Update Sat May 11 02:10:22 UTC 2024

2006/CVE-2006-2460.md

@@ -10,6 +10,7 @@ Sugar Suite Open Source (SugarCRM) 4.2 and earlier, when register_globals is ena
 ### POC
 
 #### Reference
+- http://securityreason.com/securityalert/921
 - https://www.exploit-db.com/exploits/1785
 
 #### Github

2011/CVE-2011-2523.md

@@ -65,6 +65,7 @@ vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which
 - https://github.com/padsalatushal/CVE-2011-2523
 - https://github.com/paralax/ObsidianSailboat
 - https://github.com/rkuruba/Penetration-Testing-1
+- https://github.com/samurai411/toolbox
 - https://github.com/sanskar30/vsftpd_2.3.4_Exploit
 - https://github.com/shamsulchowdhury/Unit-16-Homework-Penetration-Testing1
 - https://github.com/slxwzk/slxwzkBotnet

2016/CVE-2016-20012.md

@@ -20,6 +20,7 @@
 - https://github.com/accalina/crowflag
 - https://github.com/firatesatoglu/iot-searchengine
 - https://github.com/firatesatoglu/shodanSearch
+- https://github.com/omerfsen/terraform-almalinux-libvirt
 - https://github.com/omerfsen/terraform-rockylinux-libvirt
 - https://github.com/phx/cvescan
 

2019/CVE-2019-11840.md

@@ -5,7 +5,7 @@
 
 ### Description
 
-An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the counter otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect output, and then cycle back to previously generated keystream. Repeated keystream bytes can lead to loss of confidentiality in encryption applications, or to predictability in CSPRNG applications.
+An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream is generated, or if the counter otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect output, and then cycle back to previously generated keystream. Repeated keystream bytes can lead to loss of confidentiality in encryption applications, or to predictability in CSPRNG applications.
 
 ### POC
 

2020/CVE-2020-13945.md

@@ -24,6 +24,7 @@ In Apache APISIX, the user enabled the Admin API and deleted the Admin API acces
 - https://github.com/bakery312/Vulhub-Reproduce
 - https://github.com/bigblackhat/oFx
 - https://github.com/openx-org/BLEN
+- https://github.com/samurai411/toolbox
 - https://github.com/t0m4too/t0m4to
 - https://github.com/tanjiti/sec_profile
 

2021/CVE-2021-41617.md

@@ -22,6 +22,7 @@ sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurati
 - https://github.com/bioly230/THM_Skynet
 - https://github.com/firatesatoglu/shodanSearch
 - https://github.com/jonathanscheibel/PyNmap
+- https://github.com/omerfsen/terraform-almalinux-libvirt
 - https://github.com/omerfsen/terraform-rockylinux-libvirt
 - https://github.com/phx/cvescan
 

2024/CVE-2024-1086.md

@@ -29,6 +29,8 @@ A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables compon
 - https://github.com/aobakwewastaken/aobakwewastaken
 - https://github.com/bfengj/Cloud-Security
 - https://github.com/brimstone/stars
+- https://github.com/bsauce/kernel-exploit-factory
+- https://github.com/bsauce/kernel-security-learning
 - https://github.com/daphne97/daphne97
 - https://github.com/fireinrain/github-trending
 - https://github.com/fkie-cad/nvd-json-data-feeds

2024/CVE-2024-1561.md

@@ -0,0 +1,17 @@
+### [CVE-2024-1561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1561)
+![](https://img.shields.io/static/v1?label=Product&message=gradio-app%2Fgradio&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%204.13.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-29%20Path%20Traversal%3A%20'%5C..%5Cfilename'&color=brighgreen)
+
+### Description
+
+An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block` class, an attacker can copy any file on the filesystem to a temporary directory and subsequently retrieve it. This vulnerability enables unauthorized local file read access, posing a significant risk especially when the application is exposed to the internet via `launch(share=True)`, thereby allowing remote attackers to read files on the host machine. Furthermore, gradio apps hosted on `huggingface.co` are also affected, potentially leading to the exposure of sensitive information such as API keys and credentials stored in environment variables.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+

2024/CVE-2024-1750.md

@@ -10,7 +10,7 @@ A vulnerability, which was classified as critical, was found in TemmokuMVC up to
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://vuldb.com/?id.254532
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

2024/CVE-2024-24787.md

@@ -14,4 +14,5 @@ No PoCs from references.
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nomi-sec/PoC-in-GitHub
 

2024/CVE-2024-28195.md

@@ -0,0 +1,17 @@
+### [CVE-2024-28195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28195)
+![](https://img.shields.io/static/v1?label=Product&message=your_spotify&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%201.9.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%3A%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen)
+
+### Description
+
+your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify versions < 1.9.0 do not protect the API and login flow against Cross-Site Request Forgery (CSRF). Attackers can use this to execute CSRF attacks on victims, allowing them to retrieve, modify or delete data on the affected YourSpotify instance. Using repeated CSRF attacks, it is also possible to create a new user on the victim instance and promote the new user to instance administrator if a legitimate administrator visits a website prepared by an attacker. Note: Real-world exploitability of this vulnerability depends on the browser version and browser settings in use by the victim. This issue has been addressed in version 1.9.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/Yooooomi/your_spotify/security/advisories/GHSA-hfgf-99p3-6fjj
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-28286.md

