CVE-2024-3400
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
Fixes for PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 are in development and are expected to be released by April 14, 2024. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. All other versions of PAN-OS are also not impacted.
Github link:
https://github.com/XiaomingX/CVE-2024-3400-poc
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
Fixes for PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 are in development and are expected to be released by April 14, 2024. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. All other versions of PAN-OS are also not impacted.
Github link:
https://github.com/XiaomingX/CVE-2024-3400-poc
GitHub
GitHub - XiaomingX/CVE-2024-3400-poc: CVE-2024-3400的攻击脚本
CVE-2024-3400的攻击脚本. Contribute to XiaomingX/CVE-2024-3400-poc development by creating an account on GitHub.
CVE-2024-42845
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.
Github link:
https://github.com/theexploiters/CVE-2024-42845-Exploit
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.
Github link:
https://github.com/theexploiters/CVE-2024-42845-Exploit
GitHub
GitHub - theexploiters/CVE-2024-42845-Exploit: Exploit For: CVE-2024-42845: Remote Code Execution (RCE) in Invesalius 3.1
Exploit For: CVE-2024-42845: Remote Code Execution (RCE) in Invesalius 3.1 - theexploiters/CVE-2024-42845-Exploit
CVE-2023-3824
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
Github link:
https://github.com/bluefish3r/poc-cve
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
Github link:
https://github.com/bluefish3r/poc-cve
GitHub
GitHub - bluefish3r/poc-cve: poc-cve-2023-3824
poc-cve-2023-3824. Contribute to bluefish3r/poc-cve development by creating an account on GitHub.
CVE-2019-17240
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
Github link:
https://github.com/0xDTC/Bludit-3.9.2-Auth-Bruteforce-Bypass-CVE-2019-17240
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
Github link:
https://github.com/0xDTC/Bludit-3.9.2-Auth-Bruteforce-Bypass-CVE-2019-17240
GitHub
GitHub - 0xDTC/Bludit-3.9.2-Auth-Bruteforce-Bypass-CVE-2019-17240: Bludit 3.9.2 - Auth Bruteforce Bypass CVE:2019-17240 Refurbish…
Bludit 3.9.2 - Auth Bruteforce Bypass CVE:2019-17240 Refurbish In bash - 0xDTC/Bludit-3.9.2-Auth-Bruteforce-Bypass-CVE-2019-17240
CVE-2024-21338
Windows Kernel Elevation of Privilege Vulnerability
Github link:
https://github.com/hackyboiz/kcfg-bypass
Windows Kernel Elevation of Privilege Vulnerability
Github link:
https://github.com/hackyboiz/kcfg-bypass
GitHub
GitHub - hackyboiz/kcfg-bypass: kcfg bypass example - CVE-2024-21338
kcfg bypass example - CVE-2024-21338. Contribute to hackyboiz/kcfg-bypass development by creating an account on GitHub.