Update Fri Mar 22 02:01:44 UTC 2024

trickest · Mar 22, 2024 · 579b14f · 579b14f
1 parent 2db6df0
commit 579b14f
Show file tree

Hide file tree

Showing 8 changed files with 85 additions and 0 deletions.
diff --git a/2012/CVE-2012-2395.md b/2012/CVE-2012-2395.md
@@ -0,0 +1,17 @@
+### [CVE-2012-2395](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2395)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Incomplete blacklist vulnerability in action_power.py in Cobbler 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) username or (2) password fields to the power_system method in the xmlrpc API.
+
+### POC
+
+#### Reference
+- https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2012/CVE-2012-2982.md b/2012/CVE-2012-2982.md
@@ -20,6 +20,7 @@ file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to e
 - https://github.com/Ari-Weinberg/CVE-2012-2982
 - https://github.com/CVEDB/PoC-List
 - https://github.com/CVEDB/awesome-cve-repo
+- https://github.com/CpyRe/CVE-2012-2982
 - https://github.com/Dawnn3619/CVE-2012-2982
 - https://github.com/Hackgodybj/Webmin_RCE_version-1.580
 - https://github.com/JohnHammond/CVE-2012-2982

diff --git a/2014/CVE-2014-0160.md b/2014/CVE-2014-0160.md
@@ -515,6 +515,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p
 - https://github.com/tristan-spoerri/Penetration-Testing
 - https://github.com/turtlesec-no/insecure_project
 - https://github.com/twseptian/vulnerable-resource
+- https://github.com/txuswashere/Cyber-Sec-Resources-Tools
 - https://github.com/txuswashere/Penetration-Testing
 - https://github.com/ulm1ghty/HackingGuide
 - https://github.com/undacmic/heartbleed-proof-of-concept

diff --git a/2019/CVE-2019-4047.md b/2019/CVE-2019-4047.md
@@ -0,0 +1,17 @@
+### [CVE-2019-4047](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4047)
+![](https://img.shields.io/static/v1?label=Product&message=Jazz%20Reporting%20Service&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Obtain%20Information&color=brighgreen)
+
+### Description
+
+IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. IBM X-Force ID: 156243.
+
+### POC
+
+#### Reference
+- https://www.ibm.com/support/docview.wss?uid=ibm10882262
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-1212.md b/2024/CVE-2024-1212.md
@@ -16,4 +16,5 @@ No PoCs from references.
 - https://github.com/Chocapikk/CVE-2024-1212
 - https://github.com/RhinoSecurityLabs/CVEs
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/tanjiti/sec_profile
 
diff --git a/2024/CVE-2024-21412.md b/2024/CVE-2024-21412.md
@@ -32,4 +32,5 @@ No PoCs from references.
 #### Github
 - https://github.com/GarethPullen/Powershell-Scripts
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nomi-sec/PoC-in-GitHub
 
