👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-1040
Github: https://github.com/APTIRAN/CVE-2022-1040
Describe:
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
Mumber: CVE-2022-1040
Github: https://github.com/APTIRAN/CVE-2022-1040
Describe:
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
GitHub
GitHub - APTIRAN/CVE-2022-1040: This vulnerability allows an attacker to gain unauthorized access to the firewall management space…
This vulnerability allows an attacker to gain unauthorized access to the firewall management space by bypassing authentication - GitHub - APTIRAN/CVE-2022-1040: This vulnerability allows an attacke...
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-20866
Github: https://github.com/CiscoPSIRT/CVE-2022-20866
Describe:
**
Mumber: CVE-2022-20866
Github: https://github.com/CiscoPSIRT/CVE-2022-20866
Describe:
**
GitHub
GitHub - CiscoPSIRT/CVE-2022-20866: RSA Key Checker for CVE-2022-20866
RSA Key Checker for CVE-2022-20866. Contribute to CiscoPSIRT/CVE-2022-20866 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-21894
Github: https://github.com/Wack0/CVE-2022-21894
Describe:
Secure Boot Security Feature Bypass Vulnerability.
Mumber: CVE-2022-21894
Github: https://github.com/Wack0/CVE-2022-21894
Describe:
Secure Boot Security Feature Bypass Vulnerability.
GitHub
GitHub - Wack0/CVE-2022-21894: baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability - Wack0/CVE-2022-21894
** Behinder ** 🔧Tool update
Tools name:Behinder
Tools url:https://github.com/rebeyond/Behinder/releases/tag/Behinder_v4.0.3
Update log:
### 2022.7.31 v4.0.3 更新日志
1.修复了自定义传输协议修改之后需要重启才能生效的问题;
2.修复了因loadAgent参数过长导致Agent型内存马注入失败的问题;
3.修复了在某些场景下会提示无法找到JDK环境的问题;
4.Agent内存马注入类名随机化;
5.优化了在某些自定义web容器下的兼容性;
6.其他一些优化;
Tools name:Behinder
Tools url:https://github.com/rebeyond/Behinder/releases/tag/Behinder_v4.0.3
Update log:
### 2022.7.31 v4.0.3 更新日志
1.修复了自定义传输协议修改之后需要重启才能生效的问题;
2.修复了因loadAgent参数过长导致Agent型内存马注入失败的问题;
3.修复了在某些场景下会提示无法找到JDK环境的问题;
4.Agent内存马注入类名随机化;
5.优化了在某些自定义web容器下的兼容性;
6.其他一些优化;
GitHub
Release Behinder_v4.0.4 · rebeyond/Behinder
2022.8.16 v4.0.4 更新日志
内置tools.jar,不再依赖外部tools.jar;
新增aes_with_magic传输协议;
其他一些优化;
内置tools.jar,不再依赖外部tools.jar;
新增aes_with_magic传输协议;
其他一些优化;
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-36446
Github: https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
Describe:
software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
Mumber: CVE-2022-36446
Github: https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
Describe:
software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
GitHub
GitHub - p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE: A Python script to exploit CVE-2022-36446 Software Package…
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997. - p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-24654
Github: https://github.com/leonardobg/CVE-2022-24654
Describe:
**
Mumber: CVE-2022-24654
Github: https://github.com/leonardobg/CVE-2022-24654
Describe:
**
GitHub
GitHub - leonardobg/CVE-2022-24654: PoC for CVE-2022-24654
PoC for CVE-2022-24654. Contribute to leonardobg/CVE-2022-24654 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-31262
Github: https://github.com/secure-77/CVE-2022-31262
Describe:
**
Mumber: CVE-2022-31262
Github: https://github.com/secure-77/CVE-2022-31262
Describe:
**
GitHub
GitHub - secure-77/CVE-2022-31262: GOG Galaxy LPE Exploit
GOG Galaxy LPE Exploit. Contribute to secure-77/CVE-2022-31262 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-24853
Github: https://github.com/secure-77/CVE-2022-24853
Describe:
Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result in file access on windows, which allows enabling an `NTLM relay attack`, potentially allowing an attacker to receive the system password hash. If you use Windows and are on this version of Metabase, please upgrade immediately. The following patches (or greater versions) are available: 0.42.4 and 1.42.4, 0.41.7 and 1.41.7, 0.40.8 and 1.40.8.
Mumber: CVE-2022-24853
Github: https://github.com/secure-77/CVE-2022-24853
Describe:
Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result in file access on windows, which allows enabling an `NTLM relay attack`, potentially allowing an attacker to receive the system password hash. If you use Windows and are on this version of Metabase, please upgrade immediately. The following patches (or greater versions) are available: 0.42.4 and 1.42.4, 0.41.7 and 1.41.7, 0.40.8 and 1.40.8.
