👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-24086
Github: https://github.com/oK0mo/CVE-2022-24086-RCE-PoC
Describe:
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.
Mumber: CVE-2022-24086
Github: https://github.com/oK0mo/CVE-2022-24086-RCE-PoC
Describe:
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.
GitHub
GitHub - oK0mo/CVE-2022-24086-RCE-PoC: Verifed Proof of Concept on CVE-2022-24086
Verifed Proof of Concept on CVE-2022-24086. Contribute to oK0mo/CVE-2022-24086-RCE-PoC development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-31061
Github: https://github.com/Vu0r1/CVE-2022-31061
Describe:
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.
Mumber: CVE-2022-31061
Github: https://github.com/Vu0r1/CVE-2022-31061
Describe:
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.
GitHub
GitHub - Vu0r1-sec/CVE-2022-31061: PoC for GLPI CVE-2022-31061
PoC for GLPI CVE-2022-31061. Contribute to Vu0r1-sec/CVE-2022-31061 development by creating an account on GitHub.
** xray ** 🔧Tool update
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
GitHub
Update jellyfin-cve-2021-29490.yml (#1632) · chaitin/xray@a9ddda5
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档. Contribute to chaitin/xray development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-22620
Github: https://github.com/springsec/CVE-2022-22620
Describe:
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
Mumber: CVE-2022-22620
Github: https://github.com/springsec/CVE-2022-22620
Describe:
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
GitHub
GitHub - springsec/CVE-2022-22620: Webkit (Safari) - Exploit
Webkit (Safari) - Exploit. Contribute to springsec/CVE-2022-22620 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-1857
Github: https://github.com/frostb1ten/CVE-2022-1857
Describe:
Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page.
Mumber: CVE-2022-1857
Github: https://github.com/frostb1ten/CVE-2022-1857
Describe:
Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page.
** xray ** 🔧Tool update
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
GitHub
Update jellyfin-cve-2021-29490.yml (#1632) · chaitin/xray@a9ddda5
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档. Contribute to chaitin/xray development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-31101
Github: https://github.com/karthikuj/CVE-2022-31101
Describe:
prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue.
Mumber: CVE-2022-31101
Github: https://github.com/karthikuj/CVE-2022-31101
Describe:
prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue.
GitHub
GitHub - karthikuj/CVE-2022-31101: Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)
Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101) - karthikuj/CVE-2022-31101
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-21881
Github: https://github.com/theabysslabs/CVE-2022-21881
Describe:
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879.
Mumber: CVE-2022-21881
Github: https://github.com/theabysslabs/CVE-2022-21881
Describe:
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879.
GitHub
GitHub - theabysslabs/CVE-2022-21881: POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox
POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox - theabysslabs/CVE-2022-21881
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-29968
Github: https://github.com/jprx/CVE-2022-29968
Describe:
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.
Mumber: CVE-2022-29968
Github: https://github.com/jprx/CVE-2022-29968
Describe:
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.
GitHub
GitHub - jprx/CVE-2022-29968: Exploit PoC for CVE-2022-29968 by Joseph Ravichandran and Michael Wang
Exploit PoC for CVE-2022-29968 by Joseph Ravichandran and Michael Wang - jprx/CVE-2022-29968
** xray ** 🔧Tool update
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
GitHub
Update jellyfin-cve-2021-29490.yml (#1632) · chaitin/xray@a9ddda5
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档. Contribute to chaitin/xray development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-33980
Github: https://github.com/HKirito/CVE-2022-33980
Describe:
Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the interpolation. Starting with version 2.4 and continuing through 2.7, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Configuration 2.8.0, which disables the problematic interpolators by default.
Mumber: CVE-2022-33980
Github: https://github.com/HKirito/CVE-2022-33980
Describe:
Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the interpolation. Starting with version 2.4 and continuing through 2.7, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Configuration 2.8.0, which disables the problematic interpolators by default.
GitHub
GitHub - HKirito/CVE-2022-33980: CVE
CVE. Contribute to HKirito/CVE-2022-33980 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-1421
Github: https://github.com/nb1b3k/CVE-2022-1421
Describe:
The Discy WordPress theme before 5.2 lacks CSRF checks in some AJAX actions, allowing an attacker to make a logged in admin change arbitrary 's settings including payment methods via a CSRF attack
Mumber: CVE-2022-1421
Github: https://github.com/nb1b3k/CVE-2022-1421
Describe:
The Discy WordPress theme before 5.2 lacks CSRF checks in some AJAX actions, allowing an attacker to make a logged in admin change arbitrary 's settings including payment methods via a CSRF attack
GitHub
GitHub - nb1b3k/CVE-2022-1421
Contribute to nb1b3k/CVE-2022-1421 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-1040
Github: https://github.com/APTIRAN/CVE-2022-1040
Describe:
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
Mumber: CVE-2022-1040
Github: https://github.com/APTIRAN/CVE-2022-1040
Describe:
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
GitHub
GitHub - APTIRAN/CVE-2022-1040: This vulnerability allows an attacker to gain unauthorized access to the firewall management space…
This vulnerability allows an attacker to gain unauthorized access to the firewall management space by bypassing authentication - GitHub - APTIRAN/CVE-2022-1040: This vulnerability allows an attacke...
