v - https://github.com/nu0l/cve-2022-22947 - https://github.com/nu1r/yak-module-Nu - https://github.com/open-source-agenda/new-open-source-projects +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pen4uin/java-memshell-generator-release - https://github.com/qq87234770/CVE-2022-22947 - https://github.com/reph0r/poc-exp diff --git a/2022/CVE-2022-22954.md b/2022/CVE-2022-22954.md index 3ab01ed47..cb1ea0a4f 100644 --- a/2022/CVE-2022-22954.md +++ b/2022/CVE-2022-22954.md @@ -102,6 +102,7 @@ VMware Workspace ONE Access and Identity Manager contain a remote code execution - https://github.com/nguyenv1nK/CVE-2022-22954 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/orwagodfather/CVE-2022-22954 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/rat857/AtomsPanic - https://github.com/secfb/CVE-2022-22954 - https://github.com/shengshengli/fscan-POC diff --git a/2022/CVE-2022-22963.md b/2022/CVE-2022-22963.md index 6b2ecdfcf..81cf65bba 100644 --- a/2022/CVE-2022-22963.md +++ b/2022/CVE-2022-22963.md @@ -138,6 +138,7 @@ In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, w - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/onurgule/S4S-Scanner - https://github.com/oscpname/OSCP_cheat +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/puckiestyle/CVE-2022-22963 - https://github.com/radiusmethod/awesome-gists - https://github.com/randallbanner/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE diff --git a/2022/CVE-2022-22965.md b/2022/CVE-2022-22965.md index b8906a779..065306f30 100644 --- a/2022/CVE-2022-22965.md +++ b/2022/CVE-2022-22965.md @@ -265,6 +265,7 @@ A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable t - https://github.com/opennms-forge/opennms-spring-patched - https://github.com/p1ckzi/CVE-2022-22965 - https://github.com/paulseo0827/Amazon-EKS-Security +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pipiscrew/timeline - https://github.com/pvnovarese/2022-04-enterprise-demo - https://github.com/pwnwriter/CVE-2022-22965 diff --git a/2022/CVE-2022-2297.md b/2022/CVE-2022-2297.md index afb3092c3..12915f249 100644 --- a/2022/CVE-2022-2297.md +++ b/2022/CVE-2022-2297.md @@ -11,6 +11,7 @@ A vulnerability, which was classified as critical, was found in SourceCodester C #### Reference - https://github.com/CyberThoth/CVE/blob/8c6b66919be1bd66a54c16cc27cbdd9793221d3e/CVE/Clinic's%20Patient%20Management%20System/Unrestricted%20file%20upload%20(RCE)/POC.md +- https://vuldb.com/?id.203178 #### Github No PoCs found on GitHub currently. diff --git a/2022/CVE-2022-23131.md b/2022/CVE-2022-23131.md index 6fb5b8b60..eee2e807c 100644 --- a/2022/CVE-2022-23131.md +++ b/2022/CVE-2022-23131.md @@ -71,6 +71,7 @@ No PoCs from references. - https://github.com/murchie85/twitterCyberMonitor - https://github.com/nirsarkar/Nuclei-Templates-Collection - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pykiller/CVE-2022-23131 - https://github.com/r10lab/CVE-2022-23131 - https://github.com/random-robbie/cve-2022-23131-exp diff --git a/2022/CVE-2022-23221.md b/2022/CVE-2022-23221.md index 1509969f2..9e2c2214e 100644 --- a/2022/CVE-2022-23221.md +++ b/2022/CVE-2022-23221.md @@ -34,5 +34,6 @@ H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via - https://github.com/mbianchi/e-voting - https://github.com/mosaic-hgw/WildFly - https://github.com/nscuro/dtapac +- https://github.com/tanjiti/sec_profile - https://github.com/zhaoolee/garss diff --git a/2022/CVE-2022-24695.md b/2022/CVE-2022-24695.md new file mode 100644 index 000000000..05a2a1b9c --- /dev/null +++ b/2022/CVE-2022-24695.md @@ -0,0 +1,17 @@ +### [CVE-2022-24695](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24695) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with device capabilities and identifiers, some of which may contain identifying information about the device owner. This additionally allows the attacker to establish a connection to the target device. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-24975.md b/2022/CVE-2022-24975.md index 744324697..d1251369c 100644 --- a/2022/CVE-2022-24975.md +++ b/2022/CVE-2022-24975.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2022/CVE-2022-25836.md b/2022/CVE-2022-25836.md index 89cf72e9c..29b7e61a6 100644 --- a/2022/CVE-2022-25836.md +++ b/2022/CVE-2022-25836.md @@ -14,4 +14,5 @@ Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 #### Github - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2022/CVE-2022-25837.md b/2022/CVE-2022-25837.md index e321c353f..1ece09e94 100644 --- a/2022/CVE-2022-25837.md +++ b/2022/CVE-2022-25837.md @@ -14,4 +14,5 @@ Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permi #### Github - https://github.com/engn33r/awesome-bluetooth-security +- https://github.com/sgxgsx/BlueToolkit diff --git a/2022/CVE-2022-26134.md b/2022/CVE-2022-26134.md index 357f75860..2833fdf25 100644 --- a/2022/CVE-2022-26134.md +++ b/2022/CVE-2022-26134.md @@ -29,6 +29,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/1rm/Confluence-CVE-2022-26134 - https://github.com/20142995/Goby - https://github.com/20142995/pocsuite3 +- https://github.com/20142995/sectool - https://github.com/2212970396/CVE_2022_26134 - https://github.com/2591014574/all-Def-Tool - https://github.com/2lambda123/panopticon-unattributed @@ -89,6 +90,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/StarCrossPortal/scalpel - https://github.com/Sylon001/Common-tool - https://github.com/Threekiii/Awesome-POC +- https://github.com/Threekiii/Awesome-Redteam - https://github.com/Threekiii/Vulhub-Reproduce - https://github.com/UsagiB4/An_Idiots_writeups_on_THM - https://github.com/Vulnmachines/Confluence-CVE-2022-26134 @@ -111,6 +113,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/b4dboy17/CVE-2022-26134 - https://github.com/badboy-sft/CVE-2022-26134 - https://github.com/bakery312/Vulhub-Reproduce +- https://github.com/bigblackhat/oFx - https://github.com/cai-niao98/CVE-2022-26134 - https://github.com/cbk914/CVE-2022-26134_check - https://github.com/chaosec2021/EXP-POC @@ -170,6 +173,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul - https://github.com/openx-org/BLEN - https://github.com/oscpname/OSCP_cheat - https://github.com/p4b3l1t0/confusploit +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/pipiscrew/timeline - https://github.com/r1skkam/TryHackMe-Atlassian-CVE-2022-26134 - https://github.com/ravro-ir/golang_bug_hunting diff --git a/2022/CVE-2022-2699.md b/2022/CVE-2022-2699.md new file mode 100644 index 000000000..d9f7ff238 --- /dev/null +++ b/2022/CVE-2022-2699.md @@ -0,0 +1,17 @@ +### [CVE-2022-2699](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2699) +![](https://img.shields.io/static/v1?label=Product&message=Simple%20E-Learning%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claire_blake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205820. + +### POC + +#### Reference +- https://vuldb.com/?id.205820 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2022/CVE-2022-27225.md b/2022/CVE-2022-27225.md index 95eba0c37..ff9b0246b 100644 --- a/2022/CVE-2022-27225.md +++ b/2022/CVE-2022-27225.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/ARPSyndicate/cvemon - https://github.com/PowerCommands/SecTools - https://github.com/meddlin/epss-browser +- https://github.com/muchdogesec/cve2stix diff --git a/2022/CVE-2022-2724.md b/2022/CVE-2022-2724.md index 0a2e38eab..97b65bdce 100644 --- a/2022/CVE-2022-2724.md +++ b/2022/CVE-2022-2724.md @@ -11,6 +11,7 @@ A vulnerability was found in SourceCodester Employee Management System. It has b #### Reference - https://bewhale.github.io/post/PHP%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1%E2%80%94Employee%20Management%20System%20aprocess.php%20SQL%20Injection/ +- https://vuldb.com/?id.205837 #### Github No PoCs found on GitHub currently. diff --git a/2022/CVE-2022-27255.md b/2022/CVE-2022-27255.md index 6bbcbbb54..8f7c081f8 100644 --- a/2022/CVE-2022-27255.md +++ b/2022/CVE-2022-27255.md @@ -17,6 +17,7 @@ No PoCs from references. - https://github.com/CVEDB/PoC-List - https://github.com/CVEDB/awesome-cve-repo - https://github.com/CVEDB/top +- https://github.com/DinoBytes/RVASec-2024-Consumer-Routers-Still-Suck - https://github.com/GhostTroops/TOP - https://github.com/H4lo/awesome-IoT-security-article - https://github.com/NaInSec/CVE-PoC-in-GitHub diff --git a/2022/CVE-2022-27925.md b/2022/CVE-2022-27925.md index b84db9f70..4b549e0ef 100644 --- a/2022/CVE-2022-27925.md +++ b/2022/CVE-2022-27925.md @@ -42,6 +42,7 @@ Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that - https://github.com/navokus/CVE-2022-27925 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/onlyHerold22/CVE-2022-27925-PoC +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/sponkmonk/Ladon_english_update - https://github.com/touchmycrazyredhat/CVE-2022-27925-Revshell - https://github.com/trhacknon/Pocingit diff --git a/2022/CVE-2022-27943.md b/2022/CVE-2022-27943.md index b5ff81ea9..56800a785 100644 --- a/2022/CVE-2022-27943.md +++ b/2022/CVE-2022-27943.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/GrigGM/05-virt-04-docker-hw - https://github.com/adegoodyer/kubernetes-admin-toolkit - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2022/CVE-2022-27948.md b/2022/CVE-2022-27948.md new file mode 100644 index 000000000..45db5d0f8 --- /dev/null +++ b/2022/CVE-2022-27948.md @@ -0,0 +1,17 @@ +### [CVE-2022-27948](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27948) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +** DISPUTED ** Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspective is that the behavior is as intended. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2022/CVE-2022-2843.md b/2022/CVE-2022-2843.md index b31ca7549..f6e1dcf8c 100644 --- a/2022/CVE-2022-2843.md +++ b/2022/CVE-2022-2843.md @@ -10,7 +10,7 @@ A vulnerability was found in MotoPress Timetable and Event Schedule. It has been ### POC #### Reference -No PoCs from references. +- https://vuldb.com/?id.206486 #### Github - https://github.com/karimhabush/cyberowl diff --git a/2022/CVE-2022-29098.md b/2022/CVE-2022-29098.md new file mode 100644 index 000000000..632f9455e --- /dev/null +++ b/2022/CVE-2022-29098.md @@ -0,0 +1,17 @@ +### [CVE-2022-29098](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29098) +![](https://img.shields.io/static/v1?label=Product&message=PowerScale%20OneFS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%208.2.x%2C%209.0.0.x%2C%209.1.0.x%2C%209.2.0.x%2C%209.2.1.x%2C%209.3.0.x%20%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-521%3A%20Weak%20Password%20Requirements&color=brighgreen) + +### Description + +Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. An administrator may create an account with no password. A remote attacker may potentially exploit this leading to a user account compromise. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/muchdogesec/cve2stix + diff --git a/2022/CVE-2022-29266.md b/2022/CVE-2022-29266.md index cdd2ad5d6..e2ad2e6e4 100644 --- a/2022/CVE-2022-29266.md +++ b/2022/CVE-2022-29266.md @@ -18,4 +18,5 @@ No PoCs from references. - https://github.com/GRQForCloud/cloud-security-guides - https://github.com/YDCloudSecurity/cloud-security-guides - https://github.com/karimhabush/cyberowl +- https://github.com/teamssix/awesome-cloud-security diff --git a/2022/CVE-2022-29303.md b/2022/CVE-2022-29303.md index 956521382..13e6e9b0e 100644 --- a/2022/CVE-2022-29303.md +++ b/2022/CVE-2022-29303.md @@ -30,6 +30,7 @@ SolarView Compact ver.6.00 was discovered to contain a command injection vulnera - https://github.com/emanueldosreis/nmap-CVE-2023-23333-exploit - https://github.com/k0mi-tg/CVE-POC - https://github.com/manas3c/CVE-POC +- https://github.com/muchdogesec/cve2stix - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/trhacknon/CVE-2022-29303 - https://github.com/trhacknon/Pocingit diff --git a/2022/CVE-2022-29464.md b/2022/CVE-2022-29464.md index 861288338..463396e5e 100644 --- a/2022/CVE-2022-29464.md +++ b/2022/CVE-2022-29464.md @@ -96,6 +96,7 @@ Certain WSO2 products allow unrestricted file upload with resultant remote code - https://github.com/mr-r3bot/WSO2-CVE-2022-29464 - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/oppsec/WSOB +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/r4x0r1337/-CVE-2022-29464 - https://github.com/rootxyash/learn365days - https://github.com/superlink996/chunqiuyunjingbachang diff --git a/2022/CVE-2022-30190.md b/2022/CVE-2022-30190.md index 1941f4b93..1bef1534a 100644 --- a/2022/CVE-2022-30190.md +++ b/2022/CVE-2022-30190.md @@ -37,7 +37,7 @@ ### Description -

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.

Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability.

+A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability. ### POC diff --git a/2022/CVE-2022-30221.md b/2022/CVE-2022-30221.md index fc2d1fa97..56487f18d 100644 --- a/2022/CVE-2022-30221.md +++ b/2022/CVE-2022-30221.md @@ -1,4 +1,5 @@ ### [CVE-2022-30221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30221) +![](https://img.shields.io/static/v1?label=Product&message=Remote%20Desktop%20client%20for%20Windows%20Desktop&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) @@ -19,6 +20,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%20version%2020H2&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=1.2.0.0%3C%201.2.3317.0%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.19360%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.5246%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.3165%20&color=brighgreen) diff --git a/2022/CVE-2022-30525.md b/2022/CVE-2022-30525.md index 505f0d2c9..5f8e3421a 100644 --- a/2022/CVE-2022-30525.md +++ b/2022/CVE-2022-30525.md @@ -64,6 +64,7 @@ A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) - https://github.com/luck-ying/Library-POC - https://github.com/manas3c/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/savior-only/CVE-2022-30525 - https://github.com/shuai06/CVE-2022-30525 - https://github.com/superzerosec/CVE-2022-30525 diff --git a/2022/CVE-2022-30858.md b/2022/CVE-2022-30858.md index ca1d596f1..27b89fc66 100644 --- a/2022/CVE-2022-30858.md +++ b/2022/CVE-2022-30858.md @@ -15,4 +15,5 @@ An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif whe #### Github - https://github.com/Marsman1996/pocs +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2022/CVE-2022-31793.md b/2022/CVE-2022-31793.md index 8043efbbd..63af92876 100644 --- a/2022/CVE-2022-31793.md +++ b/2022/CVE-2022-31793.md @@ -17,6 +17,7 @@ do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read - https://github.com/0day404/vulnerability-poc - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates +- https://github.com/DinoBytes/RVASec-2024-Consumer-Routers-Still-Suck - https://github.com/KayCHENvip/vulnerability-poc - https://github.com/Miraitowa70/POC-Notes - https://github.com/NaInSec/CVE-PoC-in-GitHub diff --git a/2022/CVE-2022-3205.md b/2022/CVE-2022-3205.md index 5d08fce02..9888565cd 100644 --- a/2022/CVE-2022-3205.md +++ b/2022/CVE-2022-3205.md @@ -1,6 +1,6 @@ ### [CVE-2022-3205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3205) ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ansible%20Automation%20Platform%201.2&color=blue) -![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ansible%20Automation%20Platform%202.0&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ansible%20Automation%20Platform%202&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) ![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) diff --git a/2022/CVE-2022-3219.md b/2022/CVE-2022-3219.md index 79246ff21..68f4230c2 100644 --- a/2022/CVE-2022-3219.md +++ b/2022/CVE-2022-3219.md @@ -19,5 +19,6 @@ No PoCs from references. - https://github.com/adegoodyer/ubuntu - https://github.com/fokypoky/places-list - https://github.com/mauraneh/WIK-DPS-TP02 +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/tl87/container-scanner diff --git a/2022/CVE-2022-33255.md b/2022/CVE-2022-33255.md new file mode 100644 index 000000000..8781c31d6 --- /dev/null +++ b/2022/CVE-2022-33255.md @@ -0,0 +1,17 @@ +### [CVE-2022-33255](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33255) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20APQ8009%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-33280.md b/2022/CVE-2022-33280.md new file mode 100644 index 000000000..5b26a644e --- /dev/null +++ b/2022/CVE-2022-33280.md @@ -0,0 +1,17 @@ +### [CVE-2022-33280](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33280) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20APQ8096AU%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-824%20Access%20of%20Uninitialized%20Pointer&color=brighgreen) + +### Description + +Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-37968.md b/2022/CVE-2022-37968.md index 3a740ecef..3901d5100 100644 --- a/2022/CVE-2022-37968.md +++ b/2022/CVE-2022-37968.md @@ -13,7 +13,7 @@ ### Description -

Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because Azure Stack Edge allows customers to deploy Kubernetes workloads on their devices via Azure Arc, Azure Stack Edge devices are also vulnerable to this vulnerability.

+Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because Azure Stack Edge allows customers to deploy Kubernetes workloads on their devices via Azure Arc, Azure Stack Edge devices are also vulnerable to this vulnerability. ### POC diff --git a/2022/CVE-2022-40503.md b/2022/CVE-2022-40503.md new file mode 100644 index 000000000..3caf1a3bd --- /dev/null +++ b/2022/CVE-2022-40503.md @@ -0,0 +1,17 @@ +### [CVE-2022-40503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40503) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%209206%20LTE%20Modem%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-126%20Buffer%20Over-read&color=brighgreen) + +### Description + +Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-40537.md b/2022/CVE-2022-40537.md new file mode 100644 index 000000000..d36f6316b --- /dev/null +++ b/2022/CVE-2022-40537.md @@ -0,0 +1,17 @@ +### [CVE-2022-40537](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40537) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20APQ8009%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-129%20Improper%20Validation%20of%20Array%20Index&color=brighgreen) + +### Description + +Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2022/CVE-2022-41120.md b/2022/CVE-2022-41120.md index c48442d17..ca5a0b052 100644 --- a/2022/CVE-2022-41120.md +++ b/2022/CVE-2022-41120.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Wh04m1001/SysmonEoP +- https://github.com/pxcs/CVE-29343-Sysmon-list diff --git a/2022/CVE-2022-41678.md b/2022/CVE-2022-41678.md index a1f2af75a..ac4b33420 100644 --- a/2022/CVE-2022-41678.md +++ b/2022/CVE-2022-41678.md @@ -1,11 +1,11 @@ ### [CVE-2022-41678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41678) ![](https://img.shields.io/static/v1?label=Product&message=Apache%20ActiveMQ&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) -![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%20Improper%20Authentication&color=brighgreen) ### Description -Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allowsorg.jolokia.http.AgentServlet to handler request to /api/jolokiaorg.jolokia.http.HttpRequestHandler#handlePostRequest is able tocreate JmxRequest through JSONObject. And calls toorg.jolokia.http.HttpRequestHandler#executeRequest.Into deeper calling stacks,org.jolokia.handler.ExecHandler#doHandleRequest is able to invokethrough refection.And then, RCE is able to be achieved viajdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11.1 Call newRecording.2 Call setConfiguration. And a webshell data hides in it.3 Call startRecording.4 Call copyTo method. The webshell will be written to a .jsp file.The mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia.A more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0. +Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allowsorg.jolokia.http.AgentServlet to handler request to /api/jolokiaorg.jolokia.http.HttpRequestHandler#handlePostRequest is able tocreate JmxRequest through JSONObject. And calls toorg.jolokia.http.HttpRequestHandler#executeRequest.Into deeper calling stacks,org.jolokia.handler.ExecHandler#doHandleRequest can be invokedthrough refection. This could lead to RCE through viavarious mbeans. One example is unrestricted deserialization in jdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11.1 Call newRecording.2 Call setConfiguration. And a webshell data hides in it.3 Call startRecording.4 Call copyTo method. The webshell will be written to a .jsp file.The mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia.A more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0. ### POC diff --git a/2022/CVE-2022-43216.md b/2022/CVE-2022-43216.md new file mode 100644 index 000000000..67e651ae7 --- /dev/null +++ b/2022/CVE-2022-43216.md @@ -0,0 +1,17 @@ +### [CVE-2022-43216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43216) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +AbrhilSoft Employee's Portal before v5.6.2 was discovered to contain a SQL injection vulnerability in the login page. + +### POC + +#### Reference +- https://github.com/blackarrowsec/advisories/tree/master/2022/CVE-2022-43216 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2022/CVE-2022-44704.md b/2022/CVE-2022-44704.md index db27b784a..6ff127ea9 100644 --- a/2022/CVE-2022-44704.md +++ b/2022/CVE-2022-44704.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/ARPSyndicate/cvemon - https://github.com/Wh04m1001/SysmonEoP +- https://github.com/pxcs/CVE-29343-Sysmon-list diff --git a/2022/CVE-2022-45171.md b/2022/CVE-2022-45171.md new file mode 100644 index 000000000..6866deaef --- /dev/null +++ b/2022/CVE-2022-45171.md @@ -0,0 +1,17 @@ +### [CVE-2022-45171](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45171) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Unrestricted Upload of a File with a Dangerous Type can occur under the vShare web site section. A remote user, authenticated to the product, can arbitrarily upload potentially dangerous files without restrictions. + +### POC + +#### Reference +- https://www.gruppotim.it/it/footer/red-team.html + +#### Github +No PoCs found on GitHub currently. + diff --git a/2022/CVE-2022-46463.md b/2022/CVE-2022-46463.md index a5e8f7e3a..463f70f4d 100644 --- a/2022/CVE-2022-46463.md +++ b/2022/CVE-2022-46463.md @@ -16,11 +16,13 @@ No PoCs from references. - https://github.com/404tk/CVE-2022-46463 - https://github.com/ARPSyndicate/cvemon - https://github.com/TheKingOfDuck/SBCVE +- https://github.com/Threekiii/Awesome-POC - https://github.com/k0mi-tg/CVE-POC - https://github.com/lanqingaa/123 - https://github.com/manas3c/CVE-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/nu0l/CVE-2022-46463 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/wh-gov/CVE-2022-46463 - https://github.com/whoforget/CVE-POC - https://github.com/youwizard/CVE-POC diff --git a/2022/CVE-2022-48303.md b/2022/CVE-2022-48303.md index 9d3a87520..efe66c30f 100644 --- a/2022/CVE-2022-48303.md +++ b/2022/CVE-2022-48303.md @@ -18,4 +18,5 @@ GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of un - https://github.com/PajakAlexandre/wik-dps-tp02 - https://github.com/mauraneh/WIK-DPS-TP02 - https://github.com/seal-community/patches +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2022/CVE-2022-48681.md b/2022/CVE-2022-48681.md new file mode 100644 index 000000000..b23d2a20e --- /dev/null +++ b/2022/CVE-2022-48681.md @@ -0,0 +1,17 @@ +### [CVE-2022-48681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48681) +![](https://img.shields.io/static/v1?label=Product&message=EGRT-00&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%202.1.0.20(H100SP30C00)%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-119%20Improper%20Restriction%20of%20Operations%20within%20the%20Bounds%20of%20a%20Memory%20Buffer&color=brighgreen) + +### Description + +Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2023/CVE-2023-1389.md b/2023/CVE-2023-1389.md index 8d54a5c05..2d0d6a80b 100644 --- a/2023/CVE-2023-1389.md +++ b/2023/CVE-2023-1389.md @@ -15,6 +15,7 @@ TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 conta #### Github - https://github.com/Co5mos/nuclei-tps +- https://github.com/DinoBytes/RVASec-2024-Consumer-Routers-Still-Suck - https://github.com/Ostorlab/KEV - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors - https://github.com/Terminal1337/CVE-2023-1389 diff --git a/2023/CVE-2023-1972.md b/2023/CVE-2023-1972.md index c6c28036a..de9dd2e53 100644 --- a/2023/CVE-2023-1972.md +++ b/2023/CVE-2023-1972.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/13579and2468/Wei-fuzz - https://github.com/fokypoky/places-list +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-21529.md b/2023/CVE-2023-21529.md index e1ef47336..0556dcad6 100644 --- a/2023/CVE-2023-21529.md +++ b/2023/CVE-2023-21529.md @@ -7,7 +7,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.021%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.0986.041%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21536.md b/2023/CVE-2023-21536.md index ee7494a4a..5dadb4fb0 100644 --- a/2023/CVE-2023-21536.md +++ b/2023/CVE-2023-21536.md @@ -15,7 +15,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1487%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21537.md b/2023/CVE-2023-21537.md index 63b35f8f4..2ff0f32cf 100644 --- a/2023/CVE-2023-21537.md +++ b/2023/CVE-2023-21537.