Update Sun May 12 02:07:42 UTC 2024

trickest · May 12, 2024 · 2f4f91d · 2f4f91d
1 parent 4468754
commit 2f4f91d
Show file tree

Hide file tree

Showing 10 changed files with 41 additions and 0 deletions.
diff --git a/2007/CVE-2007-1158.md b/2007/CVE-2007-1158.md
@@ -11,6 +11,7 @@ Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 through 6
 
 #### Reference
 - http://marc.info/?l=full-disclosure&m=117251821622820&w=2
+- http://securityreason.com/securityalert/2336
 
 #### Github
 No PoCs found on GitHub currently.

diff --git a/2007/CVE-2007-3952.md b/2007/CVE-2007-3952.md
@@ -0,0 +1,17 @@
+### [CVE-2007-3952](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3952)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to bypass the malware detection via a crafted DOC file, resulting from an "integer cast around".
+
+### POC
+
+#### Reference
+- http://securityreason.com/securityalert/2913
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2011/CVE-2011-0611.md b/2011/CVE-2011-0611.md
@@ -15,6 +15,7 @@ Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris a
 #### Github
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+- https://github.com/S3N4T0R-0X0/Energetic-Bear-APT
 - https://github.com/ministryofpromise/tlp
 - https://github.com/thongsia/Public-Pcaps
 
diff --git a/2012/CVE-2012-1723.md b/2012/CVE-2012-1723.md
@@ -16,4 +16,5 @@ Unspecified vulnerability in the Java Runtime Environment (JRE) component in Ora
 - https://github.com/EthanNJC/CVE-2012-1723
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+- https://github.com/S3N4T0R-0X0/Energetic-Bear-APT
 
diff --git a/2013/CVE-2013-1347.md b/2013/CVE-2013-1347.md
@@ -16,5 +16,6 @@ No PoCs from references.
 - https://github.com/7h3rAm/flowinspect
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+- https://github.com/S3N4T0R-0X0/Energetic-Bear-APT
 - https://github.com/ministryofpromise/tlp
 
diff --git a/2013/CVE-2013-2465.md b/2013/CVE-2013-2465.md
@@ -16,6 +16,7 @@ Unspecified vulnerability in the Java Runtime Environment (JRE) component in Ora
 #### Github
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+- https://github.com/S3N4T0R-0X0/Energetic-Bear-APT
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/ministryofpromise/tlp
 
diff --git a/2024/CVE-2024-1561.md b/2024/CVE-2024-1561.md
@@ -14,4 +14,5 @@ No PoCs from references.
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/2024/CVE-2024-22262.md b/2024/CVE-2024-22262.md
@@ -24,4 +24,5 @@ No PoCs from references.
 - https://github.com/hinat0y/Dataset7
 - https://github.com/hinat0y/Dataset8
 - https://github.com/hinat0y/Dataset9
+- https://github.com/tanjiti/sec_profile
 
