Update Mon Jul 3 00:13:30 UTC 2023

trickest · Jul 3, 2023 · d51dc33 · d51dc33
1 parent f195756
commit d51dc33
Show file tree

Hide file tree

Showing 6 changed files with 58 additions and 0 deletions.
diff --git a/2019/CVE-2019-20074.md b/2019/CVE-2019-20074.md
@@ -10,6 +10,7 @@ On Netis DL4323 devices, any user role can view sensitive information, such as a
 ### POC
 
 #### Reference
+- https://drive.google.com/open?id=1MH6DMhP1JsV_RptGXDze0Vo9MDuCH9se
 - https://fatihhcelik.blogspot.com/2019/12/clear-text-password-netis-dl4323.html
 
 #### Github

diff --git a/2021/CVE-2021-3573.md b/2021/CVE-2021-3573.md
@@ -10,6 +10,7 @@ A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subs
 ### POC
 
 #### Reference
+- http://www.openwall.com/lists/oss-security/2023/07/02/1
 - https://www.openwall.com/lists/oss-security/2021/06/08/2
 
 #### Github

diff --git a/2022/CVE-2022-2804.md b/2022/CVE-2022-2804.md
@@ -0,0 +1,17 @@
+### [CVE-2022-2804](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2804)
+![](https://img.shields.io/static/v1?label=Product&message=Zoo%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability was found in SourceCodester Zoo Management System. It has been classified as critical. Affected is an unknown function of the file /pages/apply_vacancy.php. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-206250 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.206250
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-2934.md b/2023/CVE-2023-2934.md
@@ -0,0 +1,17 @@
+### [CVE-2023-2934](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2934)
+![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=114.0.5735.90%3C%20114.0.5735.90%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Out%20of%20bounds%20memory%20access&color=brighgreen)
+
+### Description
+
+Out of bounds memory access in Mojo in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
+
+### POC
+
+#### Reference
+- http://packetstormsecurity.com/files/173259/Chrome-Mojo-Message-Validation-Bypass.html
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-3439.md b/2023/CVE-2023-3439.md
@@ -0,0 +1,17 @@
+### [CVE-2023-3439](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3439)
+![](https://img.shields.io/static/v1?label=Product&message=Linux%20Kernel%20(mctp)&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416&color=brighgreen)
+
+### Description
+
+A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard detaches. However, a running routine may be unaware of this and cause the use-after-free of the mdev->addrs object, potentially leading to a denial of service.
+
+### POC
+
+#### Reference
+- http://www.openwall.com/lists/oss-security/2023/07/02/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/references.txt b/references.txt
@@ -54911,6 +54911,7 @@ CVE-2019-20063 - https://github.com/hoene/libmysofa/issues/67
 CVE-2019-20071 - https://drive.google.com/open?id=1p4HJ5C20TqY0rVNffdD5Zd7S_bGvDhnk
 CVE-2019-20072 - https://drive.google.com/open?id=1IGRYVci8fxic0jJJb-pAfAK1kJ4V2yGM
 CVE-2019-20073 - https://drive.google.com/open?id=1CxLrSKAczEZpm_7FERIrCGGJAs2mp6Go
+CVE-2019-20074 - https://drive.google.com/open?id=1MH6DMhP1JsV_RptGXDze0Vo9MDuCH9se
 CVE-2019-20074 - https://fatihhcelik.blogspot.com/2019/12/clear-text-password-netis-dl4323.html
 CVE-2019-20075 - https://drive.google.com/open?id=1795_joGaL3QXMFeJoJPiNgB_d913XePx
 CVE-2019-20076 - https://drive.google.com/open?id=1HrYqVKlSxhQqB5tNhhLIgpyfi0Y2ZL80
@@ -68605,6 +68606,7 @@ CVE-2021-35683 - https://www.oracle.com/security-alerts/cpujan2022.html
 CVE-2021-35686 - https://www.oracle.com/security-alerts/cpujan2022.html
 CVE-2021-35687 - https://www.oracle.com/security-alerts/cpujan2022.html
 CVE-2021-3572 - https://www.oracle.com/security-alerts/cpujul2022.html
+CVE-2021-3573 - http://www.openwall.com/lists/oss-security/2023/07/02/1
 CVE-2021-3573 - https://www.openwall.com/lists/oss-security/2021/06/08/2
 CVE-2021-3574 - https://github.com/ImageMagick/ImageMagick/issues/3540
 CVE-2021-3575 - https://github.com/uclouvain/openjpeg/issues/1347
@@ -73694,6 +73696,7 @@ CVE-2022-28002 - https://github.com/D4rkP0w4r/CVEs/blob/main/Movie%20Seat%20Rese
 CVE-2022-28005 - https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
 CVE-2022-28006 - https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip
 CVE-2022-2801 - https://vuldb.com/?id.206247
+CVE-2022-2804 - https://vuldb.com/?id.206250
 CVE-2022-28051 - https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/blob/main/CVE-2022-28051/README.md
 CVE-2022-28051 - https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28051
 CVE-2022-28060 - https://github.com/JiuBanSec/CVE/blob/main/VictorCMS%20SQL.md
@@ -79305,6 +79308,7 @@ CVE-2023-29210 - https://github.com/xwiki/xwiki-platform/security/advisories/GHS
 CVE-2023-29211 - https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-w7v9-fc49-4qg4
 CVE-2023-29212 - https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-c5f4-p5wv-2475
 CVE-2023-29214 - https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-qx9h-c5v6-ghqh
+CVE-2023-2934 - http://packetstormsecurity.com/files/173259/Chrome-Mojo-Message-Validation-Bypass.html
 CVE-2023-2935 - http://packetstormsecurity.com/files/173196/Chrome-v8-internal-Object-SetPropertyWithAccessor-Type-Confusion.html
 CVE-2023-2936 - http://packetstormsecurity.com/files/173197/Chrome-V8-Type-Confusion.html
 CVE-2023-29374 - https://github.com/hwchase17/langchain/issues/1026
@@ -79871,6 +79875,7 @@ CVE-2023-34362 - http://packetstormsecurity.com/files/172883/MOVEit-Transfer-SQL
 CVE-2023-34362 - http://packetstormsecurity.com/files/173110/MOVEit-SQL-Injection.html
 CVE-2023-34367 - http://blog.pi3.com.pl/?p=850
 CVE-2023-34367 - https://portswigger.net/daily-swig/blind-tcp-ip-hijacking-is-resurrected-for-windows-7
+CVE-2023-3439 - http://www.openwall.com/lists/oss-security/2023/07/02/1
 CVE-2023-34407 - https://cybir.com/2023/cve/proof-of-concept-checkpoint-learning-harbinger-systems-offline-player-multiple-poc-for-cl-4-0-6-0-2-lfi-excessive-rights/
 CVE-2023-34408 - https://huntr.dev/bounties/c6119106-1a5c-464c-94dd-ee7c5d0bece0/
 CVE-2023-34448 - https://huntr.dev/bounties/3ef640e6-9e25-4ecb-8ec1-64311d63fe66/