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-367%3A%20Time-of-check%20Time-of-use%20(TOCTOU)%20Race%20Condition&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21538.md b/2023/CVE-2023-21538.md index 27a3f3a93..4e3af2898 100644 --- a/2023/CVE-2023-21538.md +++ b/2023/CVE-2023-21538.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=PowerShell%207.2&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.13%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=7.2.0%3C%207.2.9%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21543.md b/2023/CVE-2023-21543.md index c775544b4..af72ccc0e 100644 --- a/2023/CVE-2023-21543.md +++ b/2023/CVE-2023-21543.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%3A%20Uncontrolled%20Resource%20Consumption&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21554.md b/2023/CVE-2023-21554.md index 7cc0e6db8..01a657272 100644 --- a/2023/CVE-2023-21554.md +++ b/2023/CVE-2023-21554.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,14 +31,15 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description -Microsoft Message Queuing Remote Code Execution Vulnerability +Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability ### POC diff --git a/2023/CVE-2023-21563.md b/2023/CVE-2023-21563.md index 344508ce3..2b6cc1b69 100644 --- a/2023/CVE-2023-21563.md +++ b/2023/CVE-2023-21563.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,6 +34,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) diff --git a/2023/CVE-2023-21567.md b/2023/CVE-2023-21567.md index 9a00f4a8b..1ac5f163d 100644 --- a/2023/CVE-2023-21567.md +++ b/2023/CVE-2023-21567.md @@ -9,7 +9,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=17.0.0%3C%2017.0.19%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=17.2.0%3C%2017.2.13%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=17.4.0%3C%2017.4.5%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21647.md b/2023/CVE-2023-21647.md new file mode 100644 index 000000000..c7eba4224 --- /dev/null +++ b/2023/CVE-2023-21647.md @@ -0,0 +1,17 @@ +### [CVE-2023-21647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21647) +![](https://img.shields.io/static/v1?label=Product&message=Snapdragon&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20QCA6390%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen) + +### Description + +Information disclosure in Bluetooth when an GATT packet is received due to improper input validation. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/sgxgsx/BlueToolkit + diff --git a/2023/CVE-2023-21674.md b/2023/CVE-2023-21674.md index 67c2fa3f9..63643d726 100644 --- a/2023/CVE-2023-21674.md +++ b/2023/CVE-2023-21674.md @@ -25,7 +25,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21675.md b/2023/CVE-2023-21675.md index dbbb7a4ef..629cd1fa2 100644 --- a/2023/CVE-2023-21675.md +++ b/2023/CVE-2023-21675.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-843%3A%20Access%20of%20Resource%20Using%20Incompatible%20Type%20('Type%20Confusion')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21707.md b/2023/CVE-2023-21707.md index b93532b72..2b6d280a3 100644 --- a/2023/CVE-2023-21707.md +++ b/2023/CVE-2023-21707.md @@ -7,7 +7,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.023%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.0986.042%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.026%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21716.md b/2023/CVE-2023-21716.md index a03f973d0..6489b26fc 100644 --- a/2023/CVE-2023-21716.md +++ b/2023/CVE-2023-21716.md @@ -26,7 +26,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.70.23021201%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21721.md b/2023/CVE-2023-21721.md index 67e94c120..ef2c05636 100644 --- a/2023/CVE-2023-21721.md +++ b/2023/CVE-2023-21721.md @@ -1,7 +1,7 @@ ### [CVE-2023-21721](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21721) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20OneNote%20for%20Android&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.16026.20158%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%3A%20Improper%20Authentication&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21722.md b/2023/CVE-2023-21722.md index 9cdc09f25..0c06b0c10 100644 --- a/2023/CVE-2023-21722.md +++ b/2023/CVE-2023-21722.md @@ -20,7 +20,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%2010.0.04614.06%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.4614.08%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.1%3C%2010.0.09139.02%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21734.md b/2023/CVE-2023-21734.md index 7c6da6430..74e669a74 100644 --- a/2023/CVE-2023-21734.md +++ b/2023/CVE-2023-21734.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.69.23010700%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.69.23010700%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21739.md b/2023/CVE-2023-21739.md index fd3158bae..cc709414f 100644 --- a/2023/CVE-2023-21739.md +++ b/2023/CVE-2023-21739.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21742.md b/2023/CVE-2023-21742.md index bc8a23208..6a99604ee 100644 --- a/2023/CVE-2023-21742.md +++ b/2023/CVE-2023-21742.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10394.20021%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.15601.20418%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5378.1000%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21744.md b/2023/CVE-2023-21744.md index ded1dbf78..44c02abca 100644 --- a/2023/CVE-2023-21744.md +++ b/2023/CVE-2023-21744.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10394.20021%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.15601.20418%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5378.1000%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21746.md b/2023/CVE-2023-21746.md index cd55298fe..84cd376c0 100644 --- a/2023/CVE-2023-21746.md +++ b/2023/CVE-2023-21746.md @@ -10,6 +10,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue) @@ -29,6 +30,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1487%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) diff --git a/2023/CVE-2023-21747.md b/2023/CVE-2023-21747.md index 0a4797fc1..d69cd3f8d 100644 --- a/2023/CVE-2023-21747.md +++ b/2023/CVE-2023-21747.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21748.md b/2023/CVE-2023-21748.md index 6c5036fe5..f39537e58 100644 --- a/2023/CVE-2023-21748.md +++ b/2023/CVE-2023-21748.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,6 +34,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) diff --git a/2023/CVE-2023-21749.md b/2023/CVE-2023-21749.md index bc011d47d..ae11dc6b7 100644 --- a/2023/CVE-2023-21749.md +++ b/2023/CVE-2023-21749.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21750.md b/2023/CVE-2023-21750.md index a41331bcd..624d676ab 100644 --- a/2023/CVE-2023-21750.md +++ b/2023/CVE-2023-21750.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21752.md b/2023/CVE-2023-21752.md index 0a9ce8ca8..437a03952 100644 --- a/2023/CVE-2023-21752.md +++ b/2023/CVE-2023-21752.md @@ -18,7 +18,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21753.md b/2023/CVE-2023-21753.md index 6e98cb8d6..0cdd7e868 100644 --- a/2023/CVE-2023-21753.md +++ b/2023/CVE-2023-21753.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.3887%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-908%3A%20Use%20of%20Uninitialized%20Resource&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21755.md b/2023/CVE-2023-21755.md index a2ef6a960..ef421df65 100644 --- a/2023/CVE-2023-21755.md +++ b/2023/CVE-2023-21755.md @@ -11,7 +11,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.2486%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21766.md b/2023/CVE-2023-21766.md index c5b602268..64daa5c5a 100644 --- a/2023/CVE-2023-21766.md +++ b/2023/CVE-2023-21766.md @@ -21,7 +21,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1487%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21768.md b/2023/CVE-2023-21768.md index b4285a0dc..8e90d558c 100644 --- a/2023/CVE-2023-21768.md +++ b/2023/CVE-2023-21768.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1487%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-822%3A%20Untrusted%20Pointer%20Dereference&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21772.md b/2023/CVE-2023-21772.md index 533fc7484..4da27411f 100644 --- a/2023/CVE-2023-21772.md +++ b/2023/CVE-2023-21772.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21773.md b/2023/CVE-2023-21773.md index cdea5885f..76cc12313 100644 --- a/2023/CVE-2023-21773.md +++ b/2023/CVE-2023-21773.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21774.md b/2023/CVE-2023-21774.md index 17d3fff04..1adaf58bd 100644 --- a/2023/CVE-2023-21774.md +++ b/2023/CVE-2023-21774.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21776.md b/2023/CVE-2023-21776.md index 5b02f14c4..aa6d8876f 100644 --- a/2023/CVE-2023-21776.md +++ b/2023/CVE-2023-21776.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%207&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%208.1&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -33,10 +34,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1455%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1105%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21872%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26321%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24075%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20778%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21779.md b/2023/CVE-2023-21779.md index b83071f56..9cfccedfd 100644 --- a/2023/CVE-2023-21779.md +++ b/2023/CVE-2023-21779.md @@ -1,7 +1,7 @@ ### [CVE-2023-21779](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21779) ![](https://img.shields.io/static/v1?label=Product&message=Visual%20Studio%20Code&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.74.3%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21808.md b/2023/CVE-2023-21808.md index df01b6bae..30fa8fadb 100644 --- a/2023/CVE-2023-21808.md +++ b/2023/CVE-2023-21808.md @@ -25,15 +25,15 @@ ![](https://img.shields.io/static/v1?label=Version&message=17.4.0%3C%2017.4.5%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%2010.0.04038.03%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%2010.0.10240.19747%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%204.7.04038.03%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%204.7.04038.06%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%204.7.04614.08%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%2010.0.04614.06%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.04614.05%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.1%3C%2010.0.09139.02%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.14%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=7.0.0%3C%207.0.3%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=7.2.0%3C%207.2.10%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21812.md b/2023/CVE-2023-21812.md index f97525c06..9e63e65d5 100644 --- a/2023/CVE-2023-21812.md +++ b/2023/CVE-2023-21812.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1265%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1574%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21915%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24116%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20821%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21817.md b/2023/CVE-2023-21817.md index 00c3eb0a3..b50891e4c 100644 --- a/2023/CVE-2023-21817.md +++ b/2023/CVE-2023-21817.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1265%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1574%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21915%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24116%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20821%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%3A%20Improper%20Authentication&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21822.md b/2023/CVE-2023-21822.md index 7ff1f4353..31b1fec08 100644 --- a/2023/CVE-2023-21822.md +++ b/2023/CVE-2023-21822.