Updated by KhulnaSoft [BOT] 🤖

khulnasoft-lab · Sep 9, 2024 · 0be7d38 · 0be7d38
1 parent 37136fc
commit 0be7d38
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/db/cve.sqlite b/db/cve.sqlite
diff --git a/docs/README.md b/docs/README.md
@@ -2,7 +2,7 @@
 
 > Automatic monitor github cve using Github Actions
 
-Last generated: 2024-09-08 02:15:00.427826
+Last generated: 2024-09-09 02:13:08.551992
 
 | CVE | Name | Description | Date |
 |---|---|---|---|
@@ -240,6 +240,7 @@ Last generated: 2024-09-08 02:15:00.427826
 | [CVE-2024-43044](https://www.cve.org/CVERecord?id=CVE-2024-43044) | [v9d0g/CVE-2024-43044-POC](https://github.com/v9d0g/CVE-2024-43044-POC) | CVE-2024-43044的利用方式 | 2024-08-13T07:32:35Z |
 | [CVE-2024-4295](https://www.cve.org/CVERecord?id=CVE-2024-4295) | [truonghuuphuc/CVE-2024-4295-Poc](https://github.com/truonghuuphuc/CVE-2024-4295-Poc) | CVE-2024-4295 Email Subscribers by Icegram Express &lt;= 5.7.20 - Unauthenticated SQL Injection via hash | 2024-06-05T09:29:20Z |
 | [CVE-2024-4295](https://www.cve.org/CVERecord?id=CVE-2024-4295) | [cve-2024/CVE-2024-4295-Poc](https://github.com/cve-2024/CVE-2024-4295-Poc) | no description | 2024-06-14T07:04:36Z |
+| [CVE-2024-42758](https://www.cve.org/CVERecord?id=CVE-2024-42758) | [1s1ldur/CVE-2024-42758](https://github.com/1s1ldur/CVE-2024-42758) | CVE-2024-42758 - Dokuwiki (indexmenu plugin) - XSS Vulnerability | 2024-08-15T13:59:50Z |
 | [CVE-2024-42461](https://www.cve.org/CVERecord?id=CVE-2024-42461) | [fevar54/CVE-2024-42461](https://github.com/fevar54/CVE-2024-42461) | Se han identificado problemas en la verificación de firmas ECDSA y EDDSA en el proyecto Wycheproof. Las comprobaciones ausentes durante la etapa de decodificación de firmas permiten agregar o eliminar bytes cero, lo que afecta la capacidad de envío de correos. | 2024-08-06T21:56:15Z |
 | [CVE-2024-4232](https://www.cve.org/CVERecord?id=CVE-2024-4232) | [Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232](https://github.com/Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232) | no description | 2024-06-18T11:05:06Z |
 | [CVE-2024-4232](https://www.cve.org/CVERecord?id=CVE-2024-4232) | [Redfox-Secuirty/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232](https://github.com/Redfox-Secuirty/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232) | no description | 2024-07-04T06:30:19Z |
@@ -328,6 +329,8 @@ Last generated: 2024-09-08 02:15:00.427826
 | [CVE-2024-38077](https://www.cve.org/CVERecord?id=CVE-2024-38077) | [lworld0x00/CVE-2024-38077-notes](https://github.com/lworld0x00/CVE-2024-38077-notes) | no description | 2024-08-10T06:31:04Z |
 | [CVE-2024-38077](https://www.cve.org/CVERecord?id=CVE-2024-38077) | [psl-b/CVE-2024-38077-check](https://github.com/psl-b/CVE-2024-38077-check) | no description | 2024-08-09T22:01:46Z |
 | [CVE-2024-38077](https://www.cve.org/CVERecord?id=CVE-2024-38077) | [qi4L/CVE-2024-38077](https://github.com/qi4L/CVE-2024-38077) | RDL的堆溢出导致的RCE | 2024-08-09T05:00:44Z |
+| [CVE-2024-38077](https://www.cve.org/CVERecord?id=CVE-2024-38077) | [BBD-YZZ/fyne-gui](https://github.com/BBD-YZZ/fyne-gui) | CVE-2024-38077,仅支持扫描测试~ | 2024-08-15T07:14:00Z |
+| [CVE-2024-38063](https://www.cve.org/CVERecord?id=CVE-2024-38063) | [diegoalbuquerque/CVE-2024-38063](https://github.com/diegoalbuquerque/CVE-2024-38063) | mitigation script by disabling ipv6 of all interfaces | 2024-08-15T12:41:01Z |
