Update CVE sources 2024-08-23 18:19

2025-06-19 17:30:12 +00:00 · 2024-08-23 18:19:28 +00:00 · 2024-08-23 18:19:28 +00:00 · e8c9fd6e2f
commit e8c9fd6e2f
parent afd567ff78
96 changed files with 849 additions and 31 deletions
--- a/2001/CVE-2001-0457.md
+++ b/2001/CVE-2001-0457.md
@ -0,0 +1,17 @@
+### [CVE-2001-0457](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0457)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion).
+
+### POC
+
+#### Reference
+- https://exchange.xforce.ibmcloud.com/vulnerabilities/6211
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1902.md
+++ b/2002/CVE-2002-1902.md
@ -0,0 +1,17 @@
+### [CVE-2002-1902](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1902)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service (infinite recursion) by creating a message board post that is a child of an outdated parent.
+
+### POC
+
+#### Reference
+- http://freshmeat.net/releases/86842/
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2010/CVE-2010-4476.md
+++ b/2010/CVE-2010-4476.md
@ -18,5 +18,6 @@ The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java S
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/CVEDB/PoC-List
 - https://github.com/CVEDB/awesome-cve-repo
+- https://github.com/STaj-55/Cybersecurity_Incident_Response_Database
 - https://github.com/grzegorzblaszczyk/CVE-2010-4476-check

--- a/2011/CVE-2011-1002.md
+++ b/2011/CVE-2011-1002.md
@ -18,6 +18,7 @@ No PoCs from references.
 - https://github.com/EvgeniyaBalanyuk/attacks
 - https://github.com/Howertx/avahi-dos
 - https://github.com/NikolayAntipov/DB_13-01
+- https://github.com/avergnaud/thm-notes
 - https://github.com/berradiginamic/32123BC7-Securite-Informatique
 - https://github.com/csk/unisecbarber
 - https://github.com/kaanyeniyol/python-nmap
--- a/2012/CVE-2012-1182.md
+++ b/2012/CVE-2012-1182.md
@ -22,6 +22,7 @@ The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.
 - https://github.com/Kiosec/Windows-Exploitation
 - https://github.com/Qftm/Information_Collection_Handbook
 - https://github.com/amishamunjal-az/Week16-Homework
+- https://github.com/avergnaud/thm-notes
 - https://github.com/casohub/multinmap
 - https://github.com/esteban0477/RedTeamPlaybook
 - https://github.com/jlashay/Penetration-Testing-1
--- a/2013/CVE-2013-2446.md
+++ b/2013/CVE-2013-2446.md
@ -12,6 +12,7 @@ Unspecified vulnerability in the Java Runtime Environment (JRE) component in Ora
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
 - http://www.securityfocus.com/bid/60620
+- https://bugzilla.redhat.com/show_bug.cgi?id=975132

 #### Github
 No PoCs found on GitHub currently.
--- a/2013/CVE-2013-2455.md
+++ b/2013/CVE-2013-2455.md
@ -12,6 +12,7 @@ Unspecified vulnerability in the Java Runtime Environment (JRE) component in Ora
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
 - http://www.securityfocus.com/bid/60619
+- https://bugzilla.redhat.com/show_bug.cgi?id=975139

 #### Github
 No PoCs found on GitHub currently.
--- a/2017/CVE-2017-0143.md
+++ b/2017/CVE-2017-0143.md
@ -74,6 +74,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2
 - https://github.com/a1xbit/BlackBoxPenetrationTesting
 - https://github.com/androidkey/MS17-011
 - https://github.com/avboy1337/Vulnerabilities
+- https://github.com/avergnaud/thm-notes
 - https://github.com/aymankhder/AD-attack-defense
 - https://github.com/bb33bb/Vulnerabilities
 - https://github.com/bhataasim1/AD-Attack-Defence
--- a/2018/CVE-2018-12030.md
+++ b/2018/CVE-2018-12030.md
@ -0,0 +1,17 @@
+### [CVE-2018-12030](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12030)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Chevereto Free before 1.0.13 has XSS.
+
+### POC
+
+#### Reference
+- https://edricteo.com/chevereto-free-xss-vulnerability-in-version-1.0.12/
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2019/CVE-2019-11358.md
+++ b/2019/CVE-2019-11358.md
@ -2229,6 +2229,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/Techarinos/FTC
 - https://github.com/Techno-Goats-9224/FtcRobotController
 - https://github.com/Techno-Goats-9224/FtcRobotController-master-9224
+- https://github.com/Techno-Maniacs-16021/CenterStage-RobotController
 - https://github.com/TechnoMaister/CodNat
 - https://github.com/TechnoNatura-org/FTC_CENTERSTAGE_KrakenRyu_NusantaraRegional
 - https://github.com/TechnoTrexes/PowerPlay2023
--- a/2020/CVE-2020-10735.md
+++ b/2020/CVE-2020-10735.md
@ -15,6 +15,7 @@ A flaw was found in python. In algorithms with quadratic time complexity using n
 #### Github
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/Live-Hack-CVE/CVE-2020-10735
+- https://github.com/Mohit190405/Python-Programming-
 - https://github.com/NathanielAPawluk/sec-buddy
 - https://github.com/Vizonex/PyRandom128

--- a/2021/CVE-2021-1472.md
+++ b/2021/CVE-2021-1472.md
@ -16,5 +16,6 @@ Multiple vulnerabilities exist in the web-based management interface of Cisco Sm
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/ARPSyndicate/kenzer-templates
 - https://github.com/Sohrabian/special-cyber-security-topic
+- https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap
 - https://github.com/zmylml/yangzifun

--- a/2021/CVE-2021-23336.md
+++ b/2021/CVE-2021-23336.md
@ -16,5 +16,5 @@ The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.1
 - https://www.oracle.com/security-alerts/cpuoct2021.html

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/Mohit190405/Python-Programming-

--- a/2021/CVE-2021-3177.md
+++ b/2021/CVE-2021-3177.md
@ -18,6 +18,7 @@ Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callpro
 - https://www.oracle.com/security-alerts/cpuoct2021.html

 #### Github
+- https://github.com/Mohit190405/Python-Programming-
 - https://github.com/TAPAKAH20/python_dos_demo
 - https://github.com/leveryd/leveryd
 - https://github.com/tianocore/edk2-edkrepo
--- a/2022/CVE-2022-30525.md
+++ b/2022/CVE-2022-30525.md
@ -51,6 +51,7 @@ A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W)
 - https://github.com/cbk914/CVE-2022-30525_check
 - https://github.com/d-rn/vulBox
 - https://github.com/d4n-sec/d4n-sec.github.io
+- https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap
 - https://github.com/furkanzengin/CVE-2022-30525
 - https://github.com/gotr00t0day/valhalla
 - https://github.com/hktalent/bug-bounty
--- a/2022/CVE-2022-3504.md
+++ b/2022/CVE-2022-3504.md
@ -0,0 +1,17 @@
+### [CVE-2022-3504](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3504)
+![](https://img.shields.io/static/v1?label=Product&message=Sanitization%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-707%20Improper%20Neutralization%20-%3E%20CWE-74%20Injection%20-%3E%20CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in SourceCodester Sanitization Management System and classified as critical. This issue affects some unknown processing of the file /php-sms/?p=services/view_service. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-210839.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.210839
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2022/CVE-2022-3664.md
+++ b/2022/CVE-2022-3664.md
@ -11,6 +11,7 @@ A vulnerability classified as critical has been found in Axiomatic Bento4. Affec

 #### Reference
 - https://github.com/axiomatic-systems/Bento4/issues/794
+- https://vuldb.com/?id.212004

 #### Github
 No PoCs found on GitHub currently.
--- a/2022/CVE-2022-3671.md
+++ b/2022/CVE-2022-3671.md
@ -10,7 +10,7 @@ A vulnerability classified as critical was found in SourceCodester eLearning Sys
 ### POC

 #### Reference
-No PoCs from references.
+- https://vuldb.com/?id.212014

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
--- a/2023/CVE-2023-3008.md
+++ b/2023/CVE-2023-3008.md
@ -0,0 +1,17 @@
+### [CVE-2023-3008](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3008)
+![](https://img.shields.io/static/v1?label=Product&message=Student%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability classified as critical has been found in ningzichun Student Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument user/pass leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230355.
+
+### POC
+
+#### Reference
+- https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/student-management-system/sql_inject.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-47131.md
+++ b/2023/CVE-2023-47131.md
@ -0,0 +1,17 @@
+### [CVE-2023-47131](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47131)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Wraient/SIH-2024-Problems
+
--- a/2024/CVE-2024-22243.md
+++ b/2024/CVE-2024-22243.md
@ -13,6 +13,7 @@ Applications that use UriComponentsBuilder to parse an externally provided URL
 No PoCs from references.