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1265%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1574%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21915%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24116%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20821%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-21823.md b/2023/CVE-2023-21823.md index ee66213bf..b22a7e932 100644 --- a/2023/CVE-2023-21823.md +++ b/2023/CVE-2023-21823.md @@ -11,6 +11,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -36,10 +37,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.16130.20156%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=2.0.0%3C%202.70.23021003%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21915%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24116%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20821%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-22527.md b/2023/CVE-2023-22527.md index d9c470690..7ca274e68 100644 --- a/2023/CVE-2023-22527.md +++ b/2023/CVE-2023-22527.md @@ -47,6 +47,7 @@ A template injection vulnerability on older versions of Confluence Data Center a - https://github.com/bad-sector-labs/ansible-role-vulhub - https://github.com/badsectorlabs/ludus_vulhub - https://github.com/cleverg0d/CVE-2023-22527 +- https://github.com/cve-sandbox-bot/cve_sandbox - https://github.com/d4n-sec/d4n-sec.github.io - https://github.com/dddinmx/POC-Pocsuite3 - https://github.com/farukokutan/Threat-Intelligence-Research-Reports diff --git a/2023/CVE-2023-22726.md b/2023/CVE-2023-22726.md index 4ac77a50c..c02f62941 100644 --- a/2023/CVE-2023-22726.md +++ b/2023/CVE-2023-22726.md @@ -14,5 +14,5 @@ act is a project which allows for local running of github actions. The artifact - https://securitylab.github.com/advisories/GHSL-2023-004_act/ #### Github -No PoCs found on GitHub currently. +- https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-23349.md b/2023/CVE-2023-23349.md index 3b043f53d..ae65cf9ad 100644 --- a/2023/CVE-2023-23349.md +++ b/2023/CVE-2023-23349.md @@ -14,4 +14,5 @@ No PoCs from references. #### Github - https://github.com/NaInSec/CVE-LIST +- https://github.com/efchatz/pandora diff --git a/2023/CVE-2023-23376.md b/2023/CVE-2023-23376.md index dfdf7d977..56224c641 100644 --- a/2023/CVE-2023-23376.md +++ b/2023/CVE-2023-23376.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1265%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1574%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21915%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26366%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24116%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20821%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23391.md b/2023/CVE-2023-23391.md index e38140b50..c5a146d48 100644 --- a/2023/CVE-2023-23391.md +++ b/2023/CVE-2023-23391.md @@ -1,7 +1,7 @@ ### [CVE-2023-23391](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23391) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20for%20Android&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.16026.20172%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-23%3A%20Relative%20Path%20Traversal&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23392.md b/2023/CVE-2023-23392.md index 735c4b2ee..a2ac59957 100644 --- a/2023/CVE-2023-23392.md +++ b/2023/CVE-2023-23392.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1607%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23396.md b/2023/CVE-2023-23396.md index 619aba154..2fded14cb 100644 --- a/2023/CVE-2023-23396.md +++ b/2023/CVE-2023-23396.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20Web%20Apps%20Server%202013%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=15.0.1%3C%2015.0.5537.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.10396.20000%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%3A%20Uncontrolled%20Resource%20Consumption&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23397.md b/2023/CVE-2023-23397.md index 313b7f125..49e300612 100644 --- a/2023/CVE-2023-23397.md +++ b/2023/CVE-2023-23397.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0.0%3C%2016.0.5387.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23399.md b/2023/CVE-2023-23399.md index b407ea6c6..a731ca125 100644 --- a/2023/CVE-2023-23399.md +++ b/2023/CVE-2023-23399.md @@ -20,7 +20,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.71.23031200%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23408.md b/2023/CVE-2023-23408.md index 1066d8a24..1d576bd18 100644 --- a/2023/CVE-2023-23408.md +++ b/2023/CVE-2023-23408.md @@ -1,7 +1,7 @@ ### [CVE-2023-23408](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23408) ![](https://img.shields.io/static/v1?label=Product&message=Azure%20HDInsight&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0%3C%202302250400%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23410.md b/2023/CVE-2023-23410.md index e2536e598..37d8b84f8 100644 --- a/2023/CVE-2023-23410.md +++ b/2023/CVE-2023-23410.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23415.md b/2023/CVE-2023-23415.md index 489052e35..ebd67fbe4 100644 --- a/2023/CVE-2023-23415.md +++ b/2023/CVE-2023-23415.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23416.md b/2023/CVE-2023-23416.md index f0e9fb0e2..0c4940e76 100644 --- a/2023/CVE-2023-23416.md +++ b/2023/CVE-2023-23416.md @@ -27,7 +27,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23420.md b/2023/CVE-2023-23420.md index 613d075ff..bb81a7743 100644 --- a/2023/CVE-2023-23420.md +++ b/2023/CVE-2023-23420.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23421.md b/2023/CVE-2023-23421.md index 8cd644152..99958a017 100644 --- a/2023/CVE-2023-23421.md +++ b/2023/CVE-2023-23421.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-23422.md b/2023/CVE-2023-23422.md index d9f6f7004..f5a448faf 100644 --- a/2023/CVE-2023-23422.md +++ b/2023/CVE-2023-23422.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,6 +31,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) diff --git a/2023/CVE-2023-23423.md b/2023/CVE-2023-23423.md index d3ed1f078..3dbfff275 100644 --- a/2023/CVE-2023-23423.md +++ b/2023/CVE-2023-23423.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,6 +31,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1696%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1413%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.21966%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26415%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24168%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20865%20&color=brighgreen) diff --git a/2023/CVE-2023-23752.md b/2023/CVE-2023-23752.md index cce95a4b7..2445561a1 100644 --- a/2023/CVE-2023-23752.md +++ b/2023/CVE-2023-23752.md @@ -18,6 +18,7 @@ No PoCs from references. - https://github.com/0xNahim/CVE-2023-23752 - https://github.com/0xWhoami35/CVE-2023-23752 - https://github.com/0xWhoami35/Devvorte-Writeup +- https://github.com/0xsyr0/OSCP - https://github.com/20142995/Goby - https://github.com/20142995/pocsuite3 - https://github.com/ARPSyndicate/cvemon diff --git a/2023/CVE-2023-24023.md b/2023/CVE-2023-24023.md index a53505f39..70bd328e5 100644 --- a/2023/CVE-2023-24023.md +++ b/2023/CVE-2023-24023.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/engn33r/awesome-bluetooth-security - https://github.com/francozappa/bluffs +- https://github.com/sgxgsx/BlueToolkit diff --git a/2023/CVE-2023-24893.md b/2023/CVE-2023-24893.md index 92eba34a7..1e5777445 100644 --- a/2023/CVE-2023-24893.md +++ b/2023/CVE-2023-24893.md @@ -1,7 +1,7 @@ ### [CVE-2023-24893](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24893) ![](https://img.shields.io/static/v1?label=Product&message=Visual%20Studio%20Code&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.77.0%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-24930.md b/2023/CVE-2023-24930.md index ecad0a9c0..48818b928 100644 --- a/2023/CVE-2023-24930.md +++ b/2023/CVE-2023-24930.md @@ -1,7 +1,7 @@ ### [CVE-2023-24930](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24930) ![](https://img.shields.io/static/v1?label=Product&message=OneDrive%20for%20MacOS%20Installer&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=22.0.0.0%3C%2023.020.0125.0002%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-24932.md b/2023/CVE-2023-24932.md index 4cd212bf0..0b7628fbc 100644 --- a/2023/CVE-2023-24932.md +++ b/2023/CVE-2023-24932.md @@ -57,4 +57,5 @@ No PoCs from references. - https://github.com/MHimken/WinRE-Customization - https://github.com/Wack0/CVE-2022-21894 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/petripaavola/Intune diff --git a/2023/CVE-2023-24934.md b/2023/CVE-2023-24934.md index 1dc13a591..4613d6a66 100644 --- a/2023/CVE-2023-24934.md +++ b/2023/CVE-2023-24934.md @@ -1,7 +1,7 @@ ### [CVE-2023-24934](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24934) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Malware%20Protection%20Platform&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=4.0.0.0%3C%204.18.2303.8%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-306%3A%20Missing%20Authentication%20for%20Critical%20Function&color=brighgreen) ### Description diff --git a/2023/CVE-2023-24941.md b/2023/CVE-2023-24941.md index 4a05ceb1d..c24648ebe 100644 --- a/2023/CVE-2023-24941.md +++ b/2023/CVE-2023-24941.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1726%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24266%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20969%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-908%3A%20Use%20of%20Uninitialized%20Resource&color=brighgreen) ### Description diff --git a/2023/CVE-2023-24955.md b/2023/CVE-2023-24955.md index 90d72466e..6f5af2641 100644 --- a/2023/CVE-2023-24955.md +++ b/2023/CVE-2023-24955.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10398.20000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.16130.20420%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5395.1000%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%3A%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-25330.md b/2023/CVE-2023-25330.md index 5fe5e7a3e..515b4d8c6 100644 --- a/2023/CVE-2023-25330.md +++ b/2023/CVE-2023-25330.md @@ -5,7 +5,7 @@ ### Description -A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID valuer. +** DISPUTED ** A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID valuer. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications that avoid SQL injection. ### POC diff --git a/2023/CVE-2023-26756.md b/2023/CVE-2023-26756.md index 261af0284..5a8797962 100644 --- a/2023/CVE-2023-26756.md +++ b/2023/CVE-2023-26756.md @@ -5,7 +5,7 @@ ### Description -The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. +** DISPUTED ** The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. NOTE: The vendor's position is that this is effectively mitigated by rate limits and password-quality features. ### POC diff --git a/2023/CVE-2023-27372.md b/2023/CVE-2023-27372.md index 37c5cc19c..3732685dd 100644 --- a/2023/CVE-2023-27372.md +++ b/2023/CVE-2023-27372.md @@ -24,6 +24,7 @@ SPIP before 4.2.1 allows Remote Code Execution via form values in the public are - https://github.com/izzz0/CVE-2023-27372-POC - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/nuts7/CVE-2023-27372 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/redboltsec/CVE-2023-27372-PoC - https://github.com/tucommenceapousser/CVE-2023-27372 diff --git a/2023/CVE-2023-28218.md b/2023/CVE-2023-28218.md index 2beaeaf73..01442ce80 100644 --- a/2023/CVE-2023-28218.md +++ b/2023/CVE-2023-28218.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28222.md b/2023/CVE-2023-28222.md index fb957bbeb..1f9f9f1d4 100644 --- a/2023/CVE-2023-28222.md +++ b/2023/CVE-2023-28222.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28226.md b/2023/CVE-2023-28226.md index eb4ed6c53..1fb03588c 100644 --- a/2023/CVE-2023-28226.md +++ b/2023/CVE-2023-28226.md @@ -15,7 +15,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.2846%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-347%3A%20Improper%20Verification%20of%20Cryptographic%20Signature&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28228.md b/2023/CVE-2023-28228.md index 9e7321e83..ccc6e52d9 100644 --- a/2023/CVE-2023-28228.md +++ b/2023/CVE-2023-28228.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-347%3A%20Improper%20Verification%20of%20Cryptographic%20Signature&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28229.md b/2023/CVE-2023-28229.md index e8f196470..67c0e3913 100644 --- a/2023/CVE-2023-28229.md +++ b/2023/CVE-2023-28229.