 | [CVE-2024-3806](https://www.cve.org/CVERecord?id=CVE-2024-3806) | [truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc](https://github.com/truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc) | CVE-2024-3806: Porto &lt;= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts CVE-2024-3807: Porto &lt;= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta | 2024-05-10T16:13:07Z |
 | [CVE-2024-38041](https://www.cve.org/CVERecord?id=CVE-2024-38041) | [varwara/CVE-2024-38041](https://github.com/varwara/CVE-2024-38041) | Kernel pointers copied to output user mode buffer with ioctl 0x22A014 in the appid.sys driver. | 2024-07-21T02:29:18Z |
 | [CVE-2024-37889](https://www.cve.org/CVERecord?id=CVE-2024-37889) | [uname-s/CVE-2024-37889](https://github.com/uname-s/CVE-2024-37889) | no description | 2024-06-17T04:50:00Z |
@@ -921,6 +924,7 @@ Last generated: 2024-09-08 02:15:00.427826
 | [CVE-2024-26229](https://www.cve.org/CVERecord?id=CVE-2024-26229) | [team-MineDEV/CVE-2024-26229](https://github.com/team-MineDEV/CVE-2024-26229) | Windows CSC服务特权提升漏洞。  当程序向缓冲区写入的数据超出其处理能力时，就会发生基于堆的缓冲区溢出，从而导致多余的数据溢出到相邻的内存区域。这种溢出会损坏内存，并可能使攻击者能够执行任意代码或未经授权访问系统。本质上，攻击者可以编写触发溢出的恶意代码或输入，从而控制受影响的系统、执行任意命令、安装恶意软件或访问敏感数据。  微软已发出警告成功利用此漏洞的攻击者可以获得 SYSTEM 权限，这是 Windows 系统上的最高访问级别。这增加了与 CVE-2024-26229 相关的风险，使其成为恶意行为者的主要目标。 | 2024-06-16T05:06:31Z |
 | [CVE-2024-26229](https://www.cve.org/CVERecord?id=CVE-2024-26229) | [apkc/CVE-2024-26229-BOF](https://github.com/apkc/CVE-2024-26229-BOF) | BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel | 2024-06-13T11:57:50Z |
 | [CVE-2024-26229](https://www.cve.org/CVERecord?id=CVE-2024-26229) | [varwara/CVE-2024-26229](https://github.com/varwara/CVE-2024-26229) | CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code | 2024-06-10T17:02:03Z |
+| [CVE-2024-26229](https://www.cve.org/CVERecord?id=CVE-2024-26229) | [Cracked5pider/eop24-26229](https://github.com/Cracked5pider/eop24-26229) | A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a  unprivileged user | 2024-08-04T17:40:51Z |
 | [CVE-2024-26218](https://www.cve.org/CVERecord?id=CVE-2024-26218) | [exploits-forsale/CVE-2024-26218](https://github.com/exploits-forsale/CVE-2024-26218) | Proof-of-Concept for CVE-2024-26218 | 2024-04-26T16:41:04Z |
 | [CVE-2024-26144](https://www.cve.org/CVERecord?id=CVE-2024-26144) | [gmo-ierae/CVE-2024-26144-test](https://github.com/gmo-ierae/CVE-2024-26144-test) | no description | 2024-05-24T07:26:40Z |
 | [CVE-2024-26026](https://www.cve.org/CVERecord?id=CVE-2024-26026) | [passwa11/CVE-2024-26026](https://github.com/passwa11/CVE-2024-26026) | CVE-2024-26026: BIG-IP Next Central Manager API UNAUTHENTICATED SQL INJECTION | 2024-05-09T03:14:14Z |
@@ -1195,6 +1199,7 @@ Last generated: 2024-09-08 02:15:00.427826
 | [CVE-2024-22145](https://www.cve.org/CVERecord?id=CVE-2024-22145) | [RandomRobbieBF/CVE-2024-22145](https://github.com/RandomRobbieBF/CVE-2024-22145) | InstaWP Connect &lt;= 0.1.0.8 - Missing Authorization to Arbitrary Options Update (Subscriber+) | 2024-01-17T20:56:21Z |
 | [CVE-2024-22120](https://www.cve.org/CVERecord?id=CVE-2024-22120) | [W01fh4cker/CVE-2024-22120-RCE](https://github.com/W01fh4cker/CVE-2024-22120-RCE) | Time Based SQL Injection in Zabbix Server Audit Log --&gt; RCE | 2024-05-20T03:29:09Z |
