Updated by KhulnaSoft [BOT] 🤖

khulnasoft-lab · Sep 18, 2024 · d9b92dd · d9b92dd
1 parent c243af7
commit d9b92dd
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/db/cve.sqlite b/db/cve.sqlite
diff --git a/docs/README.md b/docs/README.md
@@ -2,7 +2,7 @@
 
 > Automatic monitor github cve using Github Actions
 
-Last generated: 2024-09-17 01:51:58.915400
+Last generated: 2024-09-18 02:10:56.414621
 
 | CVE | Name | Description | Date |
 |---|---|---|---|
@@ -245,6 +245,7 @@ Last generated: 2024-09-17 01:51:58.915400
 | [CVE-2024-4358](https://www.cve.org/CVERecord?id=CVE-2024-4358) | [Sk1dr0wz/CVE-2024-4358_Mass_Exploit](https://github.com/Sk1dr0wz/CVE-2024-4358_Mass_Exploit) | no description | 2024-06-05T01:05:12Z |
 | [CVE-2024-4358](https://www.cve.org/CVERecord?id=CVE-2024-4358) | [sinsinology/CVE-2024-4358](https://github.com/sinsinology/CVE-2024-4358) | Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800) | 2024-06-03T08:22:10Z |
 | [CVE-2024-4358](https://www.cve.org/CVERecord?id=CVE-2024-4358) | [verylazytech/CVE-2024-4358](https://github.com/verylazytech/CVE-2024-4358) | Authentication Bypass Vulnerability — CVE-2024–4358 — Telerik Report Server 2024 | 2024-06-09T06:30:06Z |
+| [CVE-2024-4358](https://www.cve.org/CVERecord?id=CVE-2024-4358) | [fa-rrel/CVE-2024-4358](https://github.com/fa-rrel/CVE-2024-4358) | Telerik Report Server deserialization and authentication bypass exploit chain for CVE-2024-4358/CVE-2024-1800 | 2024-08-24T10:09:09Z |
 | [CVE-2024-4352](https://www.cve.org/CVERecord?id=CVE-2024-4352) | [truonghuuphuc/CVE-2024-4352-Poc](https://github.com/truonghuuphuc/CVE-2024-4352-Poc) | CVE-2024-4352 Tutor LMS Pro &lt;= 2.7.0 - Missing Authorization to SQL Injection | 2024-05-16T14:55:43Z |
 | [CVE-2024-43425](https://www.cve.org/CVERecord?id=CVE-2024-43425) | [RedTeamPentesting/moodle-rce-calculatedquestions](https://github.com/RedTeamPentesting/moodle-rce-calculatedquestions) | Scripts for Analysis of a RCE in Moodle Calculated Questions (CVE-2024-43425) | 2024-08-23T09:13:03Z |
 | [CVE-2024-4323](https://www.cve.org/CVERecord?id=CVE-2024-4323) | [skilfoy/CVE-2024-4323-Exploit-POC](https://github.com/skilfoy/CVE-2024-4323-Exploit-POC) | This proof-of-concept script demonstrates how to exploit CVE-2024-4323, a memory corruption vulnerability in Fluent Bit, enabling remote code execution. | 2024-05-20T15:04:13Z |
@@ -261,6 +262,8 @@ Last generated: 2024-09-17 01:51:58.915400
 | [CVE-2024-42919](https://www.cve.org/CVERecord?id=CVE-2024-42919) | [jeyabalaji711/CVE-2024-42919](https://github.com/jeyabalaji711/CVE-2024-42919) | no description | 2024-08-19T19:50:50Z |
 | [CVE-2024-42850](https://www.cve.org/CVERecord?id=CVE-2024-42850) | [njmbb8/CVE-2024-42850](https://github.com/njmbb8/CVE-2024-42850) | An issue in Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements. | 2024-08-15T21:32:29Z |
 | [CVE-2024-42849](https://www.cve.org/CVERecord?id=CVE-2024-42849) | [njmbb8/CVE-2024-42849](https://github.com/njmbb8/CVE-2024-42849) | An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function. | 2024-08-15T21:57:29Z |
+| [CVE-2024-42845](https://www.cve.org/CVERecord?id=CVE-2024-42845) | [partywavesec/invesalius3_vulnerabilities](https://github.com/partywavesec/invesalius3_vulnerabilities) | InVesalius discovered CVE. CVE-2024-42845 | 2024-08-23T13:43:27Z |
+| [CVE-2024-42834](https://www.cve.org/CVERecord?id=CVE-2024-42834) | [CyberSec-Supra/CVE-2024-42834](https://github.com/CyberSec-Supra/CVE-2024-42834) | no description | 2024-08-24T02:21:33Z |
 | [CVE-2024-42758](https://www.cve.org/CVERecord?id=CVE-2024-42758) | [1s1ldur/CVE-2024-42758](https://github.com/1s1ldur/CVE-2024-42758) | CVE-2024-42758 - Dokuwiki (indexmenu plugin) - XSS Vulnerability | 2024-08-15T13:59:50Z |