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28231.md b/2023/CVE-2023-28231.md index 45c623abc..d864b5b25 100644 --- a/2023/CVE-2023-28231.md +++ b/2023/CVE-2023-28231.md @@ -1,5 +1,6 @@ ### [CVE-2023-28231](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28231) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -16,10 +17,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.4252%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1668%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description @@ -33,6 +35,7 @@ No PoCs from references. #### Github - https://github.com/2lambda123/diaphora - https://github.com/ARPSyndicate/cvemon +- https://github.com/TheHermione/CVE-2023-28231 - https://github.com/elefantesagradodeluzinfinita/elefantesagradodeluzinfinita - https://github.com/glavstroy/CVE-2023-28231 - https://github.com/joxeankoret/diaphora diff --git a/2023/CVE-2023-28244.md b/2023/CVE-2023-28244.md index 9019707b3..8e3efcc21 100644 --- a/2023/CVE-2023-28244.md +++ b/2023/CVE-2023-28244.md @@ -1,5 +1,6 @@ ### [CVE-2023-28244](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28244) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -16,10 +17,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.4252%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1668%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-327%3A%20Use%20of%20a%20Broken%20or%20Risky%20Cryptographic%20Algorithm&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28248.md b/2023/CVE-2023-28248.md index abb622db8..57b702bc6 100644 --- a/2023/CVE-2023-28248.md +++ b/2023/CVE-2023-28248.md @@ -19,7 +19,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1668%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28250.md b/2023/CVE-2023-28250.md index aadb9438e..aa9d31d19 100644 --- a/2023/CVE-2023-28250.md +++ b/2023/CVE-2023-28250.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-191%3A%20Integer%20Underflow%20(Wrap%20or%20Wraparound)&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28252.md b/2023/CVE-2023-28252.md index a5ca458b9..6a633ac41 100644 --- a/2023/CVE-2023-28252.md +++ b/2023/CVE-2023-28252.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28271.md b/2023/CVE-2023-28271.md index c2bf5a1f2..55408b671 100644 --- a/2023/CVE-2023-28271.md +++ b/2023/CVE-2023-28271.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%3A%20Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28285.md b/2023/CVE-2023-28285.md index 19a1f8a61..a229fd987 100644 --- a/2023/CVE-2023-28285.md +++ b/2023/CVE-2023-28285.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.72.23040900%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.72.23040900%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28287.md b/2023/CVE-2023-28287.md index 47abed311..6b455d15d 100644 --- a/2023/CVE-2023-28287.md +++ b/2023/CVE-2023-28287.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5391.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28288.md b/2023/CVE-2023-28288.md index 004ee6565..4074767a5 100644 --- a/2023/CVE-2023-28288.md +++ b/2023/CVE-2023-28288.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10397.20002%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.16130.20314%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5391.1000%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-918%3A%20Server-Side%20Request%20Forgery%20(SSRF)&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28293.md b/2023/CVE-2023-28293.md index cb3c50460..2d4eb3c22 100644 --- a/2023/CVE-2023-28293.md +++ b/2023/CVE-2023-28293.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-191%3A%20Integer%20Underflow%20(Wrap%20or%20Wraparound)&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28295.md b/2023/CVE-2023-28295.md index 86a15f27a..3f9fa47f0 100644 --- a/2023/CVE-2023-28295.md +++ b/2023/CVE-2023-28295.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5391.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28302.md b/2023/CVE-2023-28302.md index 4af272510..30f8e8551 100644 --- a/2023/CVE-2023-28302.md +++ b/2023/CVE-2023-28302.md @@ -8,6 +8,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -30,10 +31,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.1817%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1555%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22015%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26466%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24216%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20919%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28303.md b/2023/CVE-2023-28303.md index 770d48c03..693877dd3 100644 --- a/2023/CVE-2023-28303.md +++ b/2023/CVE-2023-28303.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Snipping%20Tool&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=11.0.0%3C%2011.2302.20.0%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=9.0%3C%2010.2008.3001.0%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-359%3A%20Exposure%20of%20Private%20Personal%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28310.md b/2023/CVE-2023-28310.md index 9d32fbc62..72b7d005e 100644 --- a/2023/CVE-2023-28310.md +++ b/2023/CVE-2023-28310.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.027%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.030%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.016%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28311.md b/2023/CVE-2023-28311.md index c8ad03b96..b56c13bd8 100644 --- a/2023/CVE-2023-28311.md +++ b/2023/CVE-2023-28311.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.72.23040900%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.72.23040900%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-28343.md b/2023/CVE-2023-28343.md index 874dd3cd6..0e13731ff 100644 --- a/2023/CVE-2023-28343.md +++ b/2023/CVE-2023-28343.md @@ -19,6 +19,7 @@ OS command injection affects Altenergy Power Control Software C1.2.5 via shell m - https://github.com/hba343434/CVE-2023-28343 - https://github.com/karimhabush/cyberowl - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/superzerosec/CVE-2023-28343 - https://github.com/superzerosec/poc-exploit-index diff --git a/2023/CVE-2023-28432.md b/2023/CVE-2023-28432.md index 54759c09c..b03116179 100644 --- a/2023/CVE-2023-28432.md +++ b/2023/CVE-2023-28432.md @@ -59,11 +59,13 @@ No PoCs from references. - https://github.com/komodoooo/some-things - https://github.com/netuseradministrator/CVE-2023-28432 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/soxoj/information-disclosure-writeups-and-pocs - https://github.com/steponeerror/Cve-2023-28432- - https://github.com/trailofbits/awesome-ml-security - https://github.com/unam4/CVE-2023-28432-minio_update_rce - https://github.com/whoami13apt/files2 +- https://github.com/wy876/POC - https://github.com/xk-mt/CVE-2023-28432 - https://github.com/yTxZx/CVE-2023-28432 - https://github.com/yuyongxr/minio_cve-2023-28432 diff --git a/2023/CVE-2023-28531.md b/2023/CVE-2023-28531.md index bf0953a9d..ac0515809 100644 --- a/2023/CVE-2023-28531.md +++ b/2023/CVE-2023-28531.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/drg3nz0/gpt-analyzer - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/morpheuslord/GPT_Vuln-analyzer +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-29324.md b/2023/CVE-2023-29324.md index e39896adf..2a1032d43 100644 --- a/2023/CVE-2023-29324.md +++ b/2023/CVE-2023-29324.md @@ -35,7 +35,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26519%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24266%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20969%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-73%3A%20External%20Control%20of%20File%20Name%20or%20Path&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29325.md b/2023/CVE-2023-29325.md index 942b6863c..fb6e7399f 100644 --- a/2023/CVE-2023-29325.md +++ b/2023/CVE-2023-29325.md @@ -35,7 +35,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26519%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24266%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20969%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29332.md b/2023/CVE-2023-29332.md index af385217e..4acd29406 100644 --- a/2023/CVE-2023-29332.md +++ b/2023/CVE-2023-29332.md @@ -1,7 +1,7 @@ ### [CVE-2023-29332](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29332) ![](https://img.shields.io/static/v1?label=Product&message=Azure%20Kubernetes%20Service&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0%3C%20VHD%20202308%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-330%3A%20Use%20of%20Insufficiently%20Random%20Values&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29336.md b/2023/CVE-2023-29336.md index 737846cb7..d3050d3fa 100644 --- a/2023/CVE-2023-29336.md +++ b/2023/CVE-2023-29336.md @@ -19,7 +19,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26519%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24266%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.20969%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29338.md b/2023/CVE-2023-29338.md index a3d64cdf6..0d408160d 100644 --- a/2023/CVE-2023-29338.md +++ b/2023/CVE-2023-29338.md @@ -1,7 +1,7 @@ ### [CVE-2023-29338](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29338) ![](https://img.shields.io/static/v1?label=Product&message=Visual%20Studio%20Code&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.78.1%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%3A%20Improper%20Authorization&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29343.md b/2023/CVE-2023-29343.md index 7a6a74626..81d2227f5 100644 --- a/2023/CVE-2023-29343.md +++ b/2023/CVE-2023-29343.md @@ -1,7 +1,7 @@ ### [CVE-2023-29343](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29343) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Sysmon&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0%3C%2014.16%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29357.md b/2023/CVE-2023-29357.md index f134cb979..da37df7bc 100644 --- a/2023/CVE-2023-29357.md +++ b/2023/CVE-2023-29357.md @@ -1,7 +1,7 @@ ### [CVE-2023-29357](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29357) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10399.20005%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-303%3A%20Incorrect%20Implementation%20of%20Authentication%20Algorithm&color=brighgreen) ### Description diff --git a/2023/CVE-2023-29360.md b/2023/CVE-2023-29360.md index 10c3f7523..c354d5e8c 100644 --- a/2023/CVE-2023-29360.md +++ b/2023/CVE-2023-29360.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1787%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2057%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1848%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-822%3A%20Untrusted%20Pointer%20Dereference&color=brighgreen) ### Description diff --git a/2023/CVE-2023-2975.md b/2023/CVE-2023-2975.md index 359242d6d..05b352463 100644 --- a/2023/CVE-2023-2975.md +++ b/2023/CVE-2023-2975.md @@ -17,5 +17,6 @@ No PoCs from references. - https://github.com/chnzzh/OpenSSL-CVE-lib - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/seal-community/patches +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/tquizzle/clamav-alpine diff --git a/2023/CVE-2023-31468.md b/2023/CVE-2023-31468.md index e6362af34..95763d801 100644 --- a/2023/CVE-2023-31468.md +++ b/2023/CVE-2023-31468.md @@ -5,7 +5,7 @@ ### Description -An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The "%PROGRAMFILES(X86)%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. +An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The "%PROGRAMFILES(X86)%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version. ### POC diff --git a/2023/CVE-2023-32031.md b/2023/CVE-2023-32031.md index 385a6a3fd..80330cf8a 100644 --- a/2023/CVE-2023-32031.md +++ b/2023/CVE-2023-32031.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.027%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.030%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.016%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-32046.md b/2023/CVE-2023-32046.md index 8ac93e7c6..9a46ef7fc 100644 --- a/2023/CVE-2023-32046.md +++ b/2023/CVE-2023-32046.