Update Sun Mar 10 10:02:28 UTC 2024

trickest · Mar 10, 2024 · 1e71d85 · 1e71d85
1 parent 8ffd582
commit 1e71d85
Show file tree

Hide file tree

Showing 11 changed files with 80 additions and 2 deletions.
diff --git a/2022/CVE-2022-46581.md b/2022/CVE-2022-46581.md
@@ -0,0 +1,17 @@
+### [CVE-2022-46581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46581)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.nslookup_target parameter in the tools_nslookup function.
+
+### POC
+
+#### Reference
+- https://brief-nymphea-813.notion.site/Vul5-TEW755-bof-tools_nslookup-c83bac14fe0f4f729535053459479fd1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-20337.md b/2024/CVE-2024-20337.md
@@ -14,4 +14,6 @@ No PoCs from references.
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/swagcraftedd/CVE-2024-20337-POC
 

diff --git a/2024/CVE-2024-2057.md b/2024/CVE-2024-2057.md
@@ -13,5 +13,5 @@ A vulnerability was found in Harrison Chase LangChain 0.1.9. It has been classif
 - https://github.com/bayuncao/vul-cve-16/tree/main/PoC.pkl
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-22254.md b/2024/CVE-2024-22254.md
@@ -0,0 +1,19 @@
+### [CVE-2024-22254](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22254)
+![](https://img.shields.io/static/v1?label=Product&message=VMware%20Cloud%20Foundation&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=VMware%20ESXi&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%205.x%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=8.0%3C%20ESXi80U2sb-23305545%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/crackmapEZec/CVE-2024-22252-POC
+
diff --git a/2024/CVE-2024-23113.md b/2024/CVE-2024-23113.md
@@ -19,6 +19,7 @@ No PoCs from references.
 
 #### Github
 - https://github.com/cvedayprotech/CVE-2024-23113
+- https://github.com/cvedayprotech3s/cve-2024-23113
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/tr1pl3ight/CVE-2024-23113-POC

diff --git a/2024/CVE-2024-24246.md b/2024/CVE-2024-24246.md
@@ -13,5 +13,5 @@ Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the
 - https://github.com/qpdf/qpdf/issues/1123
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-27198.md b/2024/CVE-2024-27198.md
@@ -15,19 +15,25 @@ No PoCs from references.
 #### Github
 - https://github.com/CharonDefalt/CVE-2024-27198-RCE
 - https://github.com/Chocapikk/CVE-2024-27198
+- https://github.com/K3ysTr0K3R/CVE-2024-27198-EXPLOIT
 - https://github.com/Ostorlab/KEV
 - https://github.com/Threekiii/CVE
 - https://github.com/W01fh4cker/CVE-2024-27198-RCE
+- https://github.com/ZonghaoLi777/githubTrending
+- https://github.com/aneasystone/github-trending
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/hcy-picus/emerging_threat_simulator
+- https://github.com/jafshare/GithubTrending
 - https://github.com/johe123qwe/github-trending
 - https://github.com/juev/links
 - https://github.com/labesterOct/CVE-2024-27198
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/passwa11/CVE-2024-27198-RCE
 - https://github.com/rampantspark/CVE-2024-27198
+- https://github.com/sampsonv/github-trending
 - https://github.com/tanjiti/sec_profile
 - https://github.com/tucommenceapousser/CVE-2024-27198
 - https://github.com/wy876/POC
 - https://github.com/yoryio/CVE-2024-27198
+- https://github.com/zhaoxiaoha/github-trending
 
diff --git a/2024/CVE-2024-27199.md b/2024/CVE-2024-27199.md
@@ -15,10 +15,15 @@ No PoCs from references.
 #### Github
 - https://github.com/CharonDefalt/CVE-2024-27198-RCE
 - https://github.com/W01fh4cker/CVE-2024-27198-RCE
+- https://github.com/ZonghaoLi777/githubTrending
+- https://github.com/aneasystone/github-trending
 - https://github.com/hcy-picus/emerging_threat_simulator
+- https://github.com/jafshare/GithubTrending
 - https://github.com/johe123qwe/github-trending
 - https://github.com/juev/links
 - https://github.com/passwa11/CVE-2024-27198-RCE
 - https://github.com/rampantspark/CVE-2024-27198
+- https://github.com/sampsonv/github-trending
 - https://github.com/yoryio/CVE-2024-27198
+- https://github.com/zhaoxiaoha/github-trending
 
diff --git a/2024/CVE-2024-27288.md b/2024/CVE-2024-27288.md
@@ -13,5 +13,6 @@
 No PoCs from references.
 