 | [CVE-2024-42658](https://www.cve.org/CVERecord?id=CVE-2024-42658) | [sudo-subho/CVE-2024-42658](https://github.com/sudo-subho/CVE-2024-42658) | CVE-2024-42658 An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookies parameter | 2024-08-17T03:02:20Z |
 | [CVE-2024-42657](https://www.cve.org/CVERecord?id=CVE-2024-42657) | [sudo-subho/CVE-2024-42657](https://github.com/sudo-subho/CVE-2024-42657) | CVE-2024-42657 An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process. | 2024-08-17T02:55:14Z |
@@ -344,6 +347,7 @@ Last generated: 2024-09-17 01:51:58.915400
 | [CVE-2024-38537](https://www.cve.org/CVERecord?id=CVE-2024-38537) | [Havoc10-sw/Detect_polyfill_CVE-2024-38537-](https://github.com/Havoc10-sw/Detect_polyfill_CVE-2024-38537-) | Here&#x27;s a Python script that checks if the polyfill.io domain is present in the Content Security Policy (CSP) header of a given web application. | 2024-07-07T15:06:39Z |
 | [CVE-2024-38475](https://www.cve.org/CVERecord?id=CVE-2024-38475) | [p0in7s/CVE-2024-38475](https://github.com/p0in7s/CVE-2024-38475) | no description | 2024-08-18T11:30:50Z |
 | [CVE-2024-38473](https://www.cve.org/CVERecord?id=CVE-2024-38473) | [Abdurahmon3236/CVE-2024-38473](https://github.com/Abdurahmon3236/CVE-2024-38473) | no description | 2024-08-02T19:57:52Z |
+| [CVE-2024-38473](https://www.cve.org/CVERecord?id=CVE-2024-38473) | [juanschallibaum/CVE-2024-38473-Nuclei-Template](https://github.com/juanschallibaum/CVE-2024-38473-Nuclei-Template) | Nuclei template to detect Apache servers vulnerable to CVE-2024-38473 | 2024-08-23T14:39:31Z |
 | [CVE-2024-38472](https://www.cve.org/CVERecord?id=CVE-2024-38472) | [Abdurahmon3236/CVE-2024-38472](https://github.com/Abdurahmon3236/CVE-2024-38472) | no description | 2024-08-03T16:08:28Z |
 | [CVE-2024-38396](https://www.cve.org/CVERecord?id=CVE-2024-38396) | [vin01/poc-cve-2024-38396](https://github.com/vin01/poc-cve-2024-38396) | PoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution | 2024-06-16T09:43:46Z |
 | [CVE-2024-38366](https://www.cve.org/CVERecord?id=CVE-2024-38366) | [ReeFSpeK/CocoaPods-RCE_CVE-2024-38366](https://github.com/ReeFSpeK/CocoaPods-RCE_CVE-2024-38366) | CocoaPods RCE Vulnerability CVE-2024-38366 | 2024-06-28T13:11:28Z |
@@ -877,6 +881,7 @@ Last generated: 2024-09-17 01:51:58.915400
 | [CVE-2024-28995](https://www.cve.org/CVERecord?id=CVE-2024-28995) | [karkis3c/cves](https://github.com/karkis3c/cves) | SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28995) POC | 2024-06-13T12:02:33Z |
 | [CVE-2024-28995](https://www.cve.org/CVERecord?id=CVE-2024-28995) | [Praison001/CVE-2024-28995-SolarWinds-Serv-U](https://github.com/Praison001/CVE-2024-28995-SolarWinds-Serv-U) | Exploit for CVE-2024-28995 affecting SolarWinds Serv-U 15.4.2 HF 1 and previous versions | 2024-06-26T10:51:50Z |
 | [CVE-2024-28995](https://www.cve.org/CVERecord?id=CVE-2024-28995) | [Stuub/CVE-2024-28995](https://github.com/Stuub/CVE-2024-28995) | CVE-2024-28955 Exploitation PoC | 2024-07-01T11:49:51Z |
+| [CVE-2024-28995](https://www.cve.org/CVERecord?id=CVE-2024-28995) | [gotr00t0day/CVE-2024-28995](https://github.com/gotr00t0day/CVE-2024-28995) | SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. | 2024-08-24T17:05:48Z |
 | [CVE-2024-2879](https://www.cve.org/CVERecord?id=CVE-2024-2879) | [herculeszxc/CVE-2024-2879](https://github.com/herculeszxc/CVE-2024-2879) | CVE-2024-2879 - LayerSlider 7.9.11 - 7.10.0 - Unauthenticated SQL Injection | 2024-04-08T18:50:02Z |
 | [CVE-2024-2879](https://www.cve.org/CVERecord?id=CVE-2024-2879) | [nickswink/D-Link-NAS-Devices-Unauthenticated-RCE](https://github.com/nickswink/D-Link-NAS-Devices-Unauthenticated-RCE) | UNTESTED exploit script for CVE-2024-3272 + CVE-2024-3273. The script exploits a backdoor authentication bypass + arbitrary command injection vulnerability. | 2024-04-08T13:54:07Z |