 #### Github
+- https://github.com/CllmsyK/YYBaby-Spring_Scan
 - https://github.com/SeanPesce/CVE-2024-22243
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/hinat0y/Dataset1
--- a/2024/CVE-2024-22257.md
+++ b/2024/CVE-2024-22257.md
@ -13,6 +13,7 @@ In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versi
 No PoCs from references.

 #### Github
+- https://github.com/CllmsyK/YYBaby-Spring_Scan
 - https://github.com/NaInSec/CVE-LIST
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-23091.md
+++ b/2024/CVE-2024-23091.md
@ -0,0 +1,17 @@
+### [CVE-2024-23091](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23091)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Weak password hashing using MD5 in funzioni.php in HotelDruid before 1.32 allows an attacker to obtain plaintext passwords from hash values.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-27764.md
+++ b/2024/CVE-2024-27764.md
@ -10,7 +10,7 @@ An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privile
 ### POC

 #### Reference
-No PoCs from references.
+- https://gitee.com/erzhongxmu/JEEWMS/issues/I8YN90

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
--- a/2024/CVE-2024-27765.md
+++ b/2024/CVE-2024-27765.md
@ -10,7 +10,7 @@ Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote att
 ### POC

 #### Reference
-No PoCs from references.
+- https://gitee.com/erzhongxmu/JEEWMS/issues/I8YN90

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
--- a/2024/CVE-2024-28000.md
+++ b/2024/CVE-2024-28000.md
@ -13,5 +13,6 @@ Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed
 - https://patchstack.com/articles/critical-privilege-escalation-in-litespeed-cache-plugin-affecting-5-million-sites?_s_id=cve

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/20142995/nuclei-templates
+- https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-31319.md
+++ b/2024/CVE-2024-31319.md
@ -0,0 +1,17 @@
+### [CVE-2024-31319](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31319)
+![](https://img.shields.io/static/v1?label=Product&message=Android&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%2014%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20privilege&color=brighgreen)
+
+### Description
+
+In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
--- a/2024/CVE-2024-3183.md
+++ b/2024/CVE-2024-3183.md
@ -25,5 +25,6 @@ A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypt
 No PoCs from references.

 #### Github
+- https://github.com/dkadev/awesome-stars
 - https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-3282.md
+++ b/2024/CVE-2024-3282.md
@ -0,0 +1,17 @@
+### [CVE-2024-3282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3282)
+![](https://img.shields.io/static/v1?label=Product&message=WP%20Table%20Builder&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-Site%20Scripting%20(XSS)&color=brighgreen)
+
+### Description
+
+The WP Table Builder  WordPress plugin through 1.5.0 does not sanitise and escape some of its Table data, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/12bf5e8e-24c9-48b9-b94c-c14ed60d7c15/
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2024/CVE-2024-34313.md
+++ b/2024/CVE-2024-34313.md
@ -10,7 +10,7 @@ An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/vincentscode/CVE-2024-34313

 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
--- a/2024/CVE-2024-36439.md
+++ b/2024/CVE-2024-36439.md
@ -0,0 +1,17 @@
+### [CVE-2024-36439](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36439)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative web interface via the device password's hash value, without knowing the actual device password.
+
+### POC
+
+#### Reference
+- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-038.txt
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-36440.md
+++ b/2024/CVE-2024-36440.md
@ -0,0 +1,17 @@
+### [CVE-2024-36440](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36440)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administrative device password via password-cracking methods, because unsalted MD5 is used.
+
+### POC
+
+#### Reference
+- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-037.txt
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-36441.md
+++ b/2024/CVE-2024-36441.md
@ -0,0 +1,17 @@
+### [CVE-2024-36441](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36441)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device.
+
+### POC
+
+#### Reference
+- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-042.txt
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2024/CVE-2024-36442.md
+++ b/2024/CVE-2024-36442.md
@ -0,0 +1,17 @@
+### [CVE-2024-36442](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36442)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system.
+
+### POC
+
+#### Reference
+- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-039.txt
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-36443.md
+++ b/2024/CVE-2024-36443.md
@ -0,0 +1,17 @@
+### [CVE-2024-36443](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36443)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole file system via anonymous FTP.
+
+### POC
+
+#### Reference
+- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-036.txt
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-36444.md
+++ b/2024/CVE-2024-36444.md
@ -0,0 +1,17 @@
+### [CVE-2024-36444](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36444)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs.
+
+### POC
+
+#### Reference
+- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-040.txt
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-36445.md
+++ b/2024/CVE-2024-36445.md
@ -0,0 +1,17 @@
+### [CVE-2024-36445](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36445)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication.
+
+### POC
+
+#### Reference
+- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-035.txt
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-38807.md
+++ b/2024/CVE-2024-38807.md
@ -0,0 +1,17 @@
+### [CVE-2024-38807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38807)
+![](https://img.shields.io/static/v1?label=Product&message=Spring%20Boot&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=2.7.x%3C%202.7.22%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-4067.md
+++ b/2024/CVE-2024-4067.md
@ -11,6 +11,7 @@ The NPM package `micromatch` is vulnerable to Regular Expression Denial of Servi

 #### Reference
 - https://github.com/micromatch/micromatch/issues/243
+- https://github.com/micromatch/micromatch/pull/247

 #### Github
 No PoCs found on GitHub currently.
--- a/2024/CVE-2024-41659.md
+++ b/2024/CVE-2024-41659.md
@ -1,11 +1,11 @@
 ### [CVE-2024-41659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41659)
 ![](https://img.shields.io/static/v1?label=Product&message=memos&color=blue)
-![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%200.20.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%200.21.0%20&color=brighgreen)
 ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-942%3A%20Permissive%20Cross-domain%20Policy%20with%20Untrusted%20Domains&color=brighgreen)

 ### Description

-memos is a privacy-first, lightweight note-taking service. A CORS misconfiguration exists in memos 0.20.1 and earlier where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true. This may allow an attacking website to make a cross-origin request, allowing the attacker to read private information or make privileged changes to the system as the vulnerable user account.
+memos is a privacy-first, lightweight note-taking service. A CORS misconfiguration exists in memos 0.20.1 and earlier where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true. This may allow an attacking website to make a cross-origin request, allowing the attacker to read private information or make privileged changes to the system as the vulnerable user account. This vulnerability is fixed in 0.21.0.

 ### POC

--- a/2024/CVE-2024-41676.md
+++ b/2024/CVE-2024-41676.md
@ -0,0 +1,17 @@
+### [CVE-2024-41676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41676)
+![](https://img.shields.io/static/v1?label=Product&message=magento-lts&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%2020.10.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Magento-lts is a long-term support alternative to Magento Community Edition (CE). This XSS vulnerability affects the design/header/welcome, design/header/logo_src, design/header/logo_src_small, and design/header/logo_alt system configs.They are intended to enable admins to set a text in the two cases, and to define an image url for the other two cases.But because of previously missing escaping allowed to input arbitrary html and as a consequence also arbitrary JavaScript. The problem is patched with Version 20.10.1 or higher.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-41802.md
+++ b/2024/CVE-2024-41802.md
@ -0,0 +1,17 @@
+### [CVE-2024-41802](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41802)
+![](https://img.shields.io/static/v1?label=Product&message=xibo-cms&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3D%3E%201.8.0%2C%20%3C%203.3.12%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API routes inside the CMS responsible for Filtering DataSets. This allows an authenticated user to to obtain and modify arbitrary data from the Xibo database by injecting specially crafted values in to the APIs for importing JSON and importing a Layout containing DataSet data.Users should upgrade to version 3.3.12 or 4.0.14 which fix this issue
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-41803.md
+++ b/2024/CVE-2024-41803.md
@ -0,0 +1,17 @@
+### [CVE-2024-41803](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41803)
+![](https://img.shields.io/static/v1?label=Product&message=xibo-cms&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3D%3E%202.1.0%2C%20%3C%203.3.12%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API routes inside the CMS responsible for Filtering DataSets. This allows an authenticated user to to obtain arbitrary data from the Xibo database by injecting specially crafted values in to the API for viewing DataSet data. Users should upgrade to version 3.3.12 or 4.0.14 which fix this issue.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-41804.md
+++ b/2024/CVE-2024-41804.md
@ -0,0 +1,17 @@
+### [CVE-2024-41804](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41804)
+![](https://img.shields.io/static/v1?label=Product&message=xibo-cms&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3D%3E%202.1.0%2C%20%3C%203.3.12%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API route inside the CMS responsible for Adding/Editing DataSet Column Formulas. This allows an authenticated user to to obtain and modify arbitrary data from the Xibo database by injecting specially crafted values in to the `formula` parameter. Users should upgrade to version 3.3.12 or 4.0.14 which fix this issue.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-43022.md
+++ b/2024/CVE-2024-43022.md
@ -0,0 +1,17 @@
+### [CVE-2024-43022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43022)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue in the downloader.php component of TOSEI online store management system v4.02, v4.03, and v4.04 allows attackers to execute a directory traversal.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/b0rgch3n/b0rgch3n
+
--- a/2024/CVE-2024-43105.md
+++ b/2024/CVE-2024-43105.md
@ -0,0 +1,17 @@
+### [CVE-2024-43105](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43105)
+![](https://img.shields.io/static/v1?label=Product&message=Mattermost&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%3A%20Uncontrolled%20Resource%20Consumption&color=brighgreen)
+
+### Description
+
+Mattermost Plugin Channel Export versions <=1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-43218.md
+++ b/2024/CVE-2024-43218.md
@ -1,6 +1,6 @@
 ### [CVE-2024-43218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43218)
 ![](https://img.shields.io/static/v1?label=Product&message=Mediavine%20Control%20Panel&color=blue)
-![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%202.10.4%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
 ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)