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-20866
Github: https://github.com/CiscoPSIRT/CVE-2022-20866
Describe:
**
Mumber: CVE-2022-20866
Github: https://github.com/CiscoPSIRT/CVE-2022-20866
Describe:
**
GitHub
GitHub - CiscoPSIRT/CVE-2022-20866: RSA Key Checker for CVE-2022-20866
RSA Key Checker for CVE-2022-20866. Contribute to CiscoPSIRT/CVE-2022-20866 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-21894
Github: https://github.com/Wack0/CVE-2022-21894
Describe:
Secure Boot Security Feature Bypass Vulnerability.
Mumber: CVE-2022-21894
Github: https://github.com/Wack0/CVE-2022-21894
Describe:
Secure Boot Security Feature Bypass Vulnerability.
GitHub
GitHub - Wack0/CVE-2022-21894: baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability - Wack0/CVE-2022-21894
** Behinder ** 🔧Tool update
Tools name:Behinder
Tools url:https://github.com/rebeyond/Behinder/releases/tag/Behinder_v4.0.3
Update log:
### 2022.7.31 v4.0.3 更新日志
1.修复了自定义传输协议修改之后需要重启才能生效的问题;
2.修复了因loadAgent参数过长导致Agent型内存马注入失败的问题;
3.修复了在某些场景下会提示无法找到JDK环境的问题;
4.Agent内存马注入类名随机化;
5.优化了在某些自定义web容器下的兼容性;
6.其他一些优化;
Tools name:Behinder
Tools url:https://github.com/rebeyond/Behinder/releases/tag/Behinder_v4.0.3
Update log:
### 2022.7.31 v4.0.3 更新日志
1.修复了自定义传输协议修改之后需要重启才能生效的问题;
2.修复了因loadAgent参数过长导致Agent型内存马注入失败的问题;
3.修复了在某些场景下会提示无法找到JDK环境的问题;
4.Agent内存马注入类名随机化;
5.优化了在某些自定义web容器下的兼容性;
6.其他一些优化;
GitHub
Release Behinder_v4.0.4 · rebeyond/Behinder
2022.8.16 v4.0.4 更新日志
内置tools.jar,不再依赖外部tools.jar;
新增aes_with_magic传输协议;
其他一些优化;
内置tools.jar,不再依赖外部tools.jar;
新增aes_with_magic传输协议;
其他一些优化;
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-36446
Github: https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
Describe:
software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
Mumber: CVE-2022-36446
Github: https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
Describe:
software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
GitHub
GitHub - p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE: A Python script to exploit CVE-2022-36446 Software Package…
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997. - p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-24654
Github: https://github.com/leonardobg/CVE-2022-24654
Describe:
**
Mumber: CVE-2022-24654
Github: https://github.com/leonardobg/CVE-2022-24654
Describe:
**
GitHub
GitHub - leonardobg/CVE-2022-24654: PoC for CVE-2022-24654
PoC for CVE-2022-24654. Contribute to leonardobg/CVE-2022-24654 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-31262
Github: https://github.com/secure-77/CVE-2022-31262
Describe:
**
Mumber: CVE-2022-31262
Github: https://github.com/secure-77/CVE-2022-31262
Describe:
**
GitHub
GitHub - secure-77/CVE-2022-31262: GOG Galaxy LPE Exploit
GOG Galaxy LPE Exploit. Contribute to secure-77/CVE-2022-31262 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-24853
Github: https://github.com/secure-77/CVE-2022-24853
Describe:
Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result in file access on windows, which allows enabling an `NTLM relay attack`, potentially allowing an attacker to receive the system password hash. If you use Windows and are on this version of Metabase, please upgrade immediately. The following patches (or greater versions) are available: 0.42.4 and 1.42.4, 0.41.7 and 1.41.7, 0.40.8 and 1.40.8.
Mumber: CVE-2022-24853
Github: https://github.com/secure-77/CVE-2022-24853
Describe:
Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result in file access on windows, which allows enabling an `NTLM relay attack`, potentially allowing an attacker to receive the system password hash. If you use Windows and are on this version of Metabase, please upgrade immediately. The following patches (or greater versions) are available: 0.42.4 and 1.42.4, 0.41.7 and 1.41.7, 0.40.8 and 1.40.8.
GitHub
GitHub - secure-77/CVE-2022-24853: Metabase NTLM Attack
Metabase NTLM Attack . Contribute to secure-77/CVE-2022-24853 development by creating an account on GitHub.