diff --git a/github.txt b/github.txt
@@ -6578,6 +6578,7 @@ CVE-2011-0609 - https://github.com/Ostorlab/KEV
 CVE-2011-0609 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
 CVE-2011-0611 - https://github.com/Ostorlab/KEV
 CVE-2011-0611 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+CVE-2011-0611 - https://github.com/S3N4T0R-0X0/Energetic-Bear-APT
 CVE-2011-0611 - https://github.com/ministryofpromise/tlp
 CVE-2011-0611 - https://github.com/thongsia/Public-Pcaps
 CVE-2011-0638 - https://github.com/ARPSyndicate/cvemon
@@ -8183,6 +8184,7 @@ CVE-2012-1717 - https://github.com/Live-Hack-CVE/CVE-2012-1717
 CVE-2012-1723 - https://github.com/EthanNJC/CVE-2012-1723
 CVE-2012-1723 - https://github.com/Ostorlab/KEV
 CVE-2012-1723 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+CVE-2012-1723 - https://github.com/S3N4T0R-0X0/Energetic-Bear-APT
 CVE-2012-1734 - https://github.com/Live-Hack-CVE/CVE-2012-1734
 CVE-2012-1756 - https://github.com/Live-Hack-CVE/CVE-2012-1756
 CVE-2012-1757 - https://github.com/Live-Hack-CVE/CVE-2012-1757
@@ -9473,6 +9475,7 @@ CVE-2013-1345 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
 CVE-2013-1347 - https://github.com/7h3rAm/flowinspect
 CVE-2013-1347 - https://github.com/Ostorlab/KEV
 CVE-2013-1347 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+CVE-2013-1347 - https://github.com/S3N4T0R-0X0/Energetic-Bear-APT
 CVE-2013-1347 - https://github.com/ministryofpromise/tlp
 CVE-2013-1415 - https://github.com/ARPSyndicate/cvemon
 CVE-2013-1415 - https://github.com/chnzzh/OpenSSL-CVE-lib
@@ -10102,6 +10105,7 @@ CVE-2013-2450 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
 CVE-2013-2456 - https://github.com/PalindromeLabs/Java-Deserialization-CVEs
 CVE-2013-2465 - https://github.com/Ostorlab/KEV
 CVE-2013-2465 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+CVE-2013-2465 - https://github.com/S3N4T0R-0X0/Energetic-Bear-APT
 CVE-2013-2465 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2013-2465 - https://github.com/ministryofpromise/tlp
 CVE-2013-2551 - https://github.com/Ostorlab/KEV
@@ -62862,6 +62866,7 @@ CVE-2019-1234 - https://github.com/ARPSyndicate/cvemon
 CVE-2019-1234 - https://github.com/andrescl94/vuln-management-api
 CVE-2019-1234 - https://github.com/ashdsetty/Cloud-Security-Purple-Teaming
 CVE-2019-1234 - https://github.com/ashdsetty/Detection
+CVE-2019-1234567 - https://github.com/ma5hr00m/HelloWeb
 CVE-2019-12356 - https://github.com/ARPSyndicate/cvemon
 CVE-2019-12356 - https://github.com/brejoc/bscdiff
 CVE-2019-12372 - https://github.com/ARPSyndicate/cvemon
@@ -141787,6 +141792,7 @@ CVE-2023-27480 - https://github.com/karimhabush/cyberowl
 CVE-2023-27482 - https://github.com/ARPSyndicate/cvemon
 CVE-2023-27490 - https://github.com/karimhabush/cyberowl
 CVE-2023-27502 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-2752 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2023-27520 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-27522 - https://github.com/ARPSyndicate/cvemon
 CVE-2023-27522 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -156595,6 +156601,7 @@ CVE-2024-1556 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1557 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1559 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1561 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-1561 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-1562 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1563 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1564 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -157917,6 +157924,7 @@ CVE-2024-22262 - https://github.com/hinat0y/Dataset6
 CVE-2024-22262 - https://github.com/hinat0y/Dataset7
 CVE-2024-22262 - https://github.com/hinat0y/Dataset8
 CVE-2024-22262 - https://github.com/hinat0y/Dataset9
+CVE-2024-22262 - https://github.com/tanjiti/sec_profile
 CVE-2024-22264 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-22266 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2227 - https://github.com/NaInSec/CVE-LIST
@@ -162099,6 +162107,7 @@ CVE-2024-32467 - https://github.com/L1NG0v0/L1NG0v0
 CVE-2024-32467 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-32481 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3250 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-32523 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-3259 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3261 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-32638 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -162411,6 +162420,12 @@ CVE-2024-3416 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3422 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-34220 - https://github.com/dovankha/CVE-2024-34220
 CVE-2024-34220 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-34221 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-34222 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-34223 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-34224 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-34225 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-34226 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-3423 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-3424 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-34244 - https://github.com/fkie-cad/nvd-json-data-feeds

diff --git a/references.txt b/references.txt
@@ -6285,6 +6285,7 @@ CVE-2007-1133 - https://www.exploit-db.com/exploits/3365
 CVE-2007-1152 - https://www.exploit-db.com/exploits/8095
 CVE-2007-1156 - http://securityreason.com/securityalert/2370
 CVE-2007-1158 - http://marc.info/?l=full-disclosure&m=117251821622820&w=2
+CVE-2007-1158 - http://securityreason.com/securityalert/2336
 CVE-2007-1162 - https://www.exploit-db.com/exploits/3350
 CVE-2007-1163 - https://www.exploit-db.com/exploits/3351
 CVE-2007-1164 - https://www.exploit-db.com/exploits/3353
@@ -7727,6 +7728,7 @@ CVE-2007-3939 - https://www.exploit-db.com/exploits/4192
 CVE-2007-3940 - http://packetstormsecurity.org/0707-advisories/quickersite-xss.txt
 CVE-2007-3944 - http://www.nytimes.com/2007/07/23/technology/23iphone.html?_r=1&adxnnl=1&adxnnlx=1185163364-1OTsRJvbylLamj17FY2wnw&oref=slogin
 CVE-2007-3951 - http://securityreason.com/securityalert/2912
+CVE-2007-3952 - http://securityreason.com/securityalert/2913
 CVE-2007-3953 - http://securityreason.com/securityalert/2914
 CVE-2007-3955 - https://www.exploit-db.com/exploits/4217
 CVE-2007-3956 - https://www.exploit-db.com/exploits/4205