@@ -10,7 +10,7 @@ In mz-automation libiec61850 v1.4.0, a NULL Pointer Dereference was detected in
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/mz-automation/libiec61850/issues/496
 
 #### Github
 - https://github.com/NaInSec/CVE-LIST

2024/CVE-2024-28322.md

@@ -10,6 +10,7 @@ SQL Injection vulnerability in /event-management-master/backend/register.php in
 ### POC
 
 #### Reference
+- https://github.com/Sospiro014/zday1/blob/main/event-managment.md
 - https://packetstormsecurity.com/files/177841/Event-Management-1.0-SQL-Injection.html
 
 #### Github

2024/CVE-2024-28665.md

@@ -10,7 +10,7 @@ DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulne
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/777erp/cms/blob/main/1.md
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

2024/CVE-2024-28714.md

@@ -10,7 +10,8 @@ SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an at
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/JiangXiaoBaiJia/cve2/blob/main/1.md
+- https://github.com/JiangXiaoBaiJia/cve2/blob/main/a.png
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

2024/CVE-2024-32113.md

@@ -14,4 +14,5 @@ No PoCs from references.
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/tanjiti/sec_profile
 

2024/CVE-2024-34310.md

@@ -0,0 +1,17 @@
+### [CVE-2024-34310](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34310)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Jin Fang Times Content Management System v3.2.3 was discovered to contain a SQL injection vulnerability via the id parameter.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+

2024/CVE-2024-3442.md

@@ -10,7 +10,7 @@ A vulnerability classified as critical has been found in SourceCodester Prison M
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://vuldb.com/?id.259695
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

2024/CVE-2024-3806.md

@@ -0,0 +1,17 @@
+### [CVE-2024-3806](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3806)
+![](https://img.shields.io/static/v1?label=Product&message=Porto&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%207.1.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-98%20Improper%20Control%20of%20Filename%20for%20Include%2FRequire%20Statement%20in%20PHP%20Program%20('PHP%20Remote%20File%20Inclusion')&color=brighgreen)
+
+### Description
+
+The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'porto_ajax_posts' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+

2024/CVE-2024-3807.md

@@ -0,0 +1,17 @@
+### [CVE-2024-3807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3807)
+![](https://img.shields.io/static/v1?label=Product&message=Porto&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%207.1.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-98%20Improper%20Control%20of%20Filename%20for%20Include%2FRequire%20Statement%20in%20PHP%20Program%20('PHP%20Remote%20File%20Inclusion')&color=brighgreen)
+
+### Description
+
+The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via 'porto_page_header_shortcode_type', 'slideshow_type' and 'post_layout' post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included. This was partially patched in version 7.1.0 and fully patched in version 7.1.1.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+

2024/CVE-2024-4671.md

@@ -0,0 +1,17 @@
+### [CVE-2024-4671](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4671)
+![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=124.0.6367.201%3C%20124.0.6367.201%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen)
+
+### Description
+
+Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/tanjiti/sec_profile
+

