CVE-2019-8451.zip
1.6 KB
CVE-2019-8451
Author: b0ul1
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.
GitHub Link:
https://github.com/b0ul1/CVE-2019-8451
Author: b0ul1
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.
GitHub Link:
https://github.com/b0ul1/CVE-2019-8451
CVE-2023-36845.zip
4.1 KB
CVE-2023-36845
Author: kopfjager007
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series
and SRX Series
allows an unauthenticated, network-based attacker to control certain, important environments variables.
Utilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on SRX Series:
All versions prior to 21.4R3-S5;
22.1 versions
prior to
22.1R3-S4;
22.2 versions
prior to
22.2R3-S2;
22.3 versions
prior to
22.3R2-S2, 22.3R3-S1;
22.4 versions
prior to
22.4R2-S1, 22.4R3;
23.2 versions prior to 23.2R1-S1, 23.2R2.
GitHub Link:
https://github.com/kopfjager007/CVE-2023-36845
Author: kopfjager007
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series
and SRX Series
allows an unauthenticated, network-based attacker to control certain, important environments variables.
Utilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on SRX Series:
All versions prior to 21.4R3-S5;
22.1 versions
prior to
22.1R3-S4;
22.2 versions
prior to
22.2R3-S2;
22.3 versions
prior to
22.3R2-S2, 22.3R3-S1;
22.4 versions
prior to
22.4R2-S1, 22.4R3;
23.2 versions prior to 23.2R1-S1, 23.2R2.
GitHub Link:
https://github.com/kopfjager007/CVE-2023-36845
CVE-2018-12533.zip
11.4 KB
CVE-2018-12533
Author: LucasKatashi
JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.
GitHub Link:
https://github.com/LucasKatashi/paint2die
Author: LucasKatashi
JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.
GitHub Link:
https://github.com/LucasKatashi/paint2die
CVE-2024-29943.zip
1.2 MB
CVE-2024-29943
Author: seadragnol
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox < 124.0.1.
GitHub Link:
https://github.com/seadragnol/CVE-2024-29943
Author: seadragnol
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox < 124.0.1.
GitHub Link:
https://github.com/seadragnol/CVE-2024-29943
CVE-2022-37969.zip
3.7 MB
CVE-2022-37969
Author: EmilC3978
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35803.
GitHub Link:
https://github.com/EmilC3978/CVE-2022-37969PoC
Author: EmilC3978
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35803.
GitHub Link:
https://github.com/EmilC3978/CVE-2022-37969PoC
CVE-2024-6387.zip
3.9 MB
CVE-2024-6387
Author: arielrbrdev
A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().
GitHub Link:
https://github.com/arielrbrdev/redteamlab1
Author: arielrbrdev
A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().
GitHub Link:
https://github.com/arielrbrdev/redteamlab1