CVE-2022-39299
Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to passport-saml version 3.2.2 or newer. The issue was also present in the beta releases of `node-saml` before version 4.0.0-beta.5. If you cannot upgrade, disabling SAML authentication may be done as a workaround.
Github link:
https://github.com/KaztoRay/CVE-2022-39299-Research
Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to passport-saml version 3.2.2 or newer. The issue was also present in the beta releases of `node-saml` before version 4.0.0-beta.5. If you cannot upgrade, disabling SAML authentication may be done as a workaround.
Github link:
https://github.com/KaztoRay/CVE-2022-39299-Research
GitHub
GitHub - KaztoRay/CVE-2022-39299-Research: CVE-2022-39299 취약점에 대한 Research 정리
CVE-2022-39299 취약점에 대한 Research 정리. Contribute to KaztoRay/CVE-2022-39299-Research development by creating an account on GitHub.
CVE-2020-11651
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
Github link:
https://github.com/Drew-Alleman/CVE-2020-11651
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
Github link:
https://github.com/Drew-Alleman/CVE-2020-11651
GitHub
GitHub - Drew-Alleman/CVE-2020-11651: A script that exploits SaltStack CVE-2020-11651 and CVE-2020-11652 to add new users to a…
A script that exploits SaltStack CVE-2020-11651 and CVE-2020-11652 to add new users to a vulnerable Salt master by injecting entries into /etc/passwd and /etc/shadow. - Drew-Alleman/CVE-2020-11651
CVE-2025-0011
None
Github link:
https://github.com/binarywarm/kentico-xperience13-AuthBypass-CVE-2025-0011
None
Github link:
https://github.com/binarywarm/kentico-xperience13-AuthBypass-CVE-2025-0011
GitHub
GitHub - binarywarm/kentico-xperience13-AuthBypass-CVE-2025-0011: CVE-2025-0011 (CVE not assigned yet)
CVE-2025-0011 (CVE not assigned yet). Contribute to binarywarm/kentico-xperience13-AuthBypass-CVE-2025-0011 development by creating an account on GitHub.
CVE-2024-36991
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows.
Github link:
https://github.com/jaytiwari05/CVE-2024-36991
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows.
Github link:
https://github.com/jaytiwari05/CVE-2024-36991
GitHub
GitHub - jaytiwari05/CVE-2024-36991: Critical Splunk Vulnerability CVE-2024-36991: Patch Now to Prevent Arbitrary File Reads
Critical Splunk Vulnerability CVE-2024-36991: Patch Now to Prevent Arbitrary File Reads - jaytiwari05/CVE-2024-36991
CVE-2023-34960
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
Github link:
https://github.com/mr-won/cve-2023-34960
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
Github link:
https://github.com/mr-won/cve-2023-34960
GitHub
GitHub - user20252228/cve-2023-34960: chamilo soap api rce (/webservices/additional_webservices.php)
chamilo soap api rce (/webservices/additional_webservices.php) - user20252228/cve-2023-34960
CVE-2022-26134
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Github link:
https://github.com/mr-won/cve-2022-26134
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Github link:
https://github.com/mr-won/cve-2022-26134
GitHub
GitHub - mr-won/cve-2022-26134: cve-2022-26134 atlassia Confluence Data Center2016 server OGNL %[...}
cve-2022-26134 atlassia Confluence Data Center2016 server OGNL %[...} - mr-won/cve-2022-26134