 | [CVE-2024-22120](https://www.cve.org/CVERecord?id=CVE-2024-22120) | [isPique/CVE-2024-22120-RCE-with-gopher](https://github.com/isPique/CVE-2024-22120-RCE-with-gopher) | This is my exploit for CVE-2024-22120, which involves an SSRF vulnerability inside an XXE with a Gopher payload. | 2024-08-13T14:51:44Z |
+| [CVE-2024-22120](https://www.cve.org/CVERecord?id=CVE-2024-22120) | [g4nkd/CVE-2024-22120-RCE-with-gopher](https://github.com/g4nkd/CVE-2024-22120-RCE-with-gopher) | This exploit was created to exploit an XXE (XML External Entity). Through it, I read the backend code of the web service and found an endpoint where I could use gopher to make internal requests on Zabbix vulnerable to RCE. | 2024-08-14T15:55:33Z |
 | [CVE-2024-22026](https://www.cve.org/CVERecord?id=CVE-2024-22026) | [securekomodo/CVE-2024-22026](https://github.com/securekomodo/CVE-2024-22026) | Exploit POC for CVE-2024-22026 affecting Ivanti EPMM &quot;MobileIron Core&quot; | 2024-05-15T11:20:45Z |
 | [CVE-2024-22024](https://www.cve.org/CVERecord?id=CVE-2024-22024) | [0dteam/CVE-2024-22024](https://github.com/0dteam/CVE-2024-22024) | Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure | 2024-02-09T14:31:56Z |
 | [CVE-2024-22002](https://www.cve.org/CVERecord?id=CVE-2024-22002) | [0xkickit/iCUE_DllHijack_LPE-CVE-2024-22002](https://github.com/0xkickit/iCUE_DllHijack_LPE-CVE-2024-22002) | no description | 2024-01-02T18:49:21Z |
@@ -1948,6 +1953,7 @@ Last generated: 2024-09-08 02:15:00.427826
 | [CVE-2023-43261](https://www.cve.org/CVERecord?id=CVE-2023-43261) | [nomis/eero-zero-length-ipv6-options-header-dos](https://github.com/nomis/eero-zero-length-ipv6-options-header-dos) | eeroOS Ethernet Interface Denial of Service Vulnerability (CVE-2023-5324) | 2023-09-30T20:32:51Z |
 | [CVE-2023-43208](https://www.cve.org/CVERecord?id=CVE-2023-43208) | [K3ysTr0K3R/CVE-2023-43208-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2023-43208-EXPLOIT) | A PoC exploit for CVE-2023-43208 - Mirth Connect Remote Code Execution (RCE) | 2024-03-15T12:03:51Z |
 | [CVE-2023-43208](https://www.cve.org/CVERecord?id=CVE-2023-43208) | [jakabakos/CVE-2023-43208-mirth-connect-rce-poc](https://github.com/jakabakos/CVE-2023-43208-mirth-connect-rce-poc) | no description | 2024-03-17T08:44:14Z |
+| [CVE-2023-43208](https://www.cve.org/CVERecord?id=CVE-2023-43208) | [J4F9S5D2Q7/CVE-2023-43208-MIRTHCONNECT](https://github.com/J4F9S5D2Q7/CVE-2023-43208-MIRTHCONNECT) | no description | 2024-06-09T22:25:22Z |
 | [CVE-2023-43177](https://www.cve.org/CVERecord?id=CVE-2023-43177) | [the-emmons/CVE-2023-43177](https://github.com/the-emmons/CVE-2023-43177) | CrushFTP &lt;= 10.5.1 Remote Code Execution. Researchers: Ryan Emmons, Evan Malamis | 2023-12-27T00:06:20Z |
 | [CVE-2023-43154](https://www.cve.org/CVERecord?id=CVE-2023-43154) | [ally-petitt/CVE-2023-43154-PoC](https://github.com/ally-petitt/CVE-2023-43154-PoC) | PoC for the type confusion vulnerability in Mac&#x27;s CMS that results in authentication bypass and administrator account takeover. | 2023-09-09T00:21:58Z |
 | [CVE-2023-43149](https://www.cve.org/CVERecord?id=CVE-2023-43149) | [MinoTauro2020/CVE-2023-43149](https://github.com/MinoTauro2020/CVE-2023-43149) | CVE-2023-43149 | 2023-10-12T16:11:39Z |
@@ -2574,6 +2580,7 @@ Last generated: 2024-09-08 02:15:00.427826
