Update Mon Feb 26 09:58:34 UTC 2024

trickest · Feb 26, 2024 · 42ddc5c · 42ddc5c
1 parent 62ce4c7
commit 42ddc5c
Show file tree

Hide file tree

Showing 14 changed files with 37 additions and 2 deletions.
diff --git a/2019/CVE-2019-25076.md b/2019/CVE-2019-25076.md
@@ -10,6 +10,7 @@ The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.
 ### POC
 
 #### Reference
+- https://www.youtube.com/watch?v=5cHpzVK0D28
 - https://www.youtube.com/watch?v=DSC3m-Bww64
 
 #### Github

diff --git a/2023/CVE-2023-28218.md b/2023/CVE-2023-28218.md
@@ -46,4 +46,5 @@ No PoCs from references.
 
 #### Github
 - https://github.com/h1bAna/CVE-2023-28218
+- https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/2023/CVE-2023-34188.md b/2023/CVE-2023-34188.md
@@ -10,7 +10,7 @@ The HTTP server in Mongoose before 7.10 accepts requests containing negative Con
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/cesanta/mongoose/pull/2197
 
 #### Github
 - https://github.com/narfindustries/http-garden

diff --git a/2023/CVE-2023-44467.md b/2023/CVE-2023-44467.md
@@ -5,7 +5,7 @@
 
 ### Description
 
-langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via the PALChain in the python exec method.
+langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via __import__ in Python code, which is not prohibited by pal_chain/base.py.
 
 ### POC
 

diff --git a/2023/CVE-2023-50643.md b/2023/CVE-2023-50643.md
@@ -15,5 +15,6 @@ No PoCs from references.
 #### Github
 - https://github.com/V3x0r/CVE-2023-50643
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/giovannipajeu1/giovannipajeu1
 - https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/2024/CVE-2024-23738.md b/2024/CVE-2024-23738.md
@@ -15,5 +15,7 @@ No PoCs from references.
 #### Github
 - https://github.com/V3x0r/CVE-2024-23738
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/giovannipajeu1/CVE-2024-23738
+- https://github.com/giovannipajeu1/giovannipajeu1
 - https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/2024/CVE-2024-23739.md b/2024/CVE-2024-23739.md
@@ -16,5 +16,8 @@ No PoCs from references.
 - https://github.com/V3x0r/CVE-2024-23739
 - https://github.com/V3x0r/CVE-2024-23740
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/giovannipajeu1/CVE-2024-23739
+- https://github.com/giovannipajeu1/CVE-2024-23740
+- https://github.com/giovannipajeu1/giovannipajeu1
 - https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/2024/CVE-2024-23740.md b/2024/CVE-2024-23740.md
@@ -15,5 +15,7 @@ No PoCs from references.
 #### Github
 - https://github.com/V3x0r/CVE-2024-23740
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/giovannipajeu1/CVE-2024-23740
+- https://github.com/giovannipajeu1/giovannipajeu1
 - https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/2024/CVE-2024-23741.md b/2024/CVE-2024-23741.md
@@ -15,5 +15,7 @@ No PoCs from references.
 #### Github
 - https://github.com/V3x0r/CVE-2024-23741
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/giovannipajeu1/CVE-2024-23741
+- https://github.com/giovannipajeu1/giovannipajeu1
 - https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/2024/CVE-2024-23742.md b/2024/CVE-2024-23742.md
@@ -15,5 +15,7 @@ No PoCs from references.
 #### Github
 - https://github.com/V3x0r/CVE-2024-23742
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/giovannipajeu1/CVE-2024-23742
+- https://github.com/giovannipajeu1/giovannipajeu1
 - https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/2024/CVE-2024-23743.md b/2024/CVE-2024-23743.md
@@ -15,5 +15,7 @@ No PoCs from references.
 #### Github
 - https://github.com/V3x0r/CVE-2024-23743
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/giovannipajeu1/CVE-2024-23743
+- https://github.com/giovannipajeu1/giovannipajeu1
 - https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/2024/CVE-2024-23897.md b/2024/CVE-2024-23897.md
@@ -16,6 +16,7 @@ Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of
 #### Github
 - https://github.com/10T4/PoC-Fix-jenkins-rce_CVE-2024-23897
 - https://github.com/20142995/sectool
+- https://github.com/Abo5/CVE-2024-23897
 - https://github.com/AbraXa5/AbraXa5
 - https://github.com/AbraXa5/Jenkins-CVE-2024-23897
 - https://github.com/B4CK4TT4CK/CVE-2024-23897

