diff --git a/2022/CVE-2022-2586.md b/2022/CVE-2022-2586.md index b7f884042b..278ecc655e 100644 --- a/2022/CVE-2022-2586.md +++ b/2022/CVE-2022-2586.md @@ -10,6 +10,7 @@ It was discovered that a nft object or expression could reference a nft set on a ### POC #### Reference +- https://ubuntu.com/security/notices/USN-5560-2 - https://ubuntu.com/security/notices/USN-5562-1 - https://www.openwall.com/lists/oss-security/2022/08/09/5 diff --git a/2022/CVE-2022-2588.md b/2022/CVE-2022-2588.md index 0d7354216c..9ec3e37936 100644 --- a/2022/CVE-2022-2588.md +++ b/2022/CVE-2022-2588.md @@ -10,6 +10,7 @@ It was discovered that the cls_route filter implementation in the Linux kernel w ### POC #### Reference +- https://ubuntu.com/security/notices/USN-5560-2 - https://ubuntu.com/security/notices/USN-5562-1 - https://www.openwall.com/lists/oss-security/2022/08/09/6 diff --git a/2023/CVE-2023-46596.md b/2023/CVE-2023-46596.md index f52b1924b6..08521b63a1 100644 --- a/2023/CVE-2023-46596.md +++ b/2023/CVE-2023-46596.md @@ -1,11 +1,11 @@ ### [CVE-2023-46596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46596) ![](https://img.shields.io/static/v1?label=Product&message=Algosec%20FireFlow&color=blue) -![](https://img.shields.io/static/v1?label=Version&message=%3D%20A32.10%2C%20A32.20%2C%20A32.50%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20A32.20%2C%20A32.50%2C%20A32.60%20&color=brighgreen) ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) ### Description -Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version A32.20 (b600 andabove), A32.50 (b430 andabove), A32.60 (b250 andabove) +Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version A32.20 (b600 and above), A32.50 (b430 and above), A32.60 (b250 and above) ### POC diff --git a/2023/CVE-2023-46980.md b/2023/CVE-2023-46980.md index 9d68a2c132..039ec62420 100644 --- a/2023/CVE-2023-46980.md +++ b/2023/CVE-2023-46980.md @@ -11,6 +11,7 @@ An issue in Best Courier Management System v.1.0 allows a remote attacker to exe #### Reference - https://github.com/sajaljat/CVE-2023-46980/tree/main +- https://youtu.be/3Mz2lSElg7Y #### Github - https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2023/CVE-2023-47218.md b/2023/CVE-2023-47218.md index 9c3a36cc73..6c7a400f7b 100644 --- a/2023/CVE-2023-47218.md +++ b/2023/CVE-2023-47218.md @@ -13,7 +13,7 @@ An OS command injection vulnerability has been reported to affect several QNAP o ### POC #### Reference -No PoCs from references. +- https://www.rapid7.com/blog/post/2024/02/13/cve-2023-47218-qnap-qts-and-quts-hero-unauthenticated-command-injection-fixed/ #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2023/CVE-2023-50356.md b/2023/CVE-2023-50356.md index ba759aafd7..15f5cd77d5 100644 --- a/2023/CVE-2023-50356.md +++ b/2023/CVE-2023-50356.md @@ -5,7 +5,7 @@ ### Description -SSL connections to NOVELL and Synology LDAP server are vulnerable to a man-in-the-middle attack due to improper certificate validation in AREAL Topkapi Vision (Server). This allows a remote unauthenticated attacker to gather sensitive information and prevent valid users from login. +SSL connections to some LDAP servers are vulnerable to a man-in-the-middle attack due to improper certificate validation in AREAL Topkapi Vision (Server). This allows a remote unauthenticated attacker to gather sensitive information and prevent valid users from login. ### POC diff --git a/2024/CVE-2024-24386.md b/2024/CVE-2024-24386.md new file mode 100644 index 0000000000..b9c267470b --- /dev/null +++ b/2024/CVE-2024-24386.md @@ -0,0 +1,18 @@ +### [CVE-2024-24386](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24386) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +An issue in VitalPBX v.3.2.4-5 allows an attacker to execute arbitrary code via a crafted payload to the /var/lib/vitalpbx/scripts folder. