CVE-2024-6387
A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().
Github link:
https://github.com/identity-threat-labs/CVE-2024-6387-Vulnerability-Checker
A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().
Github link:
https://github.com/identity-threat-labs/CVE-2024-6387-Vulnerability-Checker
GitHub
GitHub - identity-threat-labs/CVE-2024-6387-Vulnerability-Checker: This Python script checks for the CVE-2024-6387 vulnerability…
This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file. - ...
CVE-2019-15107
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
Github link:
https://github.com/NasrallahBaadi/CVE-2019-15107
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
Github link:
https://github.com/NasrallahBaadi/CVE-2019-15107
GitHub
GitHub - NasrallahBaadi/CVE-2019-15107: CVE-2019-15107 Webmin unauthenticated RCE
CVE-2019-15107 Webmin unauthenticated RCE. Contribute to NasrallahBaadi/CVE-2019-15107 development by creating an account on GitHub.
CVE-2024-1071
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Github link:
https://github.com/fa-rrel/CVE-2024-1071-SQL-Injection
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Github link:
https://github.com/fa-rrel/CVE-2024-1071-SQL-Injection
GitHub
GitHub - gh-ost00/CVE-2024-1071-SQL-Injection: Proof of concept : CVE-2024-1071: WordPress Vulnerability Exploited
Proof of concept : CVE-2024-1071: WordPress Vulnerability Exploited - gh-ost00/CVE-2024-1071-SQL-Injection
CVE-2023-38831
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Github link:
https://github.com/FirFirdaus/CVE-2023-38831
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Github link:
https://github.com/FirFirdaus/CVE-2023-38831
GitHub
GitHub - FirFirdaus/CVE-2023-38831: A POC demo on CVE-2023-38831
A POC demo on CVE-2023-38831. Contribute to FirFirdaus/CVE-2023-38831 development by creating an account on GitHub.
CVE-2024-0195
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.
Github link:
https://github.com/fa-rrel/CVE-2024-0195-SpiderFlow
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.
Github link:
https://github.com/fa-rrel/CVE-2024-0195-SpiderFlow
GitHub
GitHub - gh-ost00/CVE-2024-0195-SpiderFlow: CVE-2024-0195 Improper Control of Generation of Code ('Code Injection')
CVE-2024-0195 Improper Control of Generation of Code ('Code Injection') - gh-ost00/CVE-2024-0195-SpiderFlow
CVE-2023-29360
Microsoft Streaming Service Elevation of Privilege Vulnerability
Github link:
https://github.com/0xDivyanshu-new/CVE-2023-29360-
Microsoft Streaming Service Elevation of Privilege Vulnerability
Github link:
https://github.com/0xDivyanshu-new/CVE-2023-29360-
GitHub
GitHub - 0xDivyanshu-new/CVE-2023-29360-: POC for CVE-2023–29360
POC for CVE-2023–29360 . Contribute to 0xDivyanshu-new/CVE-2023-29360- development by creating an account on GitHub.
CVE-2024-24919
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-
GitHub
GitHub - AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-: 🔍 Just…
🔍 Just wrapped up an incident report on a Phishing Alert (Event ID 257, SOC282). Enhancing my expertise in email threat detection and response! 🚨 #Cybersecurity #SOCAnalyst #LetsDefend - AhmedManso...