JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE Security Vulnerabilities

Exploit for Out-of-bounds Write in Google Chrome

CVE-2023-4863/CVE-2023-41064 A POC for...

CVE-2024-27310

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP...

Exploit for Cleartext Transmission of Sensitive Information in Keepass

KeePass 2.X Master Password Dumper...

Denial Of Service (DoS)

MediaWiki is vulnerable to Denial Of Service (DoS). The vulnerability is due to a flaw in includes/specials/SpecialMovePage.php. If a user with the necessary rights to move the page opens Special:MovePage for a page with tens of thousands of subpages, then the page will exceed the maximum request.....

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

CVE-2024-21762 out-of-bounds write in Fortinet FortiOS ...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check Chequea si...

Exploit for Deserialization of Untrusted Data in Apache Activemq

honeypot.rs Honeypot that scopes [CVE-2023-46604 (Apache...

Permanent device denial of service due to a huge amount of scheduled alarms

In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...

Malicious code in u-workflow.module.common.hour-of-week (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (fa993331c82ce09532f10dfb1eb3586e1a3343188c93733712aad7f47cb49539) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell...

Denial Of Service (DoS)

libfrr.so is vulnerable to Denial Of Service (DoS). The vulnerability is due to insufficient handling of NULL return values when calling functions in the get_edge() function within ospf_te.c in the OSPF daemon, resulting in a crash of the daemon and subsequent denial of...

Exploit for Deserialization of Untrusted Data in Apache Dubbo

更全面的Dubbo漏洞扫描工具见我的另一个项目：https://github.com/YYHYlh/Dubbo-Scan...

Out-of-bounds Memory Access

xwayland is vulnerable to an out-of-bounds memory access flaw. The vulnerability is due to improper handling of devices reattachment scenarios, specifically when a device frozen by a sync grab is reattached to a different master...

DNP3 Link Layer Brute Force Addressing Disclosure

The DNP3 protocol is a multi-layer protocol that begins with a link layer connection. The DNP3 link layer address is required to establish a link layer connection. The DNP3 link layer address for the host was easily guessed, and a valid DNP3 link layer connection was established. If a link...

Exploit for Deserialization of Untrusted Data in Salesagility Suitecrm

CVE-2022-23940 PoC for...

Exploit for Deserialization of Untrusted Data in Apache Activemq

Resumen Técnico del Ataque: CVE-2023-46604 El script explota...

Exploit for Cleartext Transmission of Sensitive Information in Keepass

Keepass-Dumper This is my PoC implementation for...

Grafana Spoofing originalUrl of snapshots

To create a snapshot (and insert an arbitrary URL) the built-in role Viewer is sufficient. When a dashboard is shared as a local snapshot, the following three fields are offered in the web UI for a user to fill out: • Snapshotname • Expire • Timeout(seconds) After the user confirms creation of the....

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

🇮🇱 #BringThemHome #NeverAgainIsNow 🇮🇱 **We demand...

Denial of Service in jsonparser

jsonparser before 1.1.1 allows attackers to cause a denial of service via a GET...

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ This exploit...

Denial of service of Minder Server with attacker-controlled REST endpoint

The Minder REST ingester is vulnerable to a denial of service attack via an attacker-controlled REST endpoint that can crash the Minder server. The REST ingester allows users to interact with REST endpoints to fetch data for rule evaluation. When fetching data with the REST ingester, Minder sends.....

gopkg.in/yaml.v3 Denial of Service

An issue in the Unmarshal function in Go-Yaml v3 can cause a program to panic when attempting to deserialize invalid...

ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting

ManageEngine ADSelfService Plus before 6121 contains a stored cross-site scripting vulnerability via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password...

Exploit for Out-of-bounds Write in Google Chrome

CVE-2023-4863 ```bash # checkout webp git clone...

Exploit for Out-of-bounds Write in Microsoft

CVE-2022-37969 Windows Local Privilege Escalation PoC...

Exploit for Deserialization of Untrusted Data in Apache Activemq

ActiveMQ_RCE_GUI...

