👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-22947
Github: https://github.com/yunusemreoztas/CVE-2022-22947
Describe:
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
Mumber: CVE-2022-22947
Github: https://github.com/yunusemreoztas/CVE-2022-22947
Describe:
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
GitHub
GitHub - yunusemreoztas/CVE-2022-22947: Spring-CVE-2022-22947
Spring-CVE-2022-22947. Contribute to yunusemreoztas/CVE-2022-22947 development by creating an account on GitHub.
** fscan ** 🔧Tool update
Tools name:fscan
Tools url:https://github.com/shadow1ng/fscan/commit/9b0f12c31a87eb0b73f0e8235deb29f5b0674c73
commitUpdate log:
update go.mod
Tools name:fscan
Tools url:https://github.com/shadow1ng/fscan/commit/9b0f12c31a87eb0b73f0e8235deb29f5b0674c73
commitUpdate log:
update go.mod
GitHub
update go.mod · shadow1ng/fscan@9b0f12c
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。. Contribute to shadow1ng/fscan development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-29464
Github: https://github.com/Blackyguy/-CVE-2022-29464
Describe:
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0.
Mumber: CVE-2022-29464
Github: https://github.com/Blackyguy/-CVE-2022-29464
Describe:
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0.
GitHub
GitHub - Blackyguy/-CVE-2022-29464
Contribute to Blackyguy/-CVE-2022-29464 development by creating an account on GitHub.
** xray ** 🔧Tool update
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
GitHub
Update jellyfin-cve-2021-29490.yml (#1632) · chaitin/xray@a9ddda5
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档. Contribute to chaitin/xray development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-29582
Github: https://github.com/Ruia-ruia/CVE-2022-29582-Exploit
Describe:
In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently.
Mumber: CVE-2022-29582
Github: https://github.com/Ruia-ruia/CVE-2022-29582-Exploit
Describe:
In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently.
GitHub
GitHub - Ruia-ruia/CVE-2022-29582-Exploit: Exploit for CVE-2022-29582 targeting Google's Kernel CTF
Exploit for CVE-2022-29582 targeting Google's Kernel CTF - Ruia-ruia/CVE-2022-29582-Exploit
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-34970
Github: https://github.com/0xhebi/CVE-2022-34970
Describe:
Crow before v1.0+4 was discovered to contain a buffer overflow via the function qs_parse at query_string.h. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Mumber: CVE-2022-34970
Github: https://github.com/0xhebi/CVE-2022-34970
Describe:
Crow before v1.0+4 was discovered to contain a buffer overflow via the function qs_parse at query_string.h. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
GitHub
GitHub - 0xhebi/CVE-2022-34970: Vulnerability in Crow prior v1.0+4
Vulnerability in Crow prior v1.0+4. Contribute to 0xhebi/CVE-2022-34970 development by creating an account on GitHub.
** xray ** 🔧Tool update
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
GitHub
Update jellyfin-cve-2021-29490.yml (#1632) · chaitin/xray@a9ddda5
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档. Contribute to chaitin/xray development by creating an account on GitHub.
** nps ** 🔧Tool update
Tools name:nps
Tools url:https://github.com/ehang-io/nps/commit/ab648d6f0c618c690a7a79948a7ebd686e1cdafc
commitUpdate log:
Merge pull request #866 from freeoa/master
add build to apple silicon(M1)
Tools name:nps
Tools url:https://github.com/ehang-io/nps/commit/ab648d6f0c618c690a7a79948a7ebd686e1cdafc
commitUpdate log:
Merge pull request #866 from freeoa/master
add build to apple silicon(M1)
GitHub
Merge pull request #866 from freeoa/master · ehang-io/nps@ab648d6
add build to apple silicon(M1)
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-32224
Github: https://github.com/ooooooo-q/cve-2022-32224-rails
Describe:
**
Mumber: CVE-2022-32224
Github: https://github.com/ooooooo-q/cve-2022-32224-rails
Describe:
**
GitHub
GitHub - ooooooo-q/cve-2022-32224-rails
Contribute to ooooooo-q/cve-2022-32224-rails development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-24086
Github: https://github.com/oK0mo/CVE-2022-24086-RCE-PoC
Describe:
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.
Mumber: CVE-2022-24086
Github: https://github.com/oK0mo/CVE-2022-24086-RCE-PoC
Describe:
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.
GitHub
GitHub - oK0mo/CVE-2022-24086-RCE-PoC: Verifed Proof of Concept on CVE-2022-24086
Verifed Proof of Concept on CVE-2022-24086. Contribute to oK0mo/CVE-2022-24086-RCE-PoC development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-31061
Github: https://github.com/Vu0r1/CVE-2022-31061
Describe:
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.
Mumber: CVE-2022-31061
Github: https://github.com/Vu0r1/CVE-2022-31061
Describe:
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.
GitHub
GitHub - Vu0r1-sec/CVE-2022-31061: PoC for GLPI CVE-2022-31061
PoC for GLPI CVE-2022-31061. Contribute to Vu0r1-sec/CVE-2022-31061 development by creating an account on GitHub.
** xray ** 🔧Tool update
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
GitHub
Update jellyfin-cve-2021-29490.yml (#1632) · chaitin/xray@a9ddda5
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档. Contribute to chaitin/xray development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-22620
Github: https://github.com/springsec/CVE-2022-22620
Describe:
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
Mumber: CVE-2022-22620
Github: https://github.com/springsec/CVE-2022-22620
Describe:
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
GitHub
GitHub - springsec/CVE-2022-22620: Webkit (Safari) - Exploit
Webkit (Safari) - Exploit. Contribute to springsec/CVE-2022-22620 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-1857
Github: https://github.com/frostb1ten/CVE-2022-1857
Describe:
Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page.
Mumber: CVE-2022-1857
Github: https://github.com/frostb1ten/CVE-2022-1857
Describe:
Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page.
** xray ** 🔧Tool update
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
GitHub
Update jellyfin-cve-2021-29490.yml (#1632) · chaitin/xray@a9ddda5
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档. Contribute to chaitin/xray development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-31101
Github: https://github.com/karthikuj/CVE-2022-31101
Describe:
prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue.
Mumber: CVE-2022-31101
Github: https://github.com/karthikuj/CVE-2022-31101
Describe:
prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue.
GitHub
GitHub - karthikuj/CVE-2022-31101: Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)
Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101) - karthikuj/CVE-2022-31101
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-21881
Github: https://github.com/theabysslabs/CVE-2022-21881
Describe:
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879.
Mumber: CVE-2022-21881
Github: https://github.com/theabysslabs/CVE-2022-21881
Describe:
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879.
GitHub
GitHub - theabysslabs/CVE-2022-21881: POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox
POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox - theabysslabs/CVE-2022-21881
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-29968
Github: https://github.com/jprx/CVE-2022-29968
Describe:
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.
Mumber: CVE-2022-29968
Github: https://github.com/jprx/CVE-2022-29968
Describe:
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.
GitHub
GitHub - jprx/CVE-2022-29968: Exploit PoC for CVE-2022-29968 by Joseph Ravichandran and Michael Wang
Exploit PoC for CVE-2022-29968 by Joseph Ravichandran and Michael Wang - jprx/CVE-2022-29968