CVE-2023-38831
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Github link:
https://github.com/FirFirdaus/CVE-2023-38831
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Github link:
https://github.com/FirFirdaus/CVE-2023-38831
GitHub
GitHub - FirFirdaus/CVE-2023-38831: A POC demo on CVE-2023-38831
A POC demo on CVE-2023-38831. Contribute to FirFirdaus/CVE-2023-38831 development by creating an account on GitHub.
CVE-2024-0195
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.
Github link:
https://github.com/fa-rrel/CVE-2024-0195-SpiderFlow
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.
Github link:
https://github.com/fa-rrel/CVE-2024-0195-SpiderFlow
GitHub
GitHub - gh-ost00/CVE-2024-0195-SpiderFlow: CVE-2024-0195 Improper Control of Generation of Code ('Code Injection')
CVE-2024-0195 Improper Control of Generation of Code ('Code Injection') - gh-ost00/CVE-2024-0195-SpiderFlow
CVE-2023-29360
Microsoft Streaming Service Elevation of Privilege Vulnerability
Github link:
https://github.com/0xDivyanshu-new/CVE-2023-29360-
Microsoft Streaming Service Elevation of Privilege Vulnerability
Github link:
https://github.com/0xDivyanshu-new/CVE-2023-29360-
GitHub
GitHub - 0xDivyanshu-new/CVE-2023-29360-: POC for CVE-2023–29360
POC for CVE-2023–29360 . Contribute to 0xDivyanshu-new/CVE-2023-29360- development by creating an account on GitHub.
CVE-2024-24919
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-
GitHub
GitHub - AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-: 🔍 Just…
🔍 Just wrapped up an incident report on a Phishing Alert (Event ID 257, SOC282). Enhancing my expertise in email threat detection and response! 🚨 #Cybersecurity #SOCAnalyst #LetsDefend - AhmedManso...
CVE-2024-21413
Microsoft Outlook Remote Code Execution Vulnerability
Github link:
https://github.com/ThemeHackers/CVE-2024-21413
Microsoft Outlook Remote Code Execution Vulnerability
Github link:
https://github.com/ThemeHackers/CVE-2024-21413
GitHub
GitHub - ThemeHackers/CVE-2024-21413: CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC
CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC - ThemeHackers/CVE-2024-21413
CVE-2020-24972
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL.
Github link:
https://github.com/SpiralBL0CK/CVE-2020-24972
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL.
Github link:
https://github.com/SpiralBL0CK/CVE-2020-24972
GitHub
GitHub - SpiralBL0CK/CVE-2020-24972: PoC for CVE-2020-24972
PoC for CVE-2020-24972. Contribute to SpiralBL0CK/CVE-2020-24972 development by creating an account on GitHub.
CVE-2023-45866
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Github link:
https://github.com/AvishekDhakal/CVE-2023-45866_EXPLOITS
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Github link:
https://github.com/AvishekDhakal/CVE-2023-45866_EXPLOITS
GitHub
GitHub - AvishekDhakal/CVE-2023-45866_EXPLOITS: Exploits Tested in Mi A2 Lite and Realme 2 pro
Exploits Tested in Mi A2 Lite and Realme 2 pro. Contribute to AvishekDhakal/CVE-2023-45866_EXPLOITS development by creating an account on GitHub.
CVE-2023-42115
Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-17434.
Github link:
https://github.com/isotaka134/cve-2023-42115
Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-17434.
Github link:
https://github.com/isotaka134/cve-2023-42115
GitHub
GitHub - isotaka134/cve-2023-42115: This module exploits a vulnerability in the target service identified as CVE-2023-42115.
This module exploits a vulnerability in the target service identified as CVE-2023-42115. - isotaka134/cve-2023-42115
CVE-2022-44268
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
Github link:
https://github.com/FlojBoj/CVE-2022-44268
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
Github link:
https://github.com/FlojBoj/CVE-2022-44268
GitHub
GitHub - FlojBoj/CVE-2022-44268: ImageMagick 7.1.0-49 vulnerable to Information Disclosure
ImageMagick 7.1.0-49 vulnerable to Information Disclosure - FlojBoj/CVE-2022-44268
CVE-2023-26136
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
Github link:
https://github.com/m-lito13/SealSecurity_Exam
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
Github link:
https://github.com/m-lito13/SealSecurity_Exam
GitHub
GitHub - m-lito13/SealSecurity_Exam: Fix prototype pollution vulnerability (CVE-2023-26136) for tough-cookie package
Fix prototype pollution vulnerability (CVE-2023-26136) for tough-cookie package - m-lito13/SealSecurity_Exam
CVE-2023-4220
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
Github link:
https://github.com/0x00-null/-Chamilo-CVE-2023-4220-RCE-Exploit
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
Github link:
https://github.com/0x00-null/-Chamilo-CVE-2023-4220-RCE-Exploit
GitHub
GitHub - 0x00-null/-Chamilo-CVE-2023-4220-RCE-Exploit: (CVE-2023-4220) Chamilo LMS Unauthenticated Big Upload File Remote Code…
(CVE-2023-4220) Chamilo LMS Unauthenticated Big Upload File Remote Code Execution - GitHub - 0x00-null/-Chamilo-CVE-2023-4220-RCE-Exploit: (CVE-2023-4220) Chamilo LMS Unauthenticated Big Upload Fi...
CVE-2023-26360
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/CuriousLearnerDev/ColdFusion_EXp
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/CuriousLearnerDev/ColdFusion_EXp
GitHub
GitHub - CuriousLearnerDev/ColdFusion_EXp: Adobe ColdFusion CVE-2023-26360/CVE-2023-29298 自动化实现反弹
Adobe ColdFusion CVE-2023-26360/CVE-2023-29298 自动化实现反弹 - CuriousLearnerDev/ColdFusion_EXp