 ### Description
--- a/2024/CVE-2024-43331.md
+++ b/2024/CVE-2024-43331.md
@ -0,0 +1,18 @@
+### [CVE-2024-43331](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43331)
+![](https://img.shields.io/static/v1?label=Product&message=WP%20SMS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen)
+
+### Description
+
+Missing Authorization vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a through 6.9.3.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-43398.md
+++ b/2024/CVE-2024-43398.md
@ -0,0 +1,17 @@
+### [CVE-2024-43398](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43398)
+![](https://img.shields.io/static/v1?label=Product&message=rexml&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%203.3.6%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-776%3A%20Improper%20Restriction%20of%20Recursive%20Entity%20References%20in%20DTDs%20('XML%20Entity%20Expansion')&color=brighgreen)
+
+### Description
+
+REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-43785.md
+++ b/2024/CVE-2024-43785.md
@ -0,0 +1,17 @@
+### [CVE-2024-43785](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43785)
+![](https://img.shields.io/static/v1?label=Product&message=gitoxide&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%200.41.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-150%3A%20Improper%20Neutralization%20of%20Escape%2C%20Meta%2C%20or%20Control%20Sequences&color=brighgreen)
+
+### Description
+
+gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters—including those that form ANSI escape sequences—that appear in a repository's paths, author and committer names, commit messages, or other metadata. Such text may be written as part of the output of a command, as well as appearing in error messages when an operation fails. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-43787.md
+++ b/2024/CVE-2024-43787.md
@ -0,0 +1,17 @@
+### [CVE-2024-43787](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43787)
+![](https://img.shields.io/static/v1?label=Product&message=hono&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%204.5.8%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%3A%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen)
+
+### Description
+
+Hono is a Web application framework that provides support for any JavaScript runtime. Hono CSRF middleware can be bypassed using crafted Content-Type header. MIME types are case insensitive, but isRequestedByFormElementRe only matches lower-case. As a result, attacker can bypass csrf middleware using upper-case form-like MIME type. This vulnerability is fixed in 4.5.8.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-44073.md
+++ b/2024/CVE-2024-44073.md
@ -0,0 +1,17 @@
+### [CVE-2024-44073](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44073)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The Miniscript (aka rust-miniscript) library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/brunoerg/bitcoinfuzz
+
--- a/2024/CVE-2024-5502.md
+++ b/2024/CVE-2024-5502.md
@ -0,0 +1,17 @@
+### [CVE-2024-5502](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5502)
+![](https://img.shields.io/static/v1?label=Product&message=Piotnet%20Addons%20For%20Elementor&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.4.30%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Accordion, Dual Heading, and Vertical Timeline widgets in all versions up to, and including, 2.4.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-5583.md
+++ b/2024/CVE-2024-5583.md
@ -0,0 +1,17 @@
+### [CVE-2024-5583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5583)
+![](https://img.shields.io/static/v1?label=Product&message=The%20Plus%20Addons%20for%20Elementor%20%E2%80%93%20Elementor%20Addons%2C%20Page%20Templates%2C%20Widgets%2C%20Mega%20Menu%2C%20WooCommerce&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%205.6.2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the carousel_direction parameter of testimonials widget in all versions up to, and including, 5.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
--- a/2024/CVE-2024-5932.md
+++ b/2024/CVE-2024-5932.md
@ -14,5 +14,6 @@ The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is

 #### Github
 - https://github.com/20142995/nuclei-templates
+- https://github.com/Ostorlab/KEV
 - https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-6386.md
+++ b/2024/CVE-2024-6386.md
@ -13,5 +13,5 @@ The WPML plugin for WordPress is vulnerable to Remote Code Execution in all vers
 - https://sec.stealthcopter.com/wpml-rce-via-twig-ssti/

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/20142995/nuclei-templates

--- a/2024/CVE-2024-6409.md
+++ b/2024/CVE-2024-6409.md
@ -5,6 +5,7 @@
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.0%20Update%20Services%20for%20SAP%20Solutions&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.2%20Extended%20Update%20Support&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.13&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.14&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.15&color=blue)
 ![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.16&color=blue)
--- a/2024/CVE-2024-6699.md
+++ b/2024/CVE-2024-6699.md
@ -0,0 +1,17 @@
+### [CVE-2024-6699](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6699)
+![](https://img.shields.io/static/v1?label=Product&message=Mikafon%20MA7&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=v3.0%3C%20v3.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mikafon Electronic Inc. Mikafon MA7 allows SQL Injection.This issue affects Mikafon MA7: from v3.0 before v3.1.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-6715.md
+++ b/2024/CVE-2024-6715.md
@ -0,0 +1,17 @@
+### [CVE-2024-6715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6715)
+![](https://img.shields.io/static/v1?label=Product&message=Ditty&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=3.1.39%3C%203.1.46%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-Site%20Scripting%20(XSS)&color=brighgreen)
+
+### Description
+
+The Ditty  WordPress plugin before 3.1.46 re-introduced a previously fixed security issue (https://wpscan.com/vulnerability/80a9eb3a-2cb1-4844-9004-ba2554b2d46c/) in v3.1.39
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/19406acc-3441-4d4a-9163-ace8f1dceb78/
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2024/CVE-2024-6800.md
+++ b/2024/CVE-2024-6800.md
@ -5,7 +5,7 @@

 ### Description

-An XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when utilizing SAML authentication with specific identity providers. This vulnerability allowed an attacker with direct network access to GitHub Enterprise Server to forge a SAML response to provision and/or gain access to a user with site administrator privileges. Exploitation of this vulnerability would allow unauthorized access to the instance without requiring prior authentication. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.3, 3.12.8, 3.11.14, and 3.10.16. This vulnerability was reported via the GitHub Bug Bounty program.
+An XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when using SAML authentication with specific identity providers utilizing publicly exposed signed federation metadata XML. This vulnerability allowed an attacker with direct network access to GitHub Enterprise Server to forge a SAML response to provision and/or gain access to a user with site administrator privileges. Exploitation of this vulnerability would allow unauthorized access to the instance without requiring prior authentication. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.3, 3.12.8, 3.11.14, and 3.10.16. This vulnerability was reported via the GitHub Bug Bounty program.