Grafana Spoofing originalUrl of snapshots

To create a snapshot (and insert an arbitrary URL) the built-in role Viewer is sufficient. When a dashboard is shared as a local snapshot, the following three fields are offered in the web UI for a user to fill out: • Snapshotname • Expire • Timeout(seconds) After the user confirms creation of the....

Exploit for Out-of-bounds Write in Haxx Libcurl

🇮🇱 **#BringThemHome...

Exploit for Vulnerability in Reportlab

CODE INJECTION VULNERABILITY IN REPORTLAB PYTHON LIBRARY...

Exploit for Cleartext Storage of Sensitive Information in Keepass

CVE-2023-24055 POC and Scanner for CVE-2023-24055 Use at...

Out-of-bounds write in ChakraCore

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195,....

Regular Expression Denial Of Service (ReDoS)

micromatch is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability is due a regex expression with inefficient complexity within the micromatch.braces() method. An attacker can submit a large payload without a closing bracket, which results in Regular Expression Denial of...

Exploit for Improper Preservation of Permissions in Mobyproject Moby

CVE-2021-41091 This exploit offers an in-depth look at the...

Regular Expression Denial Of Service (ReDoS)

tecnickcom/tcpdf is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability is due to a regular expression with inefficient complexity utilized when parsing a SVG file. This allows an attacker to cause a denial of service by crafting a malicious svg...

Exploit for Deserialization of Untrusted Data in Apache Activemq

ActiveMQ-Exploit English |...

K12201527: Overview of Quarterly Security Notifications

Security Advisory Description F5 discloses security vulnerabilities and security exposures for F5 products in Quarterly Security Notifications. Quarterly Security Notification dates are published in advance so customers can schedule necessary updates in advance of the public disclosure date. When.....

CVE-2023-25820

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Enterprise Server is the enterprise version of the file server software. In Nextcloud Server versions 25.0.x prior to 25.0.5 and versions 24.0.x prior to 24.0.10 as well as Nextcloud...

Adobe ColdFusion - Deserialization of Untrusted Data

Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user...

New Attack Against Self-Driving Car AI

This is another attack that convinces the AI to ignore road signs: Due to the way CMOS cameras operate, rapidly changing light from fast flashing diodes can be used to vary the color. For example, the shade of red on a stop sign could look different on each line depending on the time between the...

Out-of-bounds write in Microsoft.ChakraCore

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1196,....

Use-of-uninitialized-value in aesEncryptBlock

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67066 Crash type: Use-of-uninitialized-value Crash state: aesEncryptBlock EncryptStream::lookChar...

CVE-2024-20358

A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with...

Denial Of Service (DoS) / Information Disclosure

io.airlift: aircompressor is vulnerable to Denial Of Service (DoS) / Information Disclosure. The vulnerability is due to improper memory bounds checking during data decompression, caused by the use of the sun.misc.Unsafe class without additional safeguards. This can lead to out-of-bounds memory...

Exploit for Deserialization of Untrusted Data in Apache Dubbo

CVE-2023-23638 仅供学习研究 ZooKeeper 自备 测试环境为 Java 8, 其它版本尚未测试,...

Denial Of Service (DoS)

sqlparse is vulnerable to Denial of Service (DoS). The vulnerability is due to a lack of recursion limits, which allows an attacker to pass a heavily nested list to the parse() method resulting in a...

Denial Of Service (DoS)

Libraries that implement HTTP/2 are vulnerable to Denial Of Service (DoS). The vulnerability could be exploited by attackers via sending a large number of HTTP/2 requests to a vulnerable server, then canceling them, causing the server to consume excessive resources and become unavailable to...

Time-of-check time-of-use race condition in github.com/containers/podman/v4

A Time-of-check Time-of-use (TOCTOU) flaw appears in this version of podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file...

CVE-2024-32018

RIOT is a real-time multi-threading operating system that supports a range of devices that are typically 8-bit, 16-bit and 32-bit microcontrollers. Most codebases define assertion macros which compile to a no-op on non-debug builds. If assertions are the only line of defense against untrusted...

Exploit for Out-of-bounds Write in Linux Linux Kernel

CVE-2021-22555 This repo hosts TUKRU's Linux Privilege...