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,6 +29,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22175%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21063%20&color=brighgreen) diff --git a/2023/CVE-2023-32054.md b/2023/CVE-2023-32054.md new file mode 100644 index 000000000..ed072ee0c --- /dev/null +++ b/2023/CVE-2023-32054.md @@ -0,0 +1,42 @@ +### [CVE-2023-32054](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32054) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201507&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201607&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202022&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.10240.20048%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.14393.6085%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.4645%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19044.3208%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.3208%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26623%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26623%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-36%3A%20Absolute%20Path%20Traversal&color=brighgreen) + +### Description + +Volume Shadow Copy Elevation of Privilege Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/SafeBreach-Labs/MagicDot + diff --git a/2023/CVE-2023-33137.md b/2023/CVE-2023-33137.md index 5da24f481..c6fb899bf 100644 --- a/2023/CVE-2023-33137.md +++ b/2023/CVE-2023-33137.md @@ -7,7 +7,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0.0%3C%2016.0.5400.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.10399.20000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-415%3A%20Double%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-33144.md b/2023/CVE-2023-33144.md index 085362c88..624bbfe75 100644 --- a/2023/CVE-2023-33144.md +++ b/2023/CVE-2023-33144.md @@ -1,7 +1,7 @@ ### [CVE-2023-33144](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33144) ![](https://img.shields.io/static/v1?label=Product&message=Visual%20Studio%20Code&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.79%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-23%3A%20Relative%20Path%20Traversal&color=brighgreen) ### Description diff --git a/2023/CVE-2023-33148.md b/2023/CVE-2023-33148.md index e7cb9e863..502793030 100644 --- a/2023/CVE-2023-33148.md +++ b/2023/CVE-2023-33148.md @@ -6,7 +6,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.0.0.0%3C%2015.0.5571.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-3390.md b/2023/CVE-2023-3390.md index a2ff693bf..0687c0c86 100644 --- a/2023/CVE-2023-3390.md +++ b/2023/CVE-2023-3390.md @@ -15,5 +15,6 @@ A use-after-free vulnerability was found in the Linux kernel's netfilter subsyst #### Github - https://github.com/c0m0r1/c0m0r1 - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/tanjiti/sec_profile - https://github.com/xairy/linux-kernel-exploitation diff --git a/2023/CVE-2023-3446.md b/2023/CVE-2023-3446.md index 7d0b785f3..304d275c6 100644 --- a/2023/CVE-2023-3446.md +++ b/2023/CVE-2023-3446.md @@ -17,4 +17,5 @@ No PoCs from references. - https://github.com/chnzzh/OpenSSL-CVE-lib - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/seal-community/patches +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-34960.md b/2023/CVE-2023-34960.md index 4995d96ed..007588166 100644 --- a/2023/CVE-2023-34960.md +++ b/2023/CVE-2023-34960.md @@ -32,6 +32,7 @@ A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11 - https://github.com/laohuan12138/exp-collect - https://github.com/lions2012/Penetration_Testing_POC - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/tucommenceapousser/CVE-2023-34960-ex - https://github.com/whoami13apt/files2 diff --git a/2023/CVE-2023-35311.md b/2023/CVE-2023-35311.md index b816ba2b8..a033e3364 100644 --- a/2023/CVE-2023-35311.md +++ b/2023/CVE-2023-35311.md @@ -10,7 +10,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0.0%3C%2016.0.5404.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-367%3A%20Time-of-check%20Time-of-use%20(TOCTOU)%20Race%20Condition&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35313.md b/2023/CVE-2023-35313.md index 9dba6424c..94c7fa022 100644 --- a/2023/CVE-2023-35313.md +++ b/2023/CVE-2023-35313.md @@ -19,7 +19,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35353.md b/2023/CVE-2023-35353.md index d2aa2eda4..aba3e0c73 100644 --- a/2023/CVE-2023-35353.md +++ b/2023/CVE-2023-35353.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35356.md b/2023/CVE-2023-35356.md index 3bf3147f4..ea34b594b 100644 --- a/2023/CVE-2023-35356.md +++ b/2023/CVE-2023-35356.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-843%3A%20Access%20of%20Resource%20Using%20Incompatible%20Type%20('Type%20Confusion')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35357.md b/2023/CVE-2023-35357.md index 10057358a..e1268784a 100644 --- a/2023/CVE-2023-35357.md +++ b/2023/CVE-2023-35357.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35358.md b/2023/CVE-2023-35358.md index f77740c40..5af24dae1 100644 --- a/2023/CVE-2023-35358.md +++ b/2023/CVE-2023-35358.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35359.md b/2023/CVE-2023-35359.md index 60c7cf192..50ef0e6fb 100644 --- a/2023/CVE-2023-35359.md +++ b/2023/CVE-2023-35359.md @@ -33,7 +33,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26664%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24414%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21503%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-23%3A%20Relative%20Path%20Traversal&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35360.md b/2023/CVE-2023-35360.md index 2ccfc4674..05244703a 100644 --- a/2023/CVE-2023-35360.md +++ b/2023/CVE-2023-35360.md @@ -25,7 +25,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21063%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35361.md b/2023/CVE-2023-35361.md index e4be82147..70230b926 100644 --- a/2023/CVE-2023-35361.md +++ b/2023/CVE-2023-35361.md @@ -25,7 +25,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21063%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-362%3A%20Concurrent%20Execution%20using%20Shared%20Resource%20with%20Improper%20Synchronization%20('Race%20Condition')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35362.md b/2023/CVE-2023-35362.md index 87be76872..8d10d8051 100644 --- a/2023/CVE-2023-35362.md +++ b/2023/CVE-2023-35362.md @@ -19,7 +19,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35363.md b/2023/CVE-2023-35363.md index 2e2eee131..cf5ef82e1 100644 --- a/2023/CVE-2023-35363.md +++ b/2023/CVE-2023-35363.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35364.md b/2023/CVE-2023-35364.md index 7f1d1411f..8b1a0a495 100644 --- a/2023/CVE-2023-35364.md +++ b/2023/CVE-2023-35364.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1850%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35365.md b/2023/CVE-2023-35365.md index dd077a47e..f969bebd0 100644 --- a/2023/CVE-2023-35365.md +++ b/2023/CVE-2023-35365.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22175%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21063%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35368.md b/2023/CVE-2023-35368.md index a8d08627d..781cb1f6d 100644 --- a/2023/CVE-2023-35368.md +++ b/2023/CVE-2023-35368.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.032%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.037%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35382.md b/2023/CVE-2023-35382.md index 5cc372220..a95d7a29e 100644 --- a/2023/CVE-2023-35382.md +++ b/2023/CVE-2023-35382.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1906%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2295%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2134%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35386.md b/2023/CVE-2023-35386.md index e800c67b9..629752942 100644 --- a/2023/CVE-2023-35386.md +++ b/2023/CVE-2023-35386.md @@ -19,7 +19,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1906%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2295%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2134%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35388.md b/2023/CVE-2023-35388.md index 79a692c4a..0c6f7f477 100644 --- a/2023/CVE-2023-35388.md +++ b/2023/CVE-2023-35388.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.032%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.037%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35390.md b/2023/CVE-2023-35390.md index c8b0fa60c..febc573c5 100644 --- a/2023/CVE-2023-35390.md +++ b/2023/CVE-2023-35390.md @@ -9,7 +9,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=17.6.0%3C%2017.6.6%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.21%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=7.0.0%3C%207.0.10%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-77%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20a%20Command%20('Command%20Injection')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35618.md b/2023/CVE-2023-35618.md index 02bfdbe19..add24f4bb 100644 --- a/2023/CVE-2023-35618.md +++ b/2023/CVE-2023-35618.md @@ -1,7 +1,7 @@ ### [CVE-2023-35618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35618) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20120.0.2210.61%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35628.md b/2023/CVE-2023-35628.md index 826a9f4c2..7f319a7eb 100644 --- a/2023/CVE-2023-35628.md +++ b/2023/CVE-2023-35628.md @@ -34,7 +34,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35630.md b/2023/CVE-2023-35630.md index e4748c331..5eb291aa4 100644 --- a/2023/CVE-2023-35630.md +++ b/2023/CVE-2023-35630.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35632.md b/2023/CVE-2023-35632.md index 6f6038083..097aec946 100644 --- a/2023/CVE-2023-35632.md +++ b/2023/CVE-2023-35632.md @@ -23,7 +23,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35633.md b/2023/CVE-2023-35633.md index 0ca2a0ab8..358e2a801 100644 --- a/2023/CVE-2023-35633.md +++ b/2023/CVE-2023-35633.md @@ -15,7 +15,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35636.md b/2023/CVE-2023-35636.md index e0d66dd98..92c6ed905 100644 --- a/2023/CVE-2023-35636.md +++ b/2023/CVE-2023-35636.md @@ -6,7 +6,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5426.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%3A%20Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35639.md b/2023/CVE-2023-35639.md index 1c21c7586..8d0c42fe9 100644 --- a/2023/CVE-2023-35639.md +++ b/2023/CVE-2023-35639.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35641.md b/2023/CVE-2023-35641.md index 61c5401d7..3820c3a3d 100644 --- a/2023/CVE-2023-35641.md +++ b/2023/CVE-2023-35641.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-682%3A%20Incorrect%20Calculation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-35644.md b/2023/CVE-2023-35644.md index 88d1438c8..97e43c6f6 100644 --- a/2023/CVE-2023-35644.md +++ b/2023/CVE-2023-35644.md @@ -18,7 +18,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.584%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36003.md b/2023/CVE-2023-36003.md index be7c2beb2..84368b0ad 100644 --- a/2023/CVE-2023-36003.md +++ b/2023/CVE-2023-36003.md @@ -24,7 +24,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.584%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-426%3A%20Untrusted%20Search%20Path&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36005.md b/2023/CVE-2023-36005.md index 94b1644e2..24c09a7ca 100644 --- a/2023/CVE-2023-36005.md +++ b/2023/CVE-2023-36005.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36006.md b/2023/CVE-2023-36006.md index efde0c412..9a53cdcfd 100644 --- a/2023/CVE-2023-36006.md +++ b/2023/CVE-2023-36006.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26864%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%3A%20Stack-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36011.md b/2023/CVE-2023-36011.md index 06f9ea150..7ff292d23 100644 --- a/2023/CVE-2023-36011.md +++ b/2023/CVE-2023-36011.md @@ -30,7 +30,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.584%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24614%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21715%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-822%3A%20Untrusted%20Pointer%20Dereference&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36019.md b/2023/CVE-2023-36019.md index a4948c79a..39185cdb6 100644 --- a/2023/CVE-2023-36019.md +++ b/2023/CVE-2023-36019.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Power%20Platform&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%203.23113%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=3.0%3C%203.23113%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-73%3A%20External%20Control%20of%20File%20Name%20or%20Path&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36033.md b/2023/CVE-2023-36033.md index 774499480..b071168b5 100644 --- a/2023/CVE-2023-36033.md +++ b/2023/CVE-2023-36033.md @@ -18,7 +18,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.531%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-822%3A%20Untrusted%20Pointer%20Dereference&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36034.md b/2023/CVE-2023-36034.md index a11f3489b..2b05ae641 100644 --- a/2023/CVE-2023-36034.md +++ b/2023/CVE-2023-36034.