 ### POC

--- a/2024/CVE-2024-6870.md
+++ b/2024/CVE-2024-6870.md
@ -0,0 +1,17 @@
+### [CVE-2024-6870](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6870)
+![](https://img.shields.io/static/v1?label=Product&message=Responsive%20Lightbox%20%26%20Gallery&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.4.7%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping affecting the rl_upload_image AJAX endpoint. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the 3gp2 file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
--- a/2024/CVE-2024-6916.md
+++ b/2024/CVE-2024-6916.md
@ -0,0 +1,18 @@
+### [CVE-2024-6916](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6916)
+![](https://img.shields.io/static/v1?label=Product&message=Zowe%20CLI%20-%20Imperative&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=5.1.0%3C%205.22.6%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-1295%3A%20Debug%20Messages%20Revealing%20Unnecessary%20Information&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-257%3A%20Storing%20Passwords%20in%20a%20Recoverable%20Format&color=brighgreen)
+
+### Description
+
+A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the '--show-inputs-only' flag.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-7003.md
+++ b/2024/CVE-2024-7003.md
@ -0,0 +1,17 @@
+### [CVE-2024-7003](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7003)
+![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=127.0.6533.72%3C%20127.0.6533.72%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Inappropriate%20implementation&color=brighgreen)
+
+### Description
+
+Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
+
+### POC
+
+#### Reference
+- https://issues.chromium.org/issues/338233148
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2024/CVE-2024-7127.md
+++ b/2024/CVE-2024-7127.md
@ -0,0 +1,17 @@
+### [CVE-2024-7127](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7127)
+![](https://img.shields.io/static/v1?label=Product&message=Social%20Marketing%20Tool&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation vulnerability in Stackposts Social Marketing Tool allows Cross-site Scripting (XSS) attack. By submitting the payload in the username during registration, it can be executed later in the application panel. This could lead to the unauthorised acquisition of information (e.g. cookies from a logged-in user). After multiple attempts to contact the vendor we did not receive any answer. Our team has confirmed the existence of this vulnerability. We suppose this issue affects Social Marketing Tool in all versions.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-7179.md
+++ b/2024/CVE-2024-7179.md
@ -13,5 +13,5 @@ A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been
 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/setParentalRules.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7180.md
+++ b/2024/CVE-2024-7180.md
@ -13,5 +13,5 @@ A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu
 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/setPortForwardRules.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7181.md
+++ b/2024/CVE-2024-7181.md
@ -13,5 +13,5 @@ A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182
 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/setTelnetCfg.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7182.md
+++ b/2024/CVE-2024-7182.md
@ -13,5 +13,5 @@ A vulnerability, which was classified as critical, has been found in TOTOLINK A3
 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/setUpgradeFW.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7183.md
+++ b/2024/CVE-2024-7183.md
@ -13,5 +13,5 @@ A vulnerability, which was classified as critical, was found in TOTOLINK A3600R
 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/setUploadSetting.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7184.md
+++ b/2024/CVE-2024-7184.md
@ -13,5 +13,5 @@ A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and cla
 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/setUrlFilterRules.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7185.md
+++ b/2024/CVE-2024-7185.md
@ -13,5 +13,5 @@ A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classifi
 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/setWebWlanIdx.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7186.md
+++ b/2024/CVE-2024-7186.md
@ -13,5 +13,5 @@ A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been
 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/setWiFiAclAddConfig.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7187.md
+++ b/2024/CVE-2024-7187.md
@ -13,5 +13,5 @@ A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been
 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/UploadCustomModule.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7189.md
+++ b/2024/CVE-2024-7189.md
@ -13,5 +13,5 @@ A vulnerability classified as critical has been found in itsourcecode Online Foo
 - https://github.com/L1OudFd8cl09/CVE/blob/main/25_07_2024_a.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7190.md
+++ b/2024/CVE-2024-7190.md
@ -13,5 +13,5 @@ A vulnerability classified as critical was found in itsourcecode Society Managem
 - https://github.com/DeepMountains/Mirage/blob/main/CVE7-4.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7191.md
+++ b/2024/CVE-2024-7191.md
@ -13,5 +13,5 @@ A vulnerability, which was classified as critical, has been found in itsourcecod
 - https://github.com/DeepMountains/Mirage/blob/main/CVE7-5.md

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7192.md
+++ b/2024/CVE-2024-7192.md
@ -0,0 +1,17 @@
+### [CVE-2024-7192](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7192)
+![](https://img.shields.io/static/v1?label=Product&message=Society%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as critical, was found in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/student.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272613 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-7219.md
+++ b/2024/CVE-2024-7219.md
@ -13,5 +13,5 @@ A vulnerability classified as critical has been found in SourceCodester School L
 - https://gist.github.com/topsky979/03c7fe20c80455b4884ae9e6c3f3d978

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7220.md
+++ b/2024/CVE-2024-7220.md
@ -13,5 +13,5 @@ A vulnerability classified as critical was found in SourceCodester School Log Ma
 - https://gist.github.com/topsky979/5cd0b6a43815a0615b8493cde5c4dacf

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7221.md
+++ b/2024/CVE-2024-7221.md
@ -13,5 +13,5 @@ A vulnerability, which was classified as critical, has been found in SourceCodes
 - https://gist.github.com/topsky979/1e98c4d1a3ba1ed73aab46d360c1c4b8

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7222.md
+++ b/2024/CVE-2024-7222.md
@ -13,5 +13,5 @@ A vulnerability, which was classified as critical, was found in SourceCodester L
 - https://gist.github.com/topsky979/9f3d490a2bfdb5794dffc2f4aed72250

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7223.md
+++ b/2024/CVE-2024-7223.md
@ -13,5 +13,5 @@ A vulnerability has been found in SourceCodester Lot Reservation Management Syst
 - https://gist.github.com/topsky979/4c28743586769e73fe37007ed92cc1a7

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7224.md
+++ b/2024/CVE-2024-7224.md
@ -13,5 +13,5 @@ A vulnerability was found in SourceCodester Lot Reservation Management System 1.
 - https://gist.github.com/topsky979/76bc2c8ce4871ad8bb60c52e47c4fb5b

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7327.md
+++ b/2024/CVE-2024-7327.md
@ -13,5 +13,5 @@ A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vul
 - https://vuldb.com/?id.273250

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/tanjiti/sec_profile

--- a/2024/CVE-2024-7328.md
+++ b/2024/CVE-2024-7328.md
@ -0,0 +1,17 @@
+### [CVE-2024-7328](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7328)
+![](https://img.shields.io/static/v1?label=Product&message=YouDianCMS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%207%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%20Information%20Disclosure&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as problematic, has been found in YouDianCMS 7. This issue affects some unknown processing of the file /t.php?action=phpinfo. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273251. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-7384.md
+++ b/2024/CVE-2024-7384.md
@ -0,0 +1,17 @@
+### [CVE-2024-7384](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7384)
+![](https://img.shields.io/static/v1?label=Product&message=AcyMailing%20%E2%80%93%20An%20Ultimate%20Newsletter%20Plugin%20and%20Marketing%20Automation%20Solution%20for%20WordPress&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%209.7.2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen)
+
+### Description
+
+The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the acym_extractArchive function in all versions up to, and including, 9.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
--- a/2024/CVE-2024-7778.md
+++ b/2024/CVE-2024-7778.md
@ -13,5 +13,6 @@ The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Si
 No PoCs from references.

 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7836.md
+++ b/2024/CVE-2024-7836.md
@ -13,5 +13,6 @@ The Themify Builder plugin for WordPress is vulnerable to unauthorized post dupl
 No PoCs from references.

 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7848.md
+++ b/2024/CVE-2024-7848.md
@ -13,5 +13,6 @@ The User Private Files – WordPress File Sharing Plugin plugin for WordPress is
 No PoCs from references.

 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7896.md
+++ b/2024/CVE-2024-7896.md
@ -14,5 +14,6 @@ A vulnerability was found in Tosei Online Store Management System ネット店
 - https://vuldb.com/?submit.387131

 #### Github
+- https://github.com/b0rgch3n/b0rgch3n
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7897.md
+++ b/2024/CVE-2024-7897.md
@ -13,5 +13,6 @@ A vulnerability classified as critical has been found in Tosei Online Store Mana
 - https://gist.github.com/b0rgch3n/bb47a1ed6f66c1e8c7a80f210f4ac8ef

 #### Github
+- https://github.com/b0rgch3n/b0rgch3n
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7898.md
+++ b/2024/CVE-2024-7898.md
@ -13,5 +13,5 @@ A vulnerability classified as critical was found in Tosei Online Store Managemen
 - https://gist.github.com/b0rgch3n/3136cad95b09e42184fb2d78aae33651

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/b0rgch3n/b0rgch3n

--- a/2024/CVE-2024-7971.md
+++ b/2024/CVE-2024-7971.md
@ -14,4 +14,5 @@ No PoCs from references.