 | [CVE-2024-2876](https://www.cve.org/CVERecord?id=CVE-2024-2876) | [c0d3zilla/CVE-2024-2876](https://github.com/c0d3zilla/CVE-2024-2876) | POC for SQLi vulnerability in Icegram express | 2024-04-25T09:53:22Z |
@@ -1452,6 +1457,7 @@ Last generated: 2024-09-17 01:51:58.915400
 | [CVE-2024-0044](https://www.cve.org/CVERecord?id=CVE-2024-0044) | [hunter24x24/cve_2024_0044](https://github.com/hunter24x24/cve_2024_0044) | CVE-2024-0044: a &quot;run-as any app&quot; high-severity vulnerability affecting Android versions 12 and 13 | 2024-08-01T20:14:22Z |
 | [CVE-2024-0044](https://www.cve.org/CVERecord?id=CVE-2024-0044) | [nexussecelite/EvilDroid](https://github.com/nexussecelite/EvilDroid) | EvilDroid automates the exploitation of CVE-2024-0044, installing malicious payloads on a target device and extracting sensitive data. It features automated ADB connection checks, APK pushing, UID extraction, payload generation, and real-time progress updates, providing a seamless and professional user experience. | 2024-08-04T13:14:10Z |
 | [CVE-2024-0044](https://www.cve.org/CVERecord?id=CVE-2024-0044) | [nahid0x1/CVE-2024-0044](https://github.com/nahid0x1/CVE-2024-0044) | a vulnerability affecting Android version 12 &amp; 13 | 2024-08-13T15:15:47Z |
+| [CVE-2024-0044](https://www.cve.org/CVERecord?id=CVE-2024-0044) | [MrW0l05zyn/cve-2024-0044](https://github.com/MrW0l05zyn/cve-2024-0044) | CVE-2024-0044 | 2024-08-19T02:51:14Z |
 | [CVE-2024-0040](https://www.cve.org/CVERecord?id=CVE-2024-0040) | [nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-0040](https://github.com/nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-0040) | no description | 2024-07-29T11:45:41Z |
 | [CVE-2024-0040](https://www.cve.org/CVERecord?id=CVE-2024-0040) | [uthrasri/frameworks_av_CVE-2024-0040](https://github.com/uthrasri/frameworks_av_CVE-2024-0040) | no description | 2024-08-06T06:13:59Z |
 | [CVE-2024-0039](https://www.cve.org/CVERecord?id=CVE-2024-0039) | [41yn14/CVE-2024-0039-Exploit](https://github.com/41yn14/CVE-2024-0039-Exploit) | Эксплойт для уязвимости CVE-2024-0039 на Android, который позволяет выполнять произвольный код через MP4 файл. Этот репозиторий создан для образовательных целей. | 2024-05-29T22:13:04Z |
@@ -3906,6 +3912,7 @@ Last generated: 2024-09-17 01:51:58.915400
 | [CVE-2021-3656](https://www.cve.org/CVERecord?id=CVE-2021-3656) | [T3slaa/pwnkit-pwn](https://github.com/T3slaa/pwnkit-pwn) | It is a simple script coded in bash scripting to exploit the PwnKit vulnerability (cve-2021-4034), the idea of this is to try to automate the exploitation of this vulnerability as much as possible. | 2022-03-05T19:49:52Z |
 | [CVE-2021-36260](https://www.cve.org/CVERecord?id=CVE-2021-36260) | [haingn/HIK-CVE-2021-36260-Exploit](https://github.com/haingn/HIK-CVE-2021-36260-Exploit) | no description | 2023-10-22T14:09:18Z |
 | [CVE-2021-36260](https://www.cve.org/CVERecord?id=CVE-2021-36260) | [rabbitsafe/CVE-2021-36260](https://github.com/rabbitsafe/CVE-2021-36260) | CVE-2021-36260 | 2021-10-18T06:40:48Z |
+| [CVE-2021-35975](https://www.cve.org/CVERecord?id=CVE-2021-35975) | [fbkcs/CVE-2021-35975](https://github.com/fbkcs/CVE-2021-35975) | Path Traversal Vulnerability in Systematica SMTP Adapter and other sub-products | 2023-11-17T08:47:20Z |
 | [CVE-2021-3560](https://www.cve.org/CVERecord?id=CVE-2021-3560) | [asepsaepdin/CVE-2021-3560](https://github.com/asepsaepdin/CVE-2021-3560) | no description | 2023-07-10T04:26:13Z |
 | [CVE-2021-3560](https://www.cve.org/CVERecord?id=CVE-2021-3560) | [WinMin/CVE-2021-3560](https://github.com/WinMin/CVE-2021-3560) | PolicyKit CVE-2021-3560 Exploitation (Authentication Agent) | 2022-04-30T05:53:45Z |
 | [CVE-2021-3560](https://www.cve.org/CVERecord?id=CVE-2021-3560) | [secnigma/CVE-2021-3560-Polkit-Privilege-Esclation](https://github.com/secnigma/CVE-2021-3560-Polkit-Privilege-Esclation) | no description | 2021-06-14T20:08:20Z |