GitHub
GitHub - secure-77/CVE-2022-24853: Metabase NTLM Attack
Metabase NTLM Attack . Contribute to secure-77/CVE-2022-24853 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-27925
Github: https://github.com/vnhacker1337/CVE-2022-27925-PoC
Describe:
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.
Mumber: CVE-2022-27925
Github: https://github.com/vnhacker1337/CVE-2022-27925-PoC
Describe:
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.
GitHub
GitHub - vnhacker1337/CVE-2022-27925-PoC: Zimbra RCE simple poc
Zimbra RCE simple poc. Contribute to vnhacker1337/CVE-2022-27925-PoC development by creating an account on GitHub.
👍1
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-27255
Github: https://github.com/infobyte/cve-2022-27255
Describe:
In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.
Mumber: CVE-2022-27255
Github: https://github.com/infobyte/cve-2022-27255
Describe:
In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.
GitHub
GitHub - infobyte/cve-2022-27255
Contribute to infobyte/cve-2022-27255 development by creating an account on GitHub.
** antSword ** 🔧Tool update
Tools name:antSword
Tools url:https://github.com/AntSwordProject/antSword/commit/ed79c67eb02a5fe7f00e91f0cd14fd639a2ffaa5
commitUpdate log:
Fix #318
Tools name:antSword
Tools url:https://github.com/AntSwordProject/antSword/commit/ed79c67eb02a5fe7f00e91f0cd14fd639a2ffaa5
commitUpdate log:
Fix #318
GitHub
Fix #318 · AntSwordProject/antSword@ed79c67
中国蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit. - Fix #318 · AntSwordProject/antSword@ed79c67
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-31269
Github: https://github.com/Henry4E36/CVE-2022-31269
Describe:
**
Mumber: CVE-2022-31269
Github: https://github.com/Henry4E36/CVE-2022-31269
Describe:
**
GitHub
GitHub - Henry4E36/CVE-2022-31269: Nortek Control Linear eMerge E3-Series 信息泄露
Nortek Control Linear eMerge E3-Series 信息泄露. Contribute to Henry4E36/CVE-2022-31269 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-34169
Github: https://github.com/bor8/CVE-2022-34169
Describe:
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
Mumber: CVE-2022-34169
Github: https://github.com/bor8/CVE-2022-34169
Describe:
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
GitHub
GitHub - bor8/CVE-2022-34169: https://nvd.nist.gov/vuln/detail/CVE-2022-34169
https://nvd.nist.gov/vuln/detail/CVE-2022-34169. Contribute to bor8/CVE-2022-34169 development by creating an account on GitHub.
🤩2
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-36162
Github: https://github.com/MaherAzzouzi/CVE-2022-36162
Describe:
**
Mumber: CVE-2022-36162
Github: https://github.com/MaherAzzouzi/CVE-2022-36162
Describe:
**
GitHub
GitHub - MaherAzzouzi/CVE-2022-36162
Contribute to MaherAzzouzi/CVE-2022-36162 development by creating an account on GitHub.
** fscan ** 🔧Tool update
Tools name:fscan
Tools url:https://github.com/shadow1ng/fscan/commit/98569648bb33d5b98783e7bddb9193eb5565d255
commitUpdate log:
增加-dns参数启用dnslog poc
Tools name:fscan
Tools url:https://github.com/shadow1ng/fscan/commit/98569648bb33d5b98783e7bddb9193eb5565d255
commitUpdate log:
增加-dns参数启用dnslog poc
GitHub
增加-dns参数启用dnslog poc · shadow1ng/fscan@9856964
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。. Contribute to shadow1ng/fscan development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-21789
Github: https://github.com/docfate111/CVE-2022-21789
Describe:
In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478101; Issue ID: ALPS06478101.
Mumber: CVE-2022-21789
Github: https://github.com/docfate111/CVE-2022-21789
Describe:
In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478101; Issue ID: ALPS06478101.
GitHub
GitHub - docfate111/CVE-2022-21789
Contribute to docfate111/CVE-2022-21789 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-20224
Github: https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224
Describe:
In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220732646
Mumber: CVE-2022-20224
Github: https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224
Describe:
In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220732646
GitHub
GitHub - ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224
Contribute to ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-20229
Github: https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229
Describe:
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184
Mumber: CVE-2022-20229
Github: https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229
Describe:
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184
GitHub
GitHub - ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229
Contribute to ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229 development by creating an account on GitHub.