 #### Github
+- https://github.com/seyrenus/trace-release
 - https://github.com/tanjiti/sec_profile
 
diff --git a/github.txt b/github.txt
@@ -130847,6 +130847,7 @@ CVE-2023-0264 - https://github.com/twwd/CVE-2023-0264
 CVE-2023-0266 - https://github.com/ARPSyndicate/cvemon
 CVE-2023-0266 - https://github.com/Ostorlab/KEV
 CVE-2023-0266 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+CVE-2023-0266 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2023-0266 - https://github.com/xairy/linux-kernel-exploitation
 CVE-2023-0286 - https://github.com/ARPSyndicate/cvemon
 CVE-2023-0286 - https://github.com/EGI-Federation/SVG-advisories
@@ -137747,7 +137748,9 @@ CVE-2023-38224 - https://github.com/markyason/markyason.github.io
 CVE-2023-38225 - https://github.com/markyason/markyason.github.io
 CVE-2023-3823 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-3824 - https://github.com/IamdLite/lockbit-message-fbi
+CVE-2023-3824 - https://github.com/NewLockBit/CVE-2023-3824-PHP-to-RCE-LockBit-LEAK
 CVE-2023-3824 - https://github.com/NewLockBit/CVE-2023-3824-PHP-to-RCE-National-Crime-AgencyLEAK
+CVE-2023-3824 - https://github.com/NewLockBit/Research-of-CVE-2023-3824-NCA-Lockbit
 CVE-2023-3824 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-3824 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2023-3825 - https://github.com/claroty/opcua-exploit-framework
@@ -147879,10 +147882,13 @@ CVE-2024-20291 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-20335 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-20336 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-20337 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-20337 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-20337 - https://github.com/swagcraftedd/CVE-2024-20337-POC
 CVE-2024-20338 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-20345 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-20346 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2045 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-2057 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2060 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2061 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2062 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -148389,6 +148395,7 @@ CVE-2024-22243 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-22243 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-22243 - https://github.com/shellfeel/CVE-2024-22243-CVE-2024-22234
 CVE-2024-22252 - https://github.com/crackmapEZec/CVE-2024-22252-POC
+CVE-2024-22254 - https://github.com/crackmapEZec/CVE-2024-22252-POC
 CVE-2024-22256 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-22284 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-22285 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -148562,6 +148569,7 @@ CVE-2024-23094 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23108 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23109 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23113 - https://github.com/cvedayprotech/CVE-2024-23113
+CVE-2024-23113 - https://github.com/cvedayprotech3s/cve-2024-23113
 CVE-2024-23113 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23113 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-23113 - https://github.com/tr1pl3ight/CVE-2024-23113-POC
@@ -148674,6 +148682,7 @@ CVE-2024-23507 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23514 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23516 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23517 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-2352 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23525 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23550 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23552 - https://github.com/kaje11/CVEs
@@ -148986,6 +148995,7 @@ CVE-2024-24203 - https://github.com/l00neyhacker/CVE-2024-24203
 CVE-2024-24204 - https://github.com/l00neyhacker/CVE-2024-24204
 CVE-2024-24206 - https://github.com/l00neyhacker/CVE-2024-24206
 CVE-2024-24213 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-24246 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24258 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24259 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24300 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -149595,34 +149605,46 @@ CVE-2024-27139 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27140 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27198 - https://github.com/CharonDefalt/CVE-2024-27198-RCE
