CVE-2023-38408
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Github link:
https://github.com/fazilbaig1/cve_2023_38408_scanner
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Github link:
https://github.com/fazilbaig1/cve_2023_38408_scanner
GitHub
GitHub - fazilbaig1/cve_2023_38408_scanner: Vulnerability Overview CVE-2023-38408 affects OpenSSH versions < 9.3p2 and stems from…
Vulnerability Overview CVE-2023-38408 affects OpenSSH versions < 9.3p2 and stems from improper validation of data when SSH agent forwarding is enabled. When users connect to a remote server ...
CVE-2020-35575
None
Github link:
https://github.com/dylvie/CVE-2020-35575-TP-LINK-TL-WR841ND-password-disclosure
None
Github link:
https://github.com/dylvie/CVE-2020-35575-TP-LINK-TL-WR841ND-password-disclosure
GitHub
GitHub - dylvie/CVE-2020-35575-TP-LINK-TL-WR841ND-password-disclosure: password-disclosure issue in the web interface on certain…
password-disclosure issue in the web interface on certain TP-Link devices - dylvie/CVE-2020-35575-TP-LINK-TL-WR841ND-password-disclosure
CVE-2021-23383
The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.
Github link:
https://github.com/fazilbaig1/CVE-2021-23383
The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.
Github link:
https://github.com/fazilbaig1/CVE-2021-23383
GitHub
GitHub - fazilbaig1/CVE-2021-23383: The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain…
The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. - fazilbaig1/CVE-2021-23383
CVE-2024-30088
Windows Kernel Elevation of Privilege Vulnerability
Github link:
https://github.com/l0n3m4n/CVE-2024-30088
Windows Kernel Elevation of Privilege Vulnerability
Github link:
https://github.com/l0n3m4n/CVE-2024-30088
GitHub
GitHub - l0n3m4n/CVE-2024-30088: Windows Kernel Elevation of Privilege
Windows Kernel Elevation of Privilege . Contribute to l0n3m4n/CVE-2024-30088 development by creating an account on GitHub.
CVE-2021-39433
A local file inclusion (LFI) vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured web-user.
Github link:
https://github.com/ibnurusdianto/CVE-2021-39433
A local file inclusion (LFI) vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured web-user.
Github link:
https://github.com/ibnurusdianto/CVE-2021-39433
GitHub
GitHub - ibnurusdianto/CVE-2021-39433: Kerentanan ini merupakan jenis Local File Inclusion (LFI) yang terdapat pada versi BIQS…
Kerentanan ini merupakan jenis Local File Inclusion (LFI) yang terdapat pada versi BIQS IT Biqs-drive v1.83 dan di bawahnya. Kerentanan ini dapat dieksploitasi dengan mengirimkan payload tertentu s...