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/tanjiti/sec_profile

--- a/2024/CVE-2024-8003.md
+++ b/2024/CVE-2024-8003.md
@ -0,0 +1,17 @@
+### [CVE-2024-8003](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8003)
+![](https://img.shields.io/static/v1?label=Product&message=gotribe-admin&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization&color=brighgreen)
+
+### Description
+
+A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected by this issue is the function InitRoutes of the file internal/app/routes/routes.go of the component Log Handler. The manipulation leads to deserialization. The patch is identified as 45ac90d6d1f82716f77dbcdf8e7309c229080e3c. It is recommended to apply a patch to fix this issue.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?submit.393987
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/github.txt
+++ b/github.txt
@ -6561,6 +6561,7 @@ CVE-2010-4409 - https://github.com/oneoy/cve-
 CVE-2010-4476 - https://github.com/ARPSyndicate/cvemon
 CVE-2010-4476 - https://github.com/CVEDB/PoC-List
 CVE-2010-4476 - https://github.com/CVEDB/awesome-cve-repo
+CVE-2010-4476 - https://github.com/STaj-55/Cybersecurity_Incident_Response_Database
 CVE-2010-4476 - https://github.com/grzegorzblaszczyk/CVE-2010-4476-check
 CVE-2010-4478 - https://github.com/ARPSyndicate/cvemon
 CVE-2010-4478 - https://github.com/DButter/whitehat_public
@ -6885,6 +6886,7 @@ CVE-2011-1002 - https://github.com/DButter/whitehat_public
 CVE-2011-1002 - https://github.com/EvgeniyaBalanyuk/attacks
 CVE-2011-1002 - https://github.com/Howertx/avahi-dos
 CVE-2011-1002 - https://github.com/NikolayAntipov/DB_13-01
+CVE-2011-1002 - https://github.com/avergnaud/thm-notes
 CVE-2011-1002 - https://github.com/berradiginamic/32123BC7-Securite-Informatique
 CVE-2011-1002 - https://github.com/csk/unisecbarber
 CVE-2011-1002 - https://github.com/kaanyeniyol/python-nmap
@ -8433,6 +8435,7 @@ CVE-2012-1182 - https://github.com/Juba0x4355/Blue-Writeup
 CVE-2012-1182 - https://github.com/Kiosec/Windows-Exploitation
 CVE-2012-1182 - https://github.com/Qftm/Information_Collection_Handbook
 CVE-2012-1182 - https://github.com/amishamunjal-az/Week16-Homework
+CVE-2012-1182 - https://github.com/avergnaud/thm-notes
 CVE-2012-1182 - https://github.com/casohub/multinmap
 CVE-2012-1182 - https://github.com/esteban0477/RedTeamPlaybook
 CVE-2012-1182 - https://github.com/jlashay/Penetration-Testing-1
@ -30163,6 +30166,7 @@ CVE-2017-0143 - https://github.com/ZyberPatrol/Active-Directory
 CVE-2017-0143 - https://github.com/a1xbit/BlackBoxPenetrationTesting
 CVE-2017-0143 - https://github.com/androidkey/MS17-011
 CVE-2017-0143 - https://github.com/avboy1337/Vulnerabilities
+CVE-2017-0143 - https://github.com/avergnaud/thm-notes
 CVE-2017-0143 - https://github.com/aymankhder/AD-attack-defense
 CVE-2017-0143 - https://github.com/bb33bb/Vulnerabilities
 CVE-2017-0143 - https://github.com/bhataasim1/AD-Attack-Defence
@ -62841,6 +62845,7 @@ CVE-2019-11358 - https://github.com/Tech-X-CNDV/codCenterStage
 CVE-2019-11358 - https://github.com/Techarinos/FTC
 CVE-2019-11358 - https://github.com/Techno-Goats-9224/FtcRobotController
 CVE-2019-11358 - https://github.com/Techno-Goats-9224/FtcRobotController-master-9224
+CVE-2019-11358 - https://github.com/Techno-Maniacs-16021/CenterStage-RobotController
 CVE-2019-11358 - https://github.com/TechnoMaister/CodNat
 CVE-2019-11358 - https://github.com/TechnoNatura-org/FTC_CENTERSTAGE_KrakenRyu_NusantaraRegional
 CVE-2019-11358 - https://github.com/TechnoTrexes/PowerPlay2023
@ -79893,6 +79898,7 @@ CVE-2020-10732 - https://github.com/TinyNiko/android_bulletin_notes
 CVE-2020-10734 - https://github.com/ARPSyndicate/cvemon
 CVE-2020-10735 - https://github.com/ARPSyndicate/cvemon
 CVE-2020-10735 - https://github.com/Live-Hack-CVE/CVE-2020-10735
+CVE-2020-10735 - https://github.com/Mohit190405/Python-Programming-
 CVE-2020-10735 - https://github.com/NathanielAPawluk/sec-buddy
 CVE-2020-10735 - https://github.com/Vizonex/PyRandom128
 CVE-2020-10736 - https://github.com/ARPSyndicate/cvemon
@ -98316,6 +98322,7 @@ CVE-2021-1414 - https://github.com/Z0fhack/Goby_POC
 CVE-2021-1472 - https://github.com/ARPSyndicate/cvemon
 CVE-2021-1472 - https://github.com/ARPSyndicate/kenzer-templates
 CVE-2021-1472 - https://github.com/Sohrabian/special-cyber-security-topic
+CVE-2021-1472 - https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap
 CVE-2021-1472 - https://github.com/zmylml/yangzifun
 CVE-2021-1473 - https://github.com/20142995/Goby
 CVE-2021-1473 - https://github.com/ARPSyndicate/cvemon
@ -102147,6 +102154,7 @@ CVE-2021-2333 - https://github.com/deepakdba/cve_checklist
 CVE-2021-2333 - https://github.com/radtek/cve_checklist
 CVE-2021-23330 - https://github.com/ARPSyndicate/cvemon
 CVE-2021-23335 - https://github.com/dellalibera/dellalibera
+CVE-2021-23336 - https://github.com/Mohit190405/Python-Programming-
 CVE-2021-23337 - https://github.com/ARPSyndicate/cvemon
 CVE-2021-23337 - https://github.com/HotDB-Community/HotDB-Engine
 CVE-2021-23337 - https://github.com/LSEG-API-Samples/Example.EWA.TypeScript.WebApplication
@ -108471,6 +108479,7 @@ CVE-2021-31762 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2021-31762 - https://github.com/soosmile/POC
 CVE-2021-31762 - https://github.com/trhacknon/Pocingit
 CVE-2021-31762 - https://github.com/zecool/cve
+CVE-2021-3177 - https://github.com/Mohit190405/Python-Programming-
 CVE-2021-3177 - https://github.com/TAPAKAH20/python_dos_demo
 CVE-2021-3177 - https://github.com/leveryd/leveryd
 CVE-2021-3177 - https://github.com/tianocore/edk2-edkrepo
@ -134702,6 +134711,7 @@ CVE-2022-30525 - https://github.com/bigblackhat/oFx
 CVE-2022-30525 - https://github.com/cbk914/CVE-2022-30525_check
 CVE-2022-30525 - https://github.com/d-rn/vulBox
 CVE-2022-30525 - https://github.com/d4n-sec/d4n-sec.github.io
+CVE-2022-30525 - https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap
 CVE-2022-30525 - https://github.com/furkanzengin/CVE-2022-30525
 CVE-2022-30525 - https://github.com/gotr00t0day/valhalla
 CVE-2022-30525 - https://github.com/hktalent/bug-bounty
@ -154489,6 +154499,7 @@ CVE-2023-47120 - https://github.com/kip93/kip93
 CVE-2023-47121 - https://github.com/kip93/kip93
 CVE-2023-47129 - https://github.com/Cyber-Wo0dy/CVE-2023-47129
 CVE-2023-47129 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2023-47131 - https://github.com/Wraient/SIH-2024-Problems
 CVE-2023-4714 - https://github.com/Threekiii/Awesome-POC
 CVE-2023-4714 - https://github.com/d4n-sec/d4n-sec.github.io
 CVE-2023-47140 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -164128,6 +164139,7 @@ CVE-2024-22238 - https://github.com/kaje11/CVEs
 CVE-2024-22239 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-22240 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-22241 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-22243 - https://github.com/CllmsyK/YYBaby-Spring_Scan
 CVE-2024-22243 - https://github.com/SeanPesce/CVE-2024-22243
 CVE-2024-22243 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-22243 - https://github.com/hinat0y/Dataset1
@ -164148,6 +164160,7 @@ CVE-2024-22243 - https://github.com/tanjiti/sec_profile
 CVE-2024-22252 - https://github.com/crackmapEZec/CVE-2024-22252-POC
 CVE-2024-22254 - https://github.com/crackmapEZec/CVE-2024-22252-POC
 CVE-2024-22256 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-22257 - https://github.com/CllmsyK/YYBaby-Spring_Scan
 CVE-2024-22257 - https://github.com/NaInSec/CVE-LIST
 CVE-2024-22257 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-22258 - https://github.com/NaInSec/CVE-LIST
@ -164457,6 +164470,7 @@ CVE-2024-2308 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23080 - https://github.com/vin01/bogus-cves
 CVE-2024-23081 - https://github.com/vin01/bogus-cves
 CVE-2024-23082 - https://github.com/vin01/bogus-cves
+CVE-2024-23091 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23094 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2310 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23108 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -167157,6 +167171,8 @@ CVE-2024-27996 - https://github.com/NaInSec/CVE-LIST
 CVE-2024-27997 - https://github.com/NaInSec/CVE-LIST
 CVE-2024-27998 - https://github.com/NaInSec/CVE-LIST
 CVE-2024-2800 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-28000 - https://github.com/20142995/nuclei-templates
+CVE-2024-28000 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-28003 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28004 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28005 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -168931,6 +168947,7 @@ CVE-2024-3131 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-31315 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-31315 - https://github.com/uthrasri/frameworks_base_CVE-2024-31315
 CVE-2024-31318 - https://github.com/canyie/canyie
+CVE-2024-31319 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-31342 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-31343 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-31345 - https://github.com/Chokopikkk/CVE-2024-31345_exploit
@ -169044,6 +169061,7 @@ CVE-2024-31819 - https://github.com/Chocapikk/Chocapikk
 CVE-2024-31819 - https://github.com/Chocapikk/My-CVEs
 CVE-2024-31819 - https://github.com/Jhonsonwannaa/CVE-2024-31819
 CVE-2024-31819 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-3183 - https://github.com/dkadev/awesome-stars
 CVE-2024-3183 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-31839 - https://github.com/chebuya/CVE-2024-30850-chaos-rat-rce-poc
 CVE-2024-31839 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -170180,6 +170198,10 @@ CVE-2024-36445 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-36448 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3645 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-36510 - https://github.com/martinstnv/martinstnv
