CVE-2014-0195
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.
Github link:
https://github.com/PezwariNaan/CVE-2014-0195
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.
Github link:
https://github.com/PezwariNaan/CVE-2014-0195
GitHub
GitHub - PezwariNaan/CVE-2014-0195: Exploit for CVE-2014-0195
Exploit for CVE-2014-0195. Contribute to PezwariNaan/CVE-2014-0195 development by creating an account on GitHub.
CVE-2024-9926
None
Github link:
https://github.com/m3ssap0/wordpress-jetpack-broken-access-control-exploit
None
Github link:
https://github.com/m3ssap0/wordpress-jetpack-broken-access-control-exploit
GitHub
GitHub - m3ssap0/wordpress-jetpack-broken-access-control-exploit: Exploits Jetpack < 13.9.1 broken access control (CVE-2024-9926).
Exploits Jetpack < 13.9.1 broken access control (CVE-2024-9926). - m3ssap0/wordpress-jetpack-broken-access-control-exploit
CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
Github link:
https://github.com/radoslavatanasov1/CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
Github link:
https://github.com/radoslavatanasov1/CVE-2024-23113
CVE-2023-4220
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
Github link:
https://github.com/H4cking4All/CVE-2023-4220
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
Github link:
https://github.com/H4cking4All/CVE-2023-4220
GitHub
GitHub - H4cking4All/CVE-2023-4220: CVE-2023-4220 Chamilo Exploit
CVE-2023-4220 Chamilo Exploit. Contribute to H4cking4All/CVE-2023-4220 development by creating an account on GitHub.