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20118.0.2088.88%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20119.0.2151.44%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36036.md b/2023/CVE-2023-36036.md index 8f6a11ba0..727880b0b 100644 --- a/2023/CVE-2023-36036.md +++ b/2023/CVE-2023-36036.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26816%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24569%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21668%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36041.md b/2023/CVE-2023-36041.md index c8a823d42..ea882e624 100644 --- a/2023/CVE-2023-36041.md +++ b/2023/CVE-2023-36041.md @@ -8,7 +8,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.79.23111019%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36047.md b/2023/CVE-2023-36047.md index 903e42a31..3bef39900 100644 --- a/2023/CVE-2023-36047.md +++ b/2023/CVE-2023-36047.md @@ -18,7 +18,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.531%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36052.md b/2023/CVE-2023-36052.md index 3d612b248..7a030bd42 100644 --- a/2023/CVE-2023-36052.md +++ b/2023/CVE-2023-36052.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Azure%20Function%20App&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Azure%20Logic%20App&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%202.53.1%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-359%3A%20Exposure%20of%20Private%20Personal%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36054.md b/2023/CVE-2023-36054.md index a129f48c8..8285c4c48 100644 --- a/2023/CVE-2023-36054.md +++ b/2023/CVE-2023-36054.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/adegoodyer/kubernetes-admin-toolkit - https://github.com/ecperth/check-aws-inspector +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-36085.md b/2023/CVE-2023-36085.md index 1c329ae56..30a14946f 100644 --- a/2023/CVE-2023-36085.md +++ b/2023/CVE-2023-36085.md @@ -14,5 +14,5 @@ The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injec - https://github.com/omershaik0/Handmade_Exploits/tree/main/SISQUALWFM-Host-Header-Injection-CVE-2023-36085 #### Github -No PoCs found on GitHub currently. +- https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-36391.md b/2023/CVE-2023-36391.md index 1c281baea..6c63caa77 100644 --- a/2023/CVE-2023-36391.md +++ b/2023/CVE-2023-36391.md @@ -1,8 +1,9 @@ ### [CVE-2023-36391](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36391) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20Version%2023H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H3&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2861%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36396.md b/2023/CVE-2023-36396.md new file mode 100644 index 000000000..e082fe668 --- /dev/null +++ b/2023/CVE-2023-36396.md @@ -0,0 +1,20 @@ +### [CVE-2023-36396](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36396) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20Version%2023H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H3&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2715%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2715%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-41%3A%20Improper%20Resolution%20of%20Path%20Equivalence&color=brighgreen) + +### Description + +Windows Compressed Folder Remote Code Execution Vulnerability + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/SafeBreach-Labs/MagicDot + diff --git a/2023/CVE-2023-36403.md b/2023/CVE-2023-36403.md index fcf26b958..069434538 100644 --- a/2023/CVE-2023-36403.md +++ b/2023/CVE-2023-36403.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26816%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24569%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21668%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-591%3A%20Sensitive%20Data%20Storage%20in%20Improperly%20Locked%20Memory&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36404.md b/2023/CVE-2023-36404.md index f8cdefbd3..91a8733d4 100644 --- a/2023/CVE-2023-36404.md +++ b/2023/CVE-2023-36404.md @@ -22,7 +22,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.531%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36407.md b/2023/CVE-2023-36407.md index aaac6b088..0cb92c456 100644 --- a/2023/CVE-2023-36407.md +++ b/2023/CVE-2023-36407.md @@ -10,7 +10,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2715%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.531%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36414.md b/2023/CVE-2023-36414.md index 170ee3a92..9b9149032 100644 --- a/2023/CVE-2023-36414.md +++ b/2023/CVE-2023-36414.md @@ -1,7 +1,7 @@ ### [CVE-2023-36414](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36414) ![](https://img.shields.io/static/v1?label=Product&message=Azure%20Identity%20SDK%20for%20.NET&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%201.10.2%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-77%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20a%20Command%20('Command%20Injection')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36424.md b/2023/CVE-2023-36424.md index 491df6bc5..297d22f75 100644 --- a/2023/CVE-2023-36424.md +++ b/2023/CVE-2023-36424.md @@ -38,7 +38,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26816%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24569%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21668%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36434.md b/2023/CVE-2023-36434.md index ed7e6e4d7..402d488c7 100644 --- a/2023/CVE-2023-36434.md +++ b/2023/CVE-2023-36434.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2538%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2428%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22317%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24523%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21620%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-307%3A%20Improper%20Restriction%20of%20Excessive%20Authentication%20Attempts&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36439.md b/2023/CVE-2023-36439.md index fc6c2795c..ec23a26c1 100644 --- a/2023/CVE-2023-36439.md +++ b/2023/CVE-2023-36439.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.035%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.040%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.028%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36562.md b/2023/CVE-2023-36562.md index 207880c7e..72638e5e0 100644 --- a/2023/CVE-2023-36562.md +++ b/2023/CVE-2023-36562.md @@ -1,7 +1,7 @@ ### [CVE-2023-36562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36562) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20117.0.2045.31%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36563.md b/2023/CVE-2023-36563.md index 7903f1d21..38ed208bb 100644 --- a/2023/CVE-2023-36563.md +++ b/2023/CVE-2023-36563.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2538%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2428%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22317%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24523%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21620%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36576.md b/2023/CVE-2023-36576.md index 906a8e6d1..770c6d599 100644 --- a/2023/CVE-2023-36576.md +++ b/2023/CVE-2023-36576.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.2031%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2538%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2428%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36584.md b/2023/CVE-2023-36584.md index 8cc085ab7..7d7b1be19 100644 --- a/2023/CVE-2023-36584.md +++ b/2023/CVE-2023-36584.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,6 +29,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2538%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2428%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22317%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26769%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24523%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21620%20&color=brighgreen) diff --git a/2023/CVE-2023-36696.md b/2023/CVE-2023-36696.md index 27dd33aff..4d249fa0d 100644 --- a/2023/CVE-2023-36696.md +++ b/2023/CVE-2023-36696.md @@ -18,7 +18,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22631.2861%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.25398.584%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36723.md b/2023/CVE-2023-36723.md index 81be36d5e..f4c1aaee3 100644 --- a/2023/CVE-2023-36723.md +++ b/2023/CVE-2023-36723.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.2031%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2538%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2428%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36728.md b/2023/CVE-2023-36728.md index 8f829edbe..fcd0e6844 100644 --- a/2023/CVE-2023-36728.md +++ b/2023/CVE-2023-36728.md @@ -31,7 +31,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=18.0.0%3C%2018.6.0007.0%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=18.0.0.0%3C%2018.3.2.1%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%2019.3.0002.0%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36735.md b/2023/CVE-2023-36735.md index 67b85bb81..629f4a238 100644 --- a/2023/CVE-2023-36735.md +++ b/2023/CVE-2023-36735.md @@ -1,7 +1,7 @@ ### [CVE-2023-36735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36735) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20117.0.2045.31%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36741.md b/2023/CVE-2023-36741.md index 81ca92193..0006ff1c5 100644 --- a/2023/CVE-2023-36741.md +++ b/2023/CVE-2023-36741.md @@ -1,7 +1,7 @@ ### [CVE-2023-36741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36741) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20116.0.1938.62%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36745.md b/2023/CVE-2023-36745.md index db6227341..d3be5f56a 100644 --- a/2023/CVE-2023-36745.md +++ b/2023/CVE-2023-36745.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.032%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.037%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36761.md b/2023/CVE-2023-36761.md index d550fa048..1b26192fe 100644 --- a/2023/CVE-2023-36761.md +++ b/2023/CVE-2023-36761.md @@ -9,7 +9,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.0.5413.1000%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36764.md b/2023/CVE-2023-36764.md index f3e19101b..5bdbee733 100644 --- a/2023/CVE-2023-36764.md +++ b/2023/CVE-2023-36764.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.10402.20016%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.16731.20180%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.0%3C%2016.0.5413.1001%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-73%3A%20External%20Control%20of%20File%20Name%20or%20Path&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36778.md b/2023/CVE-2023-36778.md index f174c60b0..ef2f43e37 100644 --- a/2023/CVE-2023-36778.md +++ b/2023/CVE-2023-36778.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.034%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.039%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.027%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-426%3A%20Untrusted%20Search%20Path&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36787.md b/2023/CVE-2023-36787.md index 414fe95e8..6aed8dfc2 100644 --- a/2023/CVE-2023-36787.md +++ b/2023/CVE-2023-36787.md @@ -1,7 +1,7 @@ ### [CVE-2023-36787](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36787) ![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Edge%20(Chromium-based)&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0%3C%20116.0.1938.54%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36802.md b/2023/CVE-2023-36802.md index 529319510..146616e10 100644 --- a/2023/CVE-2023-36802.md +++ b/2023/CVE-2023-36802.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1970%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2283%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36803.md b/2023/CVE-2023-36803.md index d5034e73d..67800e399 100644 --- a/2023/CVE-2023-36803.md +++ b/2023/CVE-2023-36803.md @@ -17,7 +17,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1970%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2283%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-126%3A%20Buffer%20Over-read&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36874.md b/2023/CVE-2023-36874.md index 2b4541d41..551d614a1 100644 --- a/2023/CVE-2023-36874.md +++ b/2023/CVE-2023-36874.