+CVE-2024-36514 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-36515 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-36516 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-36517 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3652 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-36522 - https://github.com/Threekiii/CVE
 CVE-2024-36522 - https://github.com/enomothem/PenTestNote
@ -170278,6 +170300,7 @@ CVE-2024-37287 - https://github.com/tanjiti/sec_profile
 CVE-2024-3729 - https://github.com/chnzzh/OpenSSL-CVE-lib
 CVE-2024-37305 - https://github.com/chnzzh/OpenSSL-CVE-lib
 CVE-2024-37309 - https://github.com/chnzzh/OpenSSL-CVE-lib
+CVE-2024-37311 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3735 - https://github.com/ahmedvienna/CVEs-and-Vulnerabilities
 CVE-2024-3737 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-37373 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -170481,6 +170504,7 @@ CVE-2024-38787 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3879 - https://github.com/LaPhilosophie/IoT-vulnerable
 CVE-2024-38793 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-3880 - https://github.com/LaPhilosophie/IoT-vulnerable
+CVE-2024-38807 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-38808 - https://github.com/tanjiti/sec_profile
 CVE-2024-38809 - https://github.com/ch4n3-yoon/ch4n3-yoon
 CVE-2024-38809 - https://github.com/tanjiti/sec_profile
@ -170497,6 +170521,7 @@ CVE-2024-38856 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-38856 - https://github.com/tanjiti/sec_profile
 CVE-2024-38856 - https://github.com/wy876/POC
 CVE-2024-38856 - https://github.com/wy876/wiki
+CVE-2024-38869 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3889 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3891 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3892 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -170919,6 +170944,7 @@ CVE-2024-4113 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4114 - https://github.com/LaPhilosophie/IoT-vulnerable
 CVE-2024-4114 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4115 - https://github.com/LaPhilosophie/IoT-vulnerable
+CVE-2024-41150 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4116 - https://github.com/LaPhilosophie/IoT-vulnerable
 CVE-2024-41164 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4117 - https://github.com/LaPhilosophie/IoT-vulnerable
@ -170981,6 +171007,7 @@ CVE-2024-41666 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-41667 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4167 - https://github.com/LaPhilosophie/IoT-vulnerable
 CVE-2024-41672 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-41676 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4168 - https://github.com/LaPhilosophie/IoT-vulnerable
 CVE-2024-4169 - https://github.com/LaPhilosophie/IoT-vulnerable
 CVE-2024-4170 - https://github.com/LaPhilosophie/IoT-vulnerable
@ -170995,6 +171022,9 @@ CVE-2024-4172 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-41723 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-41727 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-41774 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-41802 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-41803 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-41804 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-41806 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-41816 - https://github.com/20142995/nuclei-templates
 CVE-2024-41819 - https://github.com/alessio-romano/Sfoffo-Pentesting-Notes
@ -171052,6 +171082,7 @@ CVE-2024-42035 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42036 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42037 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42038 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-42040 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42041 - https://github.com/actuator/cve
 CVE-2024-42054 - https://github.com/jinsonvarghese/jinsonvarghese
 CVE-2024-42055 - https://github.com/jinsonvarghese/jinsonvarghese
@ -171166,11 +171197,15 @@ CVE-2024-42680 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42739 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42744 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42758 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-42764 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-42765 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-42766 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42784 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42785 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42849 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-42850 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-4286 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-42915 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42919 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-4295 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-4295 - https://github.com/truonghuuphuc/CVE-2024-4295-Poc
@ -171182,11 +171217,13 @@ CVE-2024-4299 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42992 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-4300 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4301 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43022 - https://github.com/b0rgch3n/b0rgch3n
 CVE-2024-43044 - https://github.com/Ostorlab/KEV
 CVE-2024-43044 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43044 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-43044 - https://github.com/tanjiti/sec_profile
 CVE-2024-43045 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43105 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43111 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43116 - https://github.com/20142995/nuclei-templates
 CVE-2024-43117 - https://github.com/20142995/nuclei-templates
@ -171414,8 +171451,10 @@ CVE-2024-4370 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4373 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4374 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43770 - https://github.com/netlas-io/netlas-dorks
+CVE-2024-43782 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43785 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43787 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43791 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43807 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43808 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43809 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -171424,12 +171463,14 @@ CVE-2024-43828 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43833 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43836 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43837 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43883 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4389 - https://github.com/20142995/nuclei-templates
 CVE-2024-4389 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4392 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4393 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4405 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4406 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-44073 - https://github.com/brunoerg/bitcoinfuzz
 CVE-2024-4418 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4433 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4439 - https://github.com/MielPopsssssss/CVE-2024-4439
@ -171825,7 +171866,11 @@ CVE-2024-5442 - https://github.com/20142995/nuclei-templates
 CVE-2024-5450 - https://github.com/20142995/nuclei-templates
 CVE-2024-5455 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5458 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-5466 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-5467 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5488 - https://github.com/20142995/nuclei-templates
+CVE-2024-5490 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-5502 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5503 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5522 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-5522 - https://github.com/truonghuuphuc/CVE-2024-5522-Poc
@ -171835,11 +171880,14 @@ CVE-2024-5535 - https://github.com/chnzzh/OpenSSL-CVE-lib
 CVE-2024-5542 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5555 - https://github.com/JohnnyBradvo/CVE-2024-5555
 CVE-2024-5555 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-5556 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5564 - https://github.com/EGI-Federation/SVG-advisories
 CVE-2024-5572 - https://github.com/ajmalabubakkr/CVE
 CVE-2024-5576 - https://github.com/20142995/nuclei-templates
+CVE-2024-5583 - https://github.com/20142995/nuclei-templates
 CVE-2024-5585 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5585 - https://github.com/tianstcht/tianstcht
+CVE-2024-5586 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5595 - https://github.com/20142995/nuclei-templates
 CVE-2024-5599 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5613 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -171903,6 +171951,7 @@ CVE-2024-5893 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5894 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5895 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5932 - https://github.com/20142995/nuclei-templates
+CVE-2024-5932 - https://github.com/Ostorlab/KEV
 CVE-2024-5932 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-5936 - https://github.com/20142995/nuclei-templates
 CVE-2024-5939 - https://github.com/20142995/nuclei-templates
@ -171978,6 +172027,7 @@ CVE-2024-6347 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-6366 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-6384 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-6385 - https://github.com/Ostorlab/KEV
+CVE-2024-6386 - https://github.com/20142995/nuclei-templates
 CVE-2024-6387 - https://github.com/0xMarcio/cve