diff --git a/github.txt b/github.txt
@@ -134218,6 +134218,7 @@ CVE-2023-28206 - https://github.com/jake-44/Research
 CVE-2023-28206 - https://github.com/karimhabush/cyberowl
 CVE-2023-28206 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2023-28218 - https://github.com/h1bAna/CVE-2023-28218
+CVE-2023-28218 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2023-2822 - https://github.com/cberman/CVE-2023-2822-demo
 CVE-2023-2822 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2023-28222 - https://github.com/Wh04m1001/CVE-2023-29343
@@ -140725,6 +140726,7 @@ CVE-2023-50632 - https://github.com/sdpyly/bug_report_wifi-control
 CVE-2023-50639 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-50643 - https://github.com/V3x0r/CVE-2023-50643
 CVE-2023-50643 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-50643 - https://github.com/giovannipajeu1/giovannipajeu1
 CVE-2023-50643 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2023-50671 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-5070 - https://github.com/RandomRobbieBF/CVE-2023-5070
@@ -147701,22 +147703,35 @@ CVE-2024-23731 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23732 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23738 - https://github.com/V3x0r/CVE-2024-23738
 CVE-2024-23738 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-23738 - https://github.com/giovannipajeu1/CVE-2024-23738
+CVE-2024-23738 - https://github.com/giovannipajeu1/giovannipajeu1
 CVE-2024-23738 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-23739 - https://github.com/V3x0r/CVE-2024-23739
 CVE-2024-23739 - https://github.com/V3x0r/CVE-2024-23740
 CVE-2024-23739 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-23739 - https://github.com/giovannipajeu1/CVE-2024-23739
+CVE-2024-23739 - https://github.com/giovannipajeu1/CVE-2024-23740
+CVE-2024-23739 - https://github.com/giovannipajeu1/giovannipajeu1
 CVE-2024-23739 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-23740 - https://github.com/V3x0r/CVE-2024-23740
 CVE-2024-23740 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-23740 - https://github.com/giovannipajeu1/CVE-2024-23740
+CVE-2024-23740 - https://github.com/giovannipajeu1/giovannipajeu1
 CVE-2024-23740 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-23741 - https://github.com/V3x0r/CVE-2024-23741
 CVE-2024-23741 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-23741 - https://github.com/giovannipajeu1/CVE-2024-23741
+CVE-2024-23741 - https://github.com/giovannipajeu1/giovannipajeu1
 CVE-2024-23741 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-23742 - https://github.com/V3x0r/CVE-2024-23742
 CVE-2024-23742 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-23742 - https://github.com/giovannipajeu1/CVE-2024-23742
+CVE-2024-23742 - https://github.com/giovannipajeu1/giovannipajeu1
 CVE-2024-23742 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-23743 - https://github.com/V3x0r/CVE-2024-23743
 CVE-2024-23743 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-23743 - https://github.com/giovannipajeu1/CVE-2024-23743
+CVE-2024-23743 - https://github.com/giovannipajeu1/giovannipajeu1
 CVE-2024-23743 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-23744 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23745 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -147802,6 +147817,7 @@ CVE-2024-23895 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23896 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-23897 - https://github.com/10T4/PoC-Fix-jenkins-rce_CVE-2024-23897
 CVE-2024-23897 - https://github.com/20142995/sectool
+CVE-2024-23897 - https://github.com/Abo5/CVE-2024-23897
 CVE-2024-23897 - https://github.com/AbraXa5/AbraXa5
 CVE-2024-23897 - https://github.com/AbraXa5/Jenkins-CVE-2024-23897
 CVE-2024-23897 - https://github.com/B4CK4TT4CK/CVE-2024-23897

diff --git a/references.txt b/references.txt
@@ -57643,6 +57643,7 @@ CVE-2019-2507 - http://www.oracle.com/technetwork/security-advisory/cpujan2019-5
 CVE-2019-25070 - https://vuldb.com/?id.135125
 CVE-2019-25071 - https://youtu.be/AeuGjMbAirU
 CVE-2019-25075 - https://medium.com/@maxime.escourbiac/write-up-of-path-traversal-on-gravitee-io-8835941be69f
+CVE-2019-25076 - https://www.youtube.com/watch?v=5cHpzVK0D28
 CVE-2019-25076 - https://www.youtube.com/watch?v=DSC3m-Bww64
 CVE-2019-2508 - http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
 CVE-2019-2509 - http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
@@ -85544,6 +85545,7 @@ CVE-2023-34133 - http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9
 CVE-2023-34151 - https://github.com/ImageMagick/ImageMagick/issues/6341
 CVE-2023-34152 - https://github.com/ImageMagick/ImageMagick/issues/6339
 CVE-2023-34153 - https://github.com/ImageMagick/ImageMagick/issues/6338
+CVE-2023-34188 - https://github.com/cesanta/mongoose/pull/2197
 CVE-2023-34198 - https://advisories.stormshield.eu/2023-019
 CVE-2023-34204 - https://github.com/imapsync/imapsync/issues/399
 CVE-2023-34205 - https://github.com/moov-io/signedxml/issues/23