github.txt

@@ -6927,6 +6927,7 @@ CVE-2011-2523 - https://github.com/p4p1/EPITECH-ProjectInfoSec
 CVE-2011-2523 - https://github.com/padsalatushal/CVE-2011-2523
 CVE-2011-2523 - https://github.com/paralax/ObsidianSailboat
 CVE-2011-2523 - https://github.com/rkuruba/Penetration-Testing-1
+CVE-2011-2523 - https://github.com/samurai411/toolbox
 CVE-2011-2523 - https://github.com/sanskar30/vsftpd_2.3.4_Exploit
 CVE-2011-2523 - https://github.com/shamsulchowdhury/Unit-16-Homework-Penetration-Testing1
 CVE-2011-2523 - https://github.com/slxwzk/slxwzkBotnet
@@ -22195,6 +22196,7 @@ CVE-2016-20012 - https://github.com/Totes5706/TotesHTB
 CVE-2016-20012 - https://github.com/accalina/crowflag
 CVE-2016-20012 - https://github.com/firatesatoglu/iot-searchengine
 CVE-2016-20012 - https://github.com/firatesatoglu/shodanSearch
+CVE-2016-20012 - https://github.com/omerfsen/terraform-almalinux-libvirt
 CVE-2016-20012 - https://github.com/omerfsen/terraform-rockylinux-libvirt
 CVE-2016-20012 - https://github.com/phx/cvescan
 CVE-2016-20013 - https://github.com/ARPSyndicate/cvemon
@@ -79544,6 +79546,7 @@ CVE-2020-13945 - https://github.com/Z0fhack/Goby_POC
 CVE-2020-13945 - https://github.com/bakery312/Vulhub-Reproduce
 CVE-2020-13945 - https://github.com/bigblackhat/oFx
 CVE-2020-13945 - https://github.com/openx-org/BLEN
+CVE-2020-13945 - https://github.com/samurai411/toolbox
 CVE-2020-13945 - https://github.com/t0m4too/t0m4to
 CVE-2020-13945 - https://github.com/tanjiti/sec_profile
 CVE-2020-13946 - https://github.com/404notf0und/CVE-Flow
@@ -110631,6 +110634,7 @@ CVE-2021-41617 - https://github.com/adegoodyer/ubuntu
 CVE-2021-41617 - https://github.com/bioly230/THM_Skynet
 CVE-2021-41617 - https://github.com/firatesatoglu/shodanSearch
 CVE-2021-41617 - https://github.com/jonathanscheibel/PyNmap
+CVE-2021-41617 - https://github.com/omerfsen/terraform-almalinux-libvirt
 CVE-2021-41617 - https://github.com/omerfsen/terraform-rockylinux-libvirt
 CVE-2021-41617 - https://github.com/phx/cvescan
 CVE-2021-41643 - https://github.com/ARPSyndicate/cvemon
@@ -145794,6 +145798,7 @@ CVE-2023-38646 - https://github.com/passwa11/2023Hvv_
 CVE-2023-38646 - https://github.com/passwa11/CVE-2023-38646
 CVE-2023-38646 - https://github.com/raytheon0x21/CVE-2023-38646
 CVE-2023-38646 - https://github.com/robotmikhro/CVE-2023-38646
+CVE-2023-38646 - https://github.com/samurai411/toolbox
 CVE-2023-38646 - https://github.com/securezeron/CVE-2023-38646
 CVE-2023-38646 - https://github.com/shamo0/CVE-2023-38646-PoC
 CVE-2023-38646 - https://github.com/syr1ne/exploits
@@ -150857,6 +150862,7 @@ CVE-2023-6787 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-6789 - https://github.com/kaje11/CVEs
 CVE-2023-6790 - https://github.com/kaje11/CVEs
 CVE-2023-6791 - https://github.com/kaje11/CVEs
+CVE-2023-6799 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-6802 - https://github.com/chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802
 CVE-2023-6807 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-6808 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -156326,6 +156332,8 @@ CVE-2024-1086 - https://github.com/aneasystone/github-trending
 CVE-2024-1086 - https://github.com/aobakwewastaken/aobakwewastaken
 CVE-2024-1086 - https://github.com/bfengj/Cloud-Security
 CVE-2024-1086 - https://github.com/brimstone/stars
+CVE-2024-1086 - https://github.com/bsauce/kernel-exploit-factory
+CVE-2024-1086 - https://github.com/bsauce/kernel-security-learning
 CVE-2024-1086 - https://github.com/daphne97/daphne97
 CVE-2024-1086 - https://github.com/fireinrain/github-trending
 CVE-2024-1086 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -156569,6 +156577,7 @@ CVE-2024-1555 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1556 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1557 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1559 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-1561 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1562 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1563 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1564 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -158940,6 +158949,7 @@ CVE-2024-24786 - https://github.com/DanielePeruzzi97/rancher-k3s-docker
 CVE-2024-24786 - https://github.com/NaInSec/CVE-LIST
 CVE-2024-24786 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24787 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-24787 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-24788 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2479 - https://github.com/NaInSec/CVE-LIST
 CVE-2024-2479 - https://github.com/SQU4NCH/SQU4NCH
@@ -162020,6 +162030,7 @@ CVE-2024-3209 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3210 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-32105 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-32113 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-32113 - https://github.com/tanjiti/sec_profile
 CVE-2024-32114 - https://github.com/tanjiti/sec_profile
 CVE-2024-3213 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-32136 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -162074,6 +162085,7 @@ CVE-2024-3250 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3259 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3261 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-32638 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-32640 - https://github.com/tanjiti/sec_profile
 CVE-2024-32640 - https://github.com/wjlin0/poc-doc
 CVE-2024-32640 - https://github.com/wy876/POC
 CVE-2024-3266 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -162395,6 +162407,7 @@ CVE-2024-34257 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3426 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3427 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-34300 - https://github.com/jcaballero/cve-scanner
+CVE-2024-34310 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-34341 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-34342 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-34347 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -162536,6 +162549,8 @@ CVE-2024-3784 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3785 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3786 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3797 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-3806 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-3807 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-3817 - https://github.com/dellalibera/dellalibera
 CVE-2024-3817 - https://github.com/otms61/vex_dir
 CVE-2024-3832 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -162715,6 +162730,7 @@ CVE-2024-4651 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4652 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4653 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4654 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-4671 - https://github.com/tanjiti/sec_profile
 CVE-2024-48788 - https://github.com/mrobsidian1/CVE-2023-48788-Proof-of-concept-SQLinj
 CVE-2024-54321 - https://github.com/runwuf/clickhouse-test
 CVE-2024-5555 - https://github.com/JohnnyBradvo/CVE-2024-5555