 | [CVE-2023-33242](https://www.cve.org/CVERecord?id=CVE-2023-33242) | [d0rb/CVE-2023-33242](https://github.com/d0rb/CVE-2023-33242) | CVE-2023-33242  PoC | 2023-08-15T13:46:48Z |
 | [CVE-2023-33137](https://www.cve.org/CVERecord?id=CVE-2023-33137) | [JaqueMalman/CVE-2023-33137](https://github.com/JaqueMalman/CVE-2023-33137) | Tentando desesperadamente simular uma cve para o trabalho da disciplina de segurança da pós. | 2024-01-06T22:40:19Z |
 | [CVE-2023-33137](https://www.cve.org/CVERecord?id=CVE-2023-33137) | [ayhan-dev/CVE-LIST](https://github.com/ayhan-dev/CVE-LIST) | list CVE - 2023 | 2023-11-28T06:54:25Z |
+| [CVE-2023-33105](https://www.cve.org/CVERecord?id=CVE-2023-33105) | [D3adP3nguin/CVE-2023-33105-Transient-DOS-in-WLAN-Host-and-Firmware](https://github.com/D3adP3nguin/CVE-2023-33105-Transient-DOS-in-WLAN-Host-and-Firmware) | This repository contains the exploit code for CVE-2023-33105, a vulnerability identified in Qualcomm devices. The exploit leverages authentication frames to perform a denial of service (DoS) attack on a target access point (AP) by sending a large number of open authentication frames with an invalid transaction sequence number. | 2024-06-10T17:20:06Z |
 | [CVE-2023-32961](https://www.cve.org/CVERecord?id=CVE-2023-32961) | [LOURC0D3/CVE-2023-32961](https://github.com/LOURC0D3/CVE-2023-32961) | PoC of CVE-2023-32961 | 2023-07-06T02:37:29Z |
 | [CVE-2023-32784](https://www.cve.org/CVERecord?id=CVE-2023-32784) | [CTM1/CVE-2023-32784-keepass-linux](https://github.com/CTM1/CVE-2023-32784-keepass-linux) | KeePass Master Password Extraction PoC for Linux | 2023-05-17T20:15:13Z |
 | [CVE-2023-32784](https://www.cve.org/CVERecord?id=CVE-2023-32784) | [dawnl3ss/CVE-2023-32784](https://github.com/dawnl3ss/CVE-2023-32784) | Retrieve the master password of a keepass database &lt;= 2.53.1 | 2023-08-30T16:42:19Z |
@@ -4952,6 +4959,7 @@ Last generated: 2024-09-08 02:15:00.427826
 | [CVE-2018-0114](https://www.cve.org/CVERecord?id=CVE-2018-0114) | [adityathebe/POC-CVE-2018-0114](https://github.com/adityathebe/POC-CVE-2018-0114) | POC for CVE-2018-0114 written in Go | 2020-12-20T09:29:35Z |
 | [CVE-2018-0114](https://www.cve.org/CVERecord?id=CVE-2018-0114) | [Starry-lord/CVE-2018-0114](https://github.com/Starry-lord/CVE-2018-0114) | no description | 2021-01-13T17:40:08Z |
 | [CVE-2018-0114](https://www.cve.org/CVERecord?id=CVE-2018-0114) | [Eremiel/CVE-2018-0114](https://github.com/Eremiel/CVE-2018-0114) | python2.7 script for JWT generation | 2021-01-03T21:12:10Z |
+| [CVE-2018-0114](https://www.cve.org/CVERecord?id=CVE-2018-0114) | [Pandora-research/CVE-2018-0114-Exploit](https://github.com/Pandora-research/CVE-2018-0114-Exploit) | no description | 2022-09-26T20:51:00Z |
 | [CVE-2017-9841](https://www.cve.org/CVERecord?id=CVE-2017-9841) | [MrG3P5/CVE-2017-9841](https://github.com/MrG3P5/CVE-2017-9841) | A Tool for scanning CVE-2017-9841 with multithread | 2023-03-13T07:42:32Z |
 | [CVE-2017-9841](https://www.cve.org/CVERecord?id=CVE-2017-9841) | [Jhonsonwannaa/CVE-2017-9841-](https://github.com/Jhonsonwannaa/CVE-2017-9841-) | no description | 2022-11-21T16:36:48Z |
 | [CVE-2017-9841](https://www.cve.org/CVERecord?id=CVE-2017-9841) | [LunNova/Puma6Fail](https://github.com/LunNova/Puma6Fail) | CVE-2017-5693 Denial of service vulnerability in Puma 6 modems | 2017-04-25T21:25:43Z |