 CVE-2024-6387 - https://github.com/CVEDB/awesome-cve-repo
 CVE-2024-6387 - https://github.com/David-M-Berry/openssh-cve-discovery
@ -172058,6 +172108,7 @@ CVE-2024-6666 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-6691 - https://github.com/20142995/nuclei-templates
 CVE-2024-6692 - https://github.com/20142995/nuclei-templates
 CVE-2024-6695 - https://github.com/20142995/nuclei-templates
+CVE-2024-6699 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-6703 - https://github.com/fluentform/fluentform
 CVE-2024-6706 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-6707 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -172107,6 +172158,7 @@ CVE-2024-6859 - https://github.com/20142995/nuclei-templates
 CVE-2024-6864 - https://github.com/20142995/nuclei-templates
 CVE-2024-6865 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-6869 - https://github.com/20142995/nuclei-templates
+CVE-2024-6870 - https://github.com/20142995/nuclei-templates
 CVE-2024-6883 - https://github.com/20142995/nuclei-templates
 CVE-2024-6884 - https://github.com/20142995/nuclei-templates
 CVE-2024-6890 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -172116,6 +172168,7 @@ CVE-2024-6893 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-6896 - https://github.com/20142995/nuclei-templates
 CVE-2024-6911 - https://github.com/wy876/POC
 CVE-2024-6911 - https://github.com/wy876/wiki
+CVE-2024-6916 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-6917 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-6923 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-6924 - https://github.com/20142995/nuclei-templates
@ -172162,6 +172215,7 @@ CVE-2024-7094 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7094 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-7120 - https://github.com/Ostorlab/KEV
 CVE-2024-7120 - https://github.com/komodoooo/Some-things
+CVE-2024-7127 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7134 - https://github.com/20142995/nuclei-templates
 CVE-2024-7136 - https://github.com/20142995/nuclei-templates
 CVE-2024-7144 - https://github.com/20142995/nuclei-templates
@ -172178,6 +172232,19 @@ CVE-2024-7166 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7167 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7168 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7169 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7179 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7180 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7181 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7182 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7183 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7184 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7185 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7186 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7187 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7189 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7190 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7191 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7192 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7194 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7195 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7196 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -172190,6 +172257,12 @@ CVE-2024-7213 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7214 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7215 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7216 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7219 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7220 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7221 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7222 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7223 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7224 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7246 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7247 - https://github.com/20142995/nuclei-templates
 CVE-2024-7247 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -172204,6 +172277,8 @@ CVE-2024-7301 - https://github.com/20142995/nuclei-templates
 CVE-2024-7313 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-7317 - https://github.com/20142995/nuclei-templates
 CVE-2024-7317 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7327 - https://github.com/tanjiti/sec_profile
+CVE-2024-7328 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7332 - https://github.com/20142995/nuclei-templates
 CVE-2024-7335 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7336 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -172231,6 +172306,7 @@ CVE-2024-7365 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7366 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7382 - https://github.com/20142995/nuclei-templates
 CVE-2024-7383 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7384 - https://github.com/20142995/nuclei-templates
 CVE-2024-7388 - https://github.com/20142995/nuclei-templates
 CVE-2024-7388 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7390 - https://github.com/20142995/nuclei-templates
@ -172354,6 +172430,7 @@ CVE-2024-7732 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7746 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7775 - https://github.com/20142995/nuclei-templates
 CVE-2024-7777 - https://github.com/20142995/nuclei-templates
+CVE-2024-7778 - https://github.com/20142995/nuclei-templates
 CVE-2024-7778 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7780 - https://github.com/20142995/nuclei-templates
 CVE-2024-7782 - https://github.com/20142995/nuclei-templates
@ -172365,14 +172442,19 @@ CVE-2024-7830 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7831 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7832 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7833 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7836 - https://github.com/20142995/nuclei-templates
 CVE-2024-7836 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7848 - https://github.com/20142995/nuclei-templates
 CVE-2024-7848 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7850 - https://github.com/20142995/nuclei-templates
 CVE-2024-7854 - https://github.com/20142995/nuclei-templates
 CVE-2024-7886 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7887 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7896 - https://github.com/b0rgch3n/b0rgch3n
 CVE-2024-7896 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7897 - https://github.com/b0rgch3n/b0rgch3n
 CVE-2024-7897 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7898 - https://github.com/b0rgch3n/b0rgch3n
 CVE-2024-7904 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7906 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7928 - https://github.com/20142995/nuclei-templates
@ -172385,6 +172467,7 @@ CVE-2024-7967 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7968 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7969 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7971 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7971 - https://github.com/tanjiti/sec_profile
 CVE-2024-7972 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7973 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7974 - https://github.com/fkie-cad/nvd-json-data-feeds
@ -172395,11 +172478,14 @@ CVE-2024-7978 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7979 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7980 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7981 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7986 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-8033 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-8034 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-8035 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-8071 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-8072 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-8112 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-8113 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-87654 - https://github.com/runwuf/clickhouse-test
 CVE-2024-98765 - https://github.com/runwuf/clickhouse-test
 CVE-2024-99999 - https://github.com/kolewttd/wtt
@ -172415,6 +172501,7 @@ CVE-2106-2504 - https://github.com/ndk06/linux-kernel-exploitation
 CVE-2106-2504 - https://github.com/ndk191/linux-kernel-exploitation
 CVE-2106-2504 - https://github.com/wkhnh06/linux-kernel-exploitation
 CVE-2106-2504 - https://github.com/xairy/linux-kernel-exploitation
+CVE-2121-33044 - https://github.com/Ostorlab/KEV
 CVE-2121-44228 - https://github.com/NaInSec/CVE-PoC-in-GitHub
 CVE-2121-44228 - https://github.com/WhooAmii/POC_to_review
 CVE-2121-44228 - https://github.com/zecool/cve
--- a/references.txt
+++ b/references.txt
@ -83,6 +83,7 @@ CVE-2001-0428 - http://www.cisco.com/warp/public/707/vpn3k-ipoptions-vuln-pub.sh
 CVE-2001-0429 - http://www.cisco.com/warp/public/707/cat5k-8021x-vuln-pub.shtml
 CVE-2001-0441 - http://www.redhat.com/support/errata/RHSA-2001-028.html
 CVE-2001-0455 - http://www.cisco.com/warp/public/707/Aironet340-pub.shtml
+CVE-2001-0457 - https://exchange.xforce.ibmcloud.com/vulnerabilities/6211
 CVE-2001-0464 - http://marc.info/?l=bugtraq&m=98761402029302&w=2
 CVE-2001-0465 - http://www.turbotax.com/atr/update/
 CVE-2001-0486 - http://marc.info/?l=bugtraq&m=98865027328391&w=2
@ -369,6 +370,7 @@ CVE-2002-1595 - http://www.cisco.com/warp/public/707/SN-multiple-pub.shtml
 CVE-2002-1596 - http://www.cisco.com/warp/public/707/SN-multiple-pub.shtml
 CVE-2002-1597 - http://www.cisco.com/warp/public/707/SN-multiple-pub.shtml
 CVE-2002-1706 - http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml
+CVE-2002-1902 - http://freshmeat.net/releases/86842/
 CVE-2002-1914 - http://www.redhat.com/support/errata/RHSA-2005-583.html
 CVE-2002-1996 - http://sourceforge.net/tracker/index.php?func=detail&aid=524777&group_id=27927&atid=392228