diff --git a/github.txt b/github.txt
@@ -8353,6 +8353,7 @@ CVE-2012-2982 - https://github.com/AlexJS6/CVE-2012-2982_Python
 CVE-2012-2982 - https://github.com/Ari-Weinberg/CVE-2012-2982
 CVE-2012-2982 - https://github.com/CVEDB/PoC-List
 CVE-2012-2982 - https://github.com/CVEDB/awesome-cve-repo
+CVE-2012-2982 - https://github.com/CpyRe/CVE-2012-2982
 CVE-2012-2982 - https://github.com/Dawnn3619/CVE-2012-2982
 CVE-2012-2982 - https://github.com/Hackgodybj/Webmin_RCE_version-1.580
 CVE-2012-2982 - https://github.com/JohnHammond/CVE-2012-2982
@@ -11456,6 +11457,7 @@ CVE-2014-0160 - https://github.com/trapp3rhat/CVE-shellshock
 CVE-2014-0160 - https://github.com/tristan-spoerri/Penetration-Testing
 CVE-2014-0160 - https://github.com/turtlesec-no/insecure_project
 CVE-2014-0160 - https://github.com/twseptian/vulnerable-resource
+CVE-2014-0160 - https://github.com/txuswashere/Cyber-Sec-Resources-Tools
 CVE-2014-0160 - https://github.com/txuswashere/Penetration-Testing
 CVE-2014-0160 - https://github.com/ulm1ghty/HackingGuide
 CVE-2014-0160 - https://github.com/undacmic/heartbleed-proof-of-concept
@@ -134717,6 +134719,7 @@ CVE-2023-22621 - https://github.com/strapi/security-patches
 CVE-2023-22622 - https://github.com/ARPSyndicate/cvemon
 CVE-2023-22622 - https://github.com/alopresto/epss_api_demo
 CVE-2023-22622 - https://github.com/alopresto6m/epss_api_demo
+CVE-2023-22622 - https://github.com/michael-david-fry/wp-cron-smash
 CVE-2023-22655 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-22672 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-22680 - https://github.com/karimhabush/cyberowl
@@ -142844,6 +142847,7 @@ CVE-2023-47704 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-47705 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-47706 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-47707 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-47715 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-47716 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-47722 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-4774 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -143365,6 +143369,7 @@ CVE-2023-49769 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-49775 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-49777 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-49785 - https://github.com/seyrenus/trace-release
+CVE-2023-49785 - https://github.com/tanjiti/sec_profile
 CVE-2023-49794 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-49797 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-49798 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -149987,6 +149992,7 @@ CVE-2024-1210 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-1212 - https://github.com/Chocapikk/CVE-2024-1212
 CVE-2024-1212 - https://github.com/RhinoSecurityLabs/CVEs
 CVE-2024-1212 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-1212 - https://github.com/tanjiti/sec_profile
 CVE-2024-1220 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1221 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1222 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -150052,6 +150058,7 @@ CVE-2024-1367 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1374 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1377 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1381 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-1394 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1398 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1402 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-1403 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -150543,6 +150550,7 @@ CVE-2024-21411 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-21411 - https://github.com/rkraper339/CVE-2024-21411-POC
 CVE-2024-21412 - https://github.com/GarethPullen/Powershell-Scripts
 CVE-2024-21412 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-21412 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-21413 - https://github.com/CMNatic/CVE-2024-21413
 CVE-2024-21413 - https://github.com/DevAkabari/CVE-2024-21413
 CVE-2024-21413 - https://github.com/MSeymenD/CVE-2024-21413
@@ -151646,6 +151654,9 @@ CVE-2024-24592 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24593 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24594 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24595 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-2463 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-2464 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-2465 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24680 - https://github.com/ch4n3-yoon/ch4n3-yoon
 CVE-2024-24681 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2469 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -151748,6 +151759,7 @@ CVE-2024-24936 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24937 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24938 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24939 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-2494 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24940 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24941 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-24942 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -152162,6 +152174,7 @@ CVE-2024-26198 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-2620 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-26204 - https://github.com/Ch0pin/related_work
 CVE-2024-2621 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-2621 - https://github.com/tanjiti/sec_profile
 CVE-2024-2622 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2625 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2626 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -152489,6 +152502,9 @@ CVE-2024-27938 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27949 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27974 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-27986 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-27993 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-27994 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-27995 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28039 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28069 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28070 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -152631,6 +152647,7 @@ CVE-2024-28757 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28757 - https://github.com/fokypoky/places-list
 CVE-2024-28816 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28823 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-28834 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28849 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28855 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28864 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -152654,7 +152671,35 @@ CVE-2024-29143 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-29151 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-29154 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-29156 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29243 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29244 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-29419 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29439 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29440 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29441 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29442 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29443 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29444 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29445 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29447 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29448 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29449 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29450 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29452 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29454 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29455 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-29866 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29870 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29871 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29872 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29873 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29874 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29875 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29876 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29877 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29878 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29879 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-29880 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5678 - https://github.com/Dashrath158/CVE-Management-App-using-Flask
 CVE-2024-65230 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2039-3799 - https://github.com/Loneyers/SpringBootScan

diff --git a/references.txt b/references.txt
@@ -20266,6 +20266,7 @@ CVE-2012-2371 - http://packetstormsecurity.org/files/112658/WordPress-WP-FaceThu
 CVE-2012-2376 - http://isc.sans.edu/diary.html?storyid=13255
 CVE-2012-2376 - http://openwall.com/lists/oss-security/2012/05/20/2
 CVE-2012-2376 - https://bugzilla.redhat.com/show_bug.cgi?id=823464
+CVE-2012-2395 - https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf
 CVE-2012-2396 - http://www.exploit-db.com/exploits/18757/
 CVE-2012-2399 - http://make.wordpress.org/core/2013/06/21/secure-swfupload/
 CVE-2012-2399 - http://packetstormsecurity.com/files/120746/SWFUpload-Content-Spoofing-Cross-Site-Scripting.html
@@ -58649,6 +58650,7 @@ CVE-2019-3999 - https://www.tenable.com/security/research/tra-2020-12
 CVE-2019-4000 - https://www.tenable.com/security/research/tra-2020-12
 CVE-2019-4001 - https://www.tenable.com/security/research/tra-2020-12
 CVE-2019-4013 - http://packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitary-File-Upload-Code-Execution.html
+CVE-2019-4047 - https://www.ibm.com/support/docview.wss?uid=ibm10882262
 CVE-2019-4149 - https://www.ibm.com/support/docview.wss?uid=ibm10885104
 CVE-2019-4178 - http://www.ibm.com/support/docview.wss?uid=ibm10879079
 CVE-2019-4253 - http://www.ibm.com/support/docview.wss?uid=ibm10964987