 CVE-2024-27198 - https://github.com/Chocapikk/CVE-2024-27198
+CVE-2024-27198 - https://github.com/K3ysTr0K3R/CVE-2024-27198-EXPLOIT
 CVE-2024-27198 - https://github.com/Ostorlab/KEV
 CVE-2024-27198 - https://github.com/Threekiii/CVE
 CVE-2024-27198 - https://github.com/W01fh4cker/CVE-2024-27198-RCE
+CVE-2024-27198 - https://github.com/ZonghaoLi777/githubTrending
+CVE-2024-27198 - https://github.com/aneasystone/github-trending
 CVE-2024-27198 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27198 - https://github.com/hcy-picus/emerging_threat_simulator
+CVE-2024-27198 - https://github.com/jafshare/GithubTrending
 CVE-2024-27198 - https://github.com/johe123qwe/github-trending
 CVE-2024-27198 - https://github.com/juev/links
 CVE-2024-27198 - https://github.com/labesterOct/CVE-2024-27198
 CVE-2024-27198 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-27198 - https://github.com/passwa11/CVE-2024-27198-RCE
 CVE-2024-27198 - https://github.com/rampantspark/CVE-2024-27198
+CVE-2024-27198 - https://github.com/sampsonv/github-trending
 CVE-2024-27198 - https://github.com/tanjiti/sec_profile
 CVE-2024-27198 - https://github.com/tucommenceapousser/CVE-2024-27198
 CVE-2024-27198 - https://github.com/wy876/POC
 CVE-2024-27198 - https://github.com/yoryio/CVE-2024-27198
+CVE-2024-27198 - https://github.com/zhaoxiaoha/github-trending
 CVE-2024-27199 - https://github.com/CharonDefalt/CVE-2024-27198-RCE
 CVE-2024-27199 - https://github.com/W01fh4cker/CVE-2024-27198-RCE
+CVE-2024-27199 - https://github.com/ZonghaoLi777/githubTrending
+CVE-2024-27199 - https://github.com/aneasystone/github-trending
 CVE-2024-27199 - https://github.com/hcy-picus/emerging_threat_simulator
+CVE-2024-27199 - https://github.com/jafshare/GithubTrending
 CVE-2024-27199 - https://github.com/johe123qwe/github-trending
 CVE-2024-27199 - https://github.com/juev/links
 CVE-2024-27199 - https://github.com/passwa11/CVE-2024-27198-RCE
 CVE-2024-27199 - https://github.com/rampantspark/CVE-2024-27198
+CVE-2024-27199 - https://github.com/sampsonv/github-trending
 CVE-2024-27199 - https://github.com/yoryio/CVE-2024-27198
+CVE-2024-27199 - https://github.com/zhaoxiaoha/github-trending
 CVE-2024-27215 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27278 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27283 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27284 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27285 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-27288 - https://github.com/seyrenus/trace-release
 CVE-2024-27288 - https://github.com/tanjiti/sec_profile
 CVE-2024-27294 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27295 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -149647,6 +149669,10 @@ CVE-2024-27508 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27515 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27516 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27517 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-27540 - https://github.com/Halcy0nic/Trophies
+CVE-2024-27541 - https://github.com/Halcy0nic/Trophies
+CVE-2024-27542 - https://github.com/Halcy0nic/Trophies
+CVE-2024-27543 - https://github.com/Halcy0nic/Trophies
 CVE-2024-27558 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27559 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27561 - https://github.com/zer0yu/CVE_Request

diff --git a/references.txt b/references.txt
@@ -82377,6 +82377,7 @@ CVE-2022-46570 - https://hackmd.io/@0dayResearch/SetWan3Settings_l2tp
 CVE-2022-46570 - https://hackmd.io/@0dayResearch/SetWan3Settings_pppoe
 CVE-2022-46570 - https://hackmd.io/@0dayResearch/SetWan3Settings_pptp
 CVE-2022-46570 - https://hackmd.io/@0dayResearch/r1zsTSmDs
+CVE-2022-46581 - https://brief-nymphea-813.notion.site/Vul5-TEW755-bof-tools_nslookup-c83bac14fe0f4f729535053459479fd1
 CVE-2022-46603 - https://github.com/10cks/inkdropPoc
 CVE-2022-46604 - http://packetstormsecurity.com/files/171720/Responsive-FileManager-9.9.5-Remote-Shell-Upload.html
 CVE-2022-46604 - https://medium.com/@_sadshade/file-extention-bypass-in-responsive-filemanager-9-5-5-leading-to-rce-authenticated-3290eddc54e7