 CVE-2002-20001 - https://dheatattack.com
@ -23687,6 +23689,7 @@ CVE-2013-2445 - http://www.oracle.com/technetwork/topics/security/javacpujun2013
 CVE-2013-2445 - http://www.securityfocus.com/bid/60639
 CVE-2013-2446 - http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
 CVE-2013-2446 - http://www.securityfocus.com/bid/60620
+CVE-2013-2446 - https://bugzilla.redhat.com/show_bug.cgi?id=975132
 CVE-2013-2447 - http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
 CVE-2013-2447 - http://www.securityfocus.com/bid/60629
 CVE-2013-2448 - http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
@ -23704,6 +23707,7 @@ CVE-2013-2454 - http://www.oracle.com/technetwork/topics/security/javacpujun2013
 CVE-2013-2454 - http://www.securityfocus.com/bid/60650
 CVE-2013-2455 - http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
 CVE-2013-2455 - http://www.securityfocus.com/bid/60619
+CVE-2013-2455 - https://bugzilla.redhat.com/show_bug.cgi?id=975139
 CVE-2013-2456 - http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
 CVE-2013-2456 - http://www.securityfocus.com/bid/60641
 CVE-2013-2457 - http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
@ -49842,6 +49846,7 @@ CVE-2018-12025 - https://medium.com/secbit-media/bugged-smart-contract-f-e-how-c
 CVE-2018-12029 - https://pulsesecurity.co.nz/advisories/phusion-passenger-priv-esc
 CVE-2018-1203 - https://www.coresecurity.com/advisories/dell-emc-isilon-onefs-multiple-vulnerabilities
 CVE-2018-1203 - https://www.exploit-db.com/exploits/44039/
+CVE-2018-12030 - https://edricteo.com/chevereto-free-xss-vulnerability-in-version-1.0.12/
 CVE-2018-12034 - https://bnbdr.github.io/posts/swisscheese/
 CVE-2018-12034 - https://github.com/VirusTotal/yara/issues/891
 CVE-2018-12034 - https://github.com/bnbdr/swisscheese
@ -85349,6 +85354,7 @@ CVE-2022-35036 - https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35036.md
 CVE-2022-35037 - https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35037.md
 CVE-2022-35038 - https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35038.md
 CVE-2022-35039 - https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35039.md
+CVE-2022-3504 - https://vuldb.com/?id.210839
 CVE-2022-35040 - https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35040.md
 CVE-2022-35041 - https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35041.md
 CVE-2022-35042 - https://drive.google.com/file/d/1Gj8rA1kD89lxUZVb_t-s3-18-ospJRJC/view?usp=sharing
@ -85830,6 +85836,7 @@ CVE-2022-36637 - https://senzee.net/index.php/2022/07/21/vulnerability-of-garage
 CVE-2022-36638 - https://senzee.net/index.php/2022/07/21/vulnerability-of-garage-management-system-1-0/
 CVE-2022-36639 - https://senzee.net/index.php/2022/07/21/vulnerability-of-garage-management-system-1-0/
 CVE-2022-3664 - https://github.com/axiomatic-systems/Bento4/issues/794
+CVE-2022-3664 - https://vuldb.com/?id.212004
 CVE-2022-36640 - http://influxdata.com
 CVE-2022-36640 - http://influxdb.com
 CVE-2022-36640 - https://www.influxdata.com/
@ -85854,6 +85861,7 @@ CVE-2022-3669 - https://vuldb.com/?id.212009
 CVE-2022-3670 - https://github.com/axiomatic-systems/Bento4/files/9675049/Bug_3_POC.zip
 CVE-2022-3670 - https://github.com/axiomatic-systems/Bento4/issues/776
 CVE-2022-3670 - https://vuldb.com/?id.212010
+CVE-2022-3671 - https://vuldb.com/?id.212014
 CVE-2022-36736 - https://github.com/UditChavda/Udit-Chavda-CVE/blob/main/CVE-2022-36736
 CVE-2022-36755 - https://www.dlink.com/en/security-bulletin/
 CVE-2022-36756 - https://www.dlink.com/en/security-bulletin/
@ -91702,6 +91710,7 @@ CVE-2023-30056 - https://packetstormsecurity.com/files/172192/FICO-Origination-M
 CVE-2023-30057 - https://packetstormsecurity.com/files/172192/FICO-Origination-Manager-Decision-Module-4.8.1-XSS-Session-Hijacking.html
 CVE-2023-30061 - https://github.com/Zarathustra-L/IoT_Vul/tree/main/D-Link/DIR-879
 CVE-2023-3007 - https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/student-management-system/password_reset.md
+CVE-2023-3008 - https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/student-management-system/sql_inject.md
 CVE-2023-30082 - https://blog.manavparekh.com/2023/06/cve-2023-30082.html
 CVE-2023-30082 - https://github.com/manavparekh/CVEs/blob/main/CVE-2023-30082/Steps%20to%20reproduce.txt
 CVE-2023-30083 - https://github.com/libming/libming/issues/266
@ -97740,6 +97749,8 @@ CVE-2024-27747 - https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-
 CVE-2024-27752 - https://github.com/flyhha/cms/blob/main/1.md
 CVE-2024-27757 - https://github.com/jubilianite/flusity-CMS/security/advisories/GHSA-5843-5m74-7fqh
 CVE-2024-27758 - https://gist.github.com/renbou/957f70d27470982994f12a1d70153d09
+CVE-2024-27764 - https://gitee.com/erzhongxmu/JEEWMS/issues/I8YN90
+CVE-2024-27765 - https://gitee.com/erzhongxmu/JEEWMS/issues/I8YN90
 CVE-2024-27826 - http://seclists.org/fulldisclosure/2024/Jul/19
 CVE-2024-27862 - http://seclists.org/fulldisclosure/2024/Jul/18
 CVE-2024-27863 - http://seclists.org/fulldisclosure/2024/Jul/16
@ -98468,6 +98479,7 @@ CVE-2024-32745 - https://github.com/adiapera/xss_current_page_wondercms_3.4.3
 CVE-2024-32746 - https://github.com/adiapera/xss_menu_page_wondercms_3.4.3
 CVE-2024-3276 - https://wpscan.com/vulnerability/996d3247-ebdd-49d1-a1a3-ceedcf9f2f95/
 CVE-2024-3281 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-003.txt
+CVE-2024-3282 - https://wpscan.com/vulnerability/12bf5e8e-24c9-48b9-b94c-c14ed60d7c15/
 CVE-2024-32866 - https://github.com/edmundhung/conform/security/advisories/GHSA-624g-8qjg-8qxf
 CVE-2024-32869 - https://github.com/honojs/hono/security/advisories/GHSA-3mpf-rcc7-5347
 CVE-2024-32876 - https://github.com/TeamNewPipe/NewPipe/security/advisories/GHSA-wxrm-jhpf-vp6v
@ -98666,6 +98678,7 @@ CVE-2024-34252 - https://github.com/wasm3/wasm3/issues/483
 CVE-2024-34257 - https://github.com/ZackSecurity/VulnerReport/blob/cve/totolink/EX1800T/1.md
 CVE-2024-34273 - https://github.com/chrisandoryan/vuln-advisory/blob/main/nJwt/CVE-2024-34273.md
 CVE-2024-34308 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/README.md
+CVE-2024-34313 - https://github.com/vincentscode/CVE-2024-34313
 CVE-2024-34332 - https://belong2yourself.github.io/vulnerabilities/docs/SANDRA/Elevation-of-Privileges/readme/
 CVE-2024-34340 - https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m
 CVE-2024-34345 - https://github.com/CycloneDX/cyclonedx-javascript-library/commit/5e5e1e0b9422f47d2de81c7c4064b803a01e7203
@ -98896,7 +98909,14 @@ CVE-2024-3641 - https://wpscan.com/vulnerability/f4047f1e-d5ea-425f-8def-76dd5e6
 CVE-2024-3642 - https://wpscan.com/vulnerability/dc44d85f-afe8-4824-95b0-11b9abfb04d8/
 CVE-2024-3643 - https://wpscan.com/vulnerability/698277e6-56f9-4688-9a84-c2fa3ea9f7dc/
 CVE-2024-36438 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-044.txt
+CVE-2024-36439 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-038.txt
 CVE-2024-3644 - https://wpscan.com/vulnerability/10eb712a-d9c3-46c9-be6a-02811396fae8/
+CVE-2024-36440 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-037.txt
+CVE-2024-36441 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-042.txt
+CVE-2024-36442 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-039.txt
+CVE-2024-36443 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-036.txt
+CVE-2024-36444 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-040.txt
+CVE-2024-36445 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-035.txt
 CVE-2024-36495 - http://seclists.org/fulldisclosure/2024/Jun/12
 CVE-2024-36495 - https://r.sec-consult.com/winselect
 CVE-2024-36496 - http://seclists.org/fulldisclosure/2024/Jun/12
@ -99380,6 +99400,7 @@ CVE-2024-40645 - https://github.com/FOGProject/fogproject/security/advisories/GH
 CVE-2024-4065 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC8/formSetRebootTimer.md
 CVE-2024-4066 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC8/fromAdvSetMacMtuWan.md
 CVE-2024-4067 - https://github.com/micromatch/micromatch/issues/243
+CVE-2024-4067 - https://github.com/micromatch/micromatch/pull/247
 CVE-2024-4068 - https://github.com/micromatch/braces/issues/35
 CVE-2024-4068 - https://github.com/micromatch/braces/pull/37
 CVE-2024-40726 - https://github.com/minhquan202/Vuln-Netbox
@ -100272,6 +100293,7 @@ CVE-2024-6695 - https://wpscan.com/vulnerability/4afa5c85-ce27-4ca7-bba2-61fb39c
 CVE-2024-6706 - https://korelogic.com/Resources/Advisories/KL-001-2024-005.txt
 CVE-2024-6707 - https://korelogic.com/Resources/Advisories/KL-001-2024-006.txt
 CVE-2024-6710 - https://wpscan.com/vulnerability/1afcf9d4-c2f9-4d47-8d9e-d7fa6ae2358d/
+CVE-2024-6715 - https://wpscan.com/vulnerability/19406acc-3441-4d4a-9163-ace8f1dceb78/
 CVE-2024-6716 - https://gitlab.com/libtiff/libtiff/-/issues/620
 CVE-2024-6720 - https://wpscan.com/vulnerability/d1449be1-ae85-46f4-b5ba-390d25b87723/
 CVE-2024-6724 - https://wpscan.com/vulnerability/0cb3158a-263d-4c4a-8029-62b453c281cb/
@ -100326,6 +100348,7 @@ CVE-2024-6963 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/O3
 CVE-2024-6966 - https://github.com/HermesCui/CVE/issues/1
 CVE-2024-6967 - https://github.com/rtsjx-cve/cve/blob/main/sql.md
 CVE-2024-6984 - https://github.com/juju/juju/security/advisories/GHSA-6vjm-54vp-mxhx
+CVE-2024-7003 - https://issues.chromium.org/issues/338233148
 CVE-2024-7007 - https://www.cisa.gov/news-events/ics-advisories/icsa-24-207-02
 CVE-2024-7008 - https://starlabs.sg/advisories/24/24-7008/
 CVE-2024-7055 - https://ffmpeg.org/
@ -100597,4 +100620,5 @@ CVE-2024-7897 - https://gist.github.com/b0rgch3n/bb47a1ed6f66c1e8c7a80f210f4ac8e
 CVE-2024-7898 - https://gist.github.com/b0rgch3n/3136cad95b09e42184fb2d78aae33651
 CVE-2024-7900 - https://github.com/DeepMountains/Mirage/blob/main/CVE16-1.md
 CVE-2024-7900 - https://github.com/DeepMountains/Mirage/blob/main/CVE16-2.md
+CVE-2024-8003 - https://vuldb.com/?submit.393987
 CVE-2024-8072 - https://research.jfrog.com/vulnerabilities/mage-ai-terminal-server-infoleak-jfsa-2024-001039574/