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2176%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.1992%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22175%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26623%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24374%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21063%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36884.md b/2023/CVE-2023-36884.md index d4fd3b6f0..84fbb0b1d 100644 --- a/2023/CVE-2023-36884.md +++ b/2023/CVE-2023-36884.md @@ -33,7 +33,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26664%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24414%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21503%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-362%3A%20Concurrent%20Execution%20using%20Shared%20Resource%20with%20Improper%20Synchronization%20('Race%20Condition')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36895.md b/2023/CVE-2023-36895.md index 8fd5f52c5..c120c905c 100644 --- a/2023/CVE-2023-36895.md +++ b/2023/CVE-2023-36895.md @@ -13,7 +13,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%2016.76.23081101%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-36899.md b/2023/CVE-2023-36899.md index 14c05bb9d..fb1ab5a42 100644 --- a/2023/CVE-2023-36899.md +++ b/2023/CVE-2023-36899.md @@ -16,7 +16,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.04654.06%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.4654.06%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=4.8.1%3C%204.8.09176.01%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen) ### Description @@ -33,5 +33,6 @@ No PoCs from references. - https://github.com/hktalent/bug-bounty - https://github.com/midisec/CVE-2023-36899 - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/riramar/Web-Attack-Cheat-Sheet - https://github.com/w181496/Web-CTF-Cheatsheet diff --git a/2023/CVE-2023-36900.md b/2023/CVE-2023-36900.md index ce7bf0dcb..d4a62548a 100644 --- a/2023/CVE-2023-36900.md +++ b/2023/CVE-2023-36900.md @@ -33,7 +33,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26664%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24414%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21503%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-190%3A%20Integer%20Overflow%20or%20Wraparound&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38039.md b/2023/CVE-2023-38039.md index 92114c518..9e4e1fcf9 100644 --- a/2023/CVE-2023-38039.md +++ b/2023/CVE-2023-38039.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-38139.md b/2023/CVE-2023-38139.md index 9f64bda90..a78df3d75 100644 --- a/2023/CVE-2023-38139.md +++ b/2023/CVE-2023-38139.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2283%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22264%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26713%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26713%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24462%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21563%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38140.md b/2023/CVE-2023-38140.md index 23486833a..64d000ef6 100644 --- a/2023/CVE-2023-38140.md +++ b/2023/CVE-2023-38140.md @@ -15,7 +15,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.19045.3448%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.20348.1970%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-908%3A%20Use%20of%20Uninitialized%20Resource&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38141.md b/2023/CVE-2023-38141.md index 03b78b363..f343c4219 100644 --- a/2023/CVE-2023-38141.md +++ b/2023/CVE-2023-38141.md @@ -7,6 +7,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2021H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20%20Service%20Pack%202&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20Service%20Pack%202&color=blue) @@ -28,10 +29,11 @@ ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2283%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.6003.22264%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.1.7601.26713%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26713%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24462%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21563%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-367%3A%20Time-of-check%20Time-of-use%20(TOCTOU)%20Race%20Condition&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38146.md b/2023/CVE-2023-38146.md index 0907be719..003f9f48f 100644 --- a/2023/CVE-2023-38146.md +++ b/2023/CVE-2023-38146.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%2011%20version%2022H2&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22000.2416%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.22621.2283%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-367%3A%20Time-of-check%20Time-of-use%20(TOCTOU)%20Race%20Condition&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38154.md b/2023/CVE-2023-38154.md index 349a6f8de..ab0727864 100644 --- a/2023/CVE-2023-38154.md +++ b/2023/CVE-2023-38154.md @@ -3,7 +3,7 @@ ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%2010.0.17763.4737%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-122%3A%20Heap-based%20Buffer%20Overflow&color=brighgreen) ### Description diff --git a/2023/CVE-2023-3817.md b/2023/CVE-2023-3817.md index ce861fc20..c443a194f 100644 --- a/2023/CVE-2023-3817.md +++ b/2023/CVE-2023-3817.md @@ -18,5 +18,6 @@ Issue summary: Checking excessively long DH keys or parameters may be very slow. - https://github.com/fkie-cad/nvd-json-data-feeds - https://github.com/ksoclabs/image-vulnerability-search - https://github.com/seal-community/patches +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/tquizzle/clamav-alpine diff --git a/2023/CVE-2023-38175.md b/2023/CVE-2023-38175.md index 6a62d5942..47ff2480b 100644 --- a/2023/CVE-2023-38175.md +++ b/2023/CVE-2023-38175.md @@ -1,7 +1,7 @@ ### [CVE-2023-38175](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38175) ![](https://img.shields.io/static/v1?label=Product&message=Windows%20Defender%20Antimalware%20Platform&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=4.0.0.0%3C%201.1.23060.3001%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%3A%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38176.md b/2023/CVE-2023-38176.md index df6b523da..c1c2441f6 100644 --- a/2023/CVE-2023-38176.md +++ b/2023/CVE-2023-38176.md @@ -1,7 +1,7 @@ ### [CVE-2023-38176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38176) ![](https://img.shields.io/static/v1?label=Product&message=Azure%20Arc-Enabled%20Servers&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=1.0.0.0%3C%201.33.02399.0%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%3A%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38178.md b/2023/CVE-2023-38178.md index bbcdd101e..3c1c43ae4 100644 --- a/2023/CVE-2023-38178.md +++ b/2023/CVE-2023-38178.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=17.2.0%3C%2017.2.18%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=17.4.0%3C%2017.4.10%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%206.0.21%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%3A%20Uncontrolled%20Resource%20Consumption&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38181.md b/2023/CVE-2023-38181.md index d81927949..a420d413e 100644 --- a/2023/CVE-2023-38181.md +++ b/2023/CVE-2023-38181.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.032%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.037%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38182.md b/2023/CVE-2023-38182.md index 1cc859e23..27caef74b 100644 --- a/2023/CVE-2023-38182.md +++ b/2023/CVE-2023-38182.md @@ -5,7 +5,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%2015.01.2507.032%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1118.037%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%2015.02.1258.025%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%3A%20Deserialization%20of%20Untrusted%20Data&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38184.md b/2023/CVE-2023-38184.md index ae4d5d6e8..a77469e4a 100644 --- a/2023/CVE-2023-38184.md +++ b/2023/CVE-2023-38184.md @@ -33,7 +33,7 @@ ![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%206.1.7601.26664%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%206.2.9200.24414%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%206.3.9600.21503%20&color=brighgreen) -![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%3A%20Use%20After%20Free&color=brighgreen) ### Description diff --git a/2023/CVE-2023-38408.md b/2023/CVE-2023-38408.md index 1239507e0..6ef99733f 100644 --- a/2023/CVE-2023-38408.md +++ b/2023/CVE-2023-38408.md @@ -32,6 +32,7 @@ The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently t - https://github.com/scmanjarrez/CVEScannerV2 - https://github.com/scmanjarrez/test - https://github.com/snowcra5h/CVE-2023-38408 +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/thesakibrahman/THM-Free-Room - https://github.com/wxrdnx/CVE-2023-38408 diff --git a/2023/CVE-2023-38545.md b/2023/CVE-2023-38545.md index 11c7473c3..1316e890c 100644 --- a/2023/CVE-2023-38545.md +++ b/2023/CVE-2023-38545.md @@ -31,6 +31,7 @@ No PoCs from references. - https://github.com/mayur-esh/vuln-liners - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/tanjiti/sec_profile +- https://github.com/testing-felickz/docker-scout-demo - https://github.com/vanigori/CVE-2023-38545-sample - https://github.com/whoami13apt/files2 diff --git a/2023/CVE-2023-38546.md b/2023/CVE-2023-38546.md index c72e5b37b..68a474dcd 100644 --- a/2023/CVE-2023-38546.md +++ b/2023/CVE-2023-38546.md @@ -16,4 +16,5 @@ No PoCs from references. - https://github.com/alex-grandson/docker-python-example - https://github.com/fokypoky/places-list - https://github.com/malinkamedok/devops_sandbox +- https://github.com/testing-felickz/docker-scout-demo diff --git a/2023/CVE-2023-38646.md b/2023/CVE-2023-38646.md index 135d7efa3..9e3c71474 100644 --- a/2023/CVE-2023-38646.md +++ b/2023/CVE-2023-38646.md @@ -79,6 +79,7 @@ Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 all - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/passwa11/2023Hvv_ - https://github.com/passwa11/CVE-2023-38646 +- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main - https://github.com/raytheon0x21/CVE-2023-38646 - https://github.com/robotmikhro/CVE-2023-38646 - https://github.com/samurai411/toolbox diff --git a/2023/CVE-2023-38706.md b/2023/CVE-2023-38706.md new file mode 100644 index 000000000..1525a8336 --- /dev/null +++ b/2023/CVE-2023-38706.md @@ -0,0 +1,17 @@ +### [CVE-2023-38706](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38706) +![](https://img.shields.io/static/v1?label=Product&message=discourse&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20stable%20%3C%203.1.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-770%3A%20Allocation%20of%20Resources%20Without%20Limits%20or%20Throttling&color=brighgreen) + +### Description + +Discourse is an open-source discussion platform. Prior to version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches, a malicious user can create an unlimited number of drafts with very long draft keys which may end up exhausting the resources on the server. The issue is patched in version 3.1.1 of the `stable` branch and version 3.2.0.beta1 of the `beta` and `tests-passed` branches. There are no known workarounds. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/kip93/kip93 + diff --git a/2023/CVE-2023-39113.md b/2023/CVE-2023-39113.md index 4ff4e814e..d18bb2a2b 100644 --- a/2023/CVE-2023-39113.md +++ b/2023/CVE-2023-39113.md @@ -13,5 +13,5 @@ ngiflib commit fb271 was discovered to contain a segmentation violation via the - https://github.com/miniupnp/ngiflib/issues/27 #### Github -No PoCs found on GitHub currently. +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-39114.md b/2023/CVE-2023-39114.md index 8fc3b48fa..63ac4cefd 100644 --- a/2023/CVE-2023-39114.md +++ b/2023/CVE-2023-39114.md @@ -13,5 +13,5 @@ ngiflib commit 84a75 was discovered to contain a segmentation violation via the - https://github.com/miniupnp/ngiflib/issues/29 #### Github -No PoCs found on GitHub currently. +- https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-39318.md b/2023/CVE-2023-39318.md new file mode 100644 index 000000000..0b0dcdb65 --- /dev/null +++ b/2023/CVE-2023-39318.md @@ -0,0 +1,17 @@ +### [CVE-2023-39318](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39318) +![](https://img.shields.io/static/v1?label=Product&message=html%2Ftemplate&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=0%3C%201.20.8%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in