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/erick-duarte/CVE-2024-24386 +- https://github.com/nomi-sec/PoC-in-GitHub + diff --git a/2024/CVE-2024-25301.md b/2024/CVE-2024-25301.md new file mode 100644 index 0000000000..0daab71598 --- /dev/null +++ b/2024/CVE-2024-25301.md @@ -0,0 +1,17 @@ +### [CVE-2024-25301](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25301) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +Redaxo v5.15.1 was discovered to contain a remote code execution (RCE) vulnerability via the component /pages/templates.php. + +### POC + +#### Reference +- https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39459 + +#### Github +No PoCs found on GitHub currently. + diff --git a/references.txt b/references.txt index 30a38d5a54..91ac403db0 100644 --- a/references.txt +++ b/references.txt @@ -76659,6 +76659,7 @@ CVE-2022-25854 - https://bsg.tech/blog/cve-2022-25854-stored-xss-in-yaireo-tagif CVE-2022-25855 - https://security.snyk.io/vuln/SNYK-JS-CREATECHOOAPP3-3157951 CVE-2022-25858 - https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949722 CVE-2022-25858 - https://snyk.io/vuln/SNYK-JS-TERSER-2806366 +CVE-2022-2586 - https://ubuntu.com/security/notices/USN-5560-2 CVE-2022-2586 - https://ubuntu.com/security/notices/USN-5562-1 CVE-2022-2586 - https://www.openwall.com/lists/oss-security/2022/08/09/5 CVE-2022-25860 - https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3177391 @@ -76680,6 +76681,7 @@ CVE-2022-25875 - https://snyk.io/vuln/SNYK-JS-SVELTE-2931080 CVE-2022-25876 - https://snyk.io/vuln/SNYK-JS-LINKPREVIEWJS-2933520 CVE-2022-25878 - https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2841507 CVE-2022-25878 - https://snyk.io/vuln/SNYK-JS-PROTOBUFJS-2441248 +CVE-2022-2588 - https://ubuntu.com/security/notices/USN-5560-2 CVE-2022-2588 - https://ubuntu.com/security/notices/USN-5562-1 CVE-2022-2588 - https://www.openwall.com/lists/oss-security/2022/08/09/6 CVE-2022-25881 - https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332 @@ -86681,6 +86683,7 @@ CVE-2023-46978 - https://github.com/shinypolaris/vuln-reports/blob/master/TOTOLI CVE-2023-46979 - https://github.com/shinypolaris/vuln-reports/blob/master/TOTOLINK%20X6000R/2/README.md CVE-2023-4698 - https://huntr.dev/bounties/e1107d79-1d63-4238-90b7-5cc150512654 CVE-2023-46980 - https://github.com/sajaljat/CVE-2023-46980/tree/main +CVE-2023-46980 - https://youtu.be/3Mz2lSElg7Y CVE-2023-46981 - https://github.com/JunFengDeng/Cve-List/blob/main/novel-plus/20231027/vuln/readme.md CVE-2023-46987 - https://blog.csdn.net/weixin_72610998/article/details/133420747?spm=1001.2014.3001.5501 CVE-2023-46992 - https://github.com/AuroraHaaash/vul_report/blob/main/TOTOLINK%20A3300R/readme.md @@ -86698,6 +86701,7 @@ CVE-2023-4714 - http://packetstormsecurity.com/files/174446/PlayTube-3.0.1-Infor CVE-2023-47171 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1869 CVE-2023-4720 - https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad CVE-2023-4721 - https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc +CVE-2023-47218 - https://www.rapid7.com/blog/post/2024/02/13/cve-2023-47218-qnap-qts-and-quts-hero-unauthenticated-command-injection-fixed/ CVE-2023-4722 - https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830 CVE-2023-47249 - https://github.com/InternationalColorConsortium/DemoIccMAX/issues/54 CVE-2023-47250 - http://packetstormsecurity.com/files/175949/m-privacy-TightGate-Pro-Code-Execution-Insecure-Permissions.html @@ -87859,6 +87863,7 @@ CVE-2024-25218 - https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20 CVE-2024-25220 - https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20SQL%20Injection%20-%202.md CVE-2024-25222 - https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20SQL%20Injection%20-%201.md CVE-2024-25300 - https://github.com/WoodManGitHub/MyCVEs/blob/main/2024-REDAXO/XSS.md +CVE-2024-25301 - https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39459 CVE-2024-25302 - https://github.com/tubakvgc/CVE/blob/main/Event_Student_Attendance_System.md CVE-2024-25304 - https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-2.md CVE-2024-25305 - https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20Authentication%20Bypass.md