diff --git a/2016/CVE-2016-5195.json b/2016/CVE-2016-5195.json
index f8c9d09d4f..ba430b64dc 100644
--- a/2016/CVE-2016-5195.json
+++ b/2016/CVE-2016-5195.json
@@ -467,7 +467,7 @@
"stargazers_count": 862,
"watchers_count": 862,
"has_discussions": false,
- "forks_count": 429,
+ "forks_count": 428,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@@ -477,7 +477,7 @@
"exploit"
],
"visibility": "public",
- "forks": 429,
+ "forks": 428,
"watchers": 862,
"score": 0,
"subscribers_count": 9
diff --git a/2017/CVE-2017-7921.json b/2017/CVE-2017-7921.json
index 22133f4835..a60be0e3ac 100644
--- a/2017/CVE-2017-7921.json
+++ b/2017/CVE-2017-7921.json
@@ -503,6 +503,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
- "subscribers_count": 0
+ "subscribers_count": 1
}
]
\ No newline at end of file
diff --git a/2018/CVE-2018-7422.json b/2018/CVE-2018-7422.json
index 1fb88d7ec6..701d917d07 100644
--- a/2018/CVE-2018-7422.json
+++ b/2018/CVE-2018-7422.json
@@ -45,10 +45,10 @@
"description": "Site Editor WordPress Plugin <= 1.1.1 Local File Inclusion Script",
"fork": false,
"created_at": "2021-11-18T21:52:11Z",
- "updated_at": "2024-11-12T03:01:13Z",
+ "updated_at": "2024-11-30T15:45:03Z",
"pushed_at": "2021-11-18T21:55:32Z",
- "stargazers_count": 2,
- "watchers_count": 2,
+ "stargazers_count": 3,
+ "watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
- "watchers": 2,
+ "watchers": 3,
"score": 0,
"subscribers_count": 1
},
diff --git a/2019/CVE-2019-15107.json b/2019/CVE-2019-15107.json
index bba90705ae..7d18bdf6ea 100644
--- a/2019/CVE-2019-15107.json
+++ b/2019/CVE-2019-15107.json
@@ -19,13 +19,13 @@
"stargazers_count": 62,
"watchers_count": 62,
"has_discussions": false,
- "forks_count": 23,
+ "forks_count": 21,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
- "forks": 23,
+ "forks": 21,
"watchers": 62,
"score": 0,
"subscribers_count": 3
diff --git a/2021/CVE-2021-34527.json b/2021/CVE-2021-34527.json
index e7a6798eb0..12f0b2c270 100644
--- a/2021/CVE-2021-34527.json
+++ b/2021/CVE-2021-34527.json
@@ -643,13 +643,13 @@
"stargazers_count": 107,
"watchers_count": 107,
"has_discussions": false,
- "forks_count": 21,
+ "forks_count": 20,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
- "forks": 21,
+ "forks": 20,
"watchers": 107,
"score": 0,
"subscribers_count": 4
diff --git a/2021/CVE-2021-3560.json b/2021/CVE-2021-3560.json
index 7492605a22..2c155419bf 100644
--- a/2021/CVE-2021-3560.json
+++ b/2021/CVE-2021-3560.json
@@ -152,13 +152,13 @@
"stargazers_count": 112,
"watchers_count": 112,
"has_discussions": false,
- "forks_count": 51,
+ "forks_count": 50,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
- "forks": 51,
+ "forks": 50,
"watchers": 112,
"score": 0,
"subscribers_count": 1
diff --git a/2021/CVE-2021-40449.json b/2021/CVE-2021-40449.json
index 943cc83b32..9e17df3a51 100644
--- a/2021/CVE-2021-40449.json
+++ b/2021/CVE-2021-40449.json
@@ -204,10 +204,10 @@
"description": "Using CVE-2021-40449 to manual map kernel mode driver",
"fork": false,
"created_at": "2022-03-04T17:55:52Z",
- "updated_at": "2024-10-15T23:58:03Z",
+ "updated_at": "2024-11-30T14:21:17Z",
"pushed_at": "2022-03-05T18:34:25Z",
- "stargazers_count": 99,
- "watchers_count": 99,
+ "stargazers_count": 98,
+ "watchers_count": 98,
"has_discussions": false,
"forks_count": 32,
"allow_forking": true,
@@ -216,7 +216,7 @@
"topics": [],
"visibility": "public",
"forks": 32,
- "watchers": 99,
+ "watchers": 98,
"score": 0,
"subscribers_count": 4
},
diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json
index 3aac155c34..fdb6225f23 100644
--- a/2021/CVE-2021-44228.json
+++ b/2021/CVE-2021-44228.json
@@ -935,7 +935,7 @@
"description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ",
"fork": false,
"created_at": "2021-12-10T23:19:28Z",
- "updated_at": "2024-11-26T17:19:35Z",
+ "updated_at": "2024-11-30T15:57:11Z",
"pushed_at": "2024-02-12T22:37:25Z",
"stargazers_count": 1810,
"watchers_count": 1810,
diff --git a/2021/CVE-2021-44852.json b/2021/CVE-2021-44852.json
index 21b7a01744..e099bf38e0 100644
--- a/2021/CVE-2021-44852.json
+++ b/2021/CVE-2021-44852.json
@@ -14,10 +14,10 @@
"description": "An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity process can open the driver's device object and issue IOCTLs to read or write to arbitrary physical memory locations (or call an arbitrary address), leading to execution of arbitrary code. This is associated with 0x226040, 0x226044, and 0x226000.",
"fork": false,
"created_at": "2023-03-22T04:47:54Z",
- "updated_at": "2023-11-16T14:20:25Z",
+ "updated_at": "2024-11-30T14:21:20Z",
"pushed_at": "2023-03-22T04:13:36Z",
- "stargazers_count": 1,
- "watchers_count": 1,
+ "stargazers_count": 0,
+ "watchers_count": 0,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
- "watchers": 1,
+ "watchers": 0,
"score": 0,
"subscribers_count": 0
}
diff --git a/2022/CVE-2022-23131.json b/2022/CVE-2022-23131.json
index 74c32dcf18..e7c5239bff 100644
--- a/2022/CVE-2022-23131.json
+++ b/2022/CVE-2022-23131.json
@@ -76,10 +76,10 @@
"description": "cve-2022-23131 zabbix-saml-bypass-exp",
"fork": false,
"created_at": "2022-02-18T11:51:47Z",
- "updated_at": "2024-08-14T04:30:19Z",
+ "updated_at": "2024-11-30T15:51:22Z",
"pushed_at": "2024-08-11T18:14:56Z",
- "stargazers_count": 150,
- "watchers_count": 150,
+ "stargazers_count": 151,
+ "watchers_count": 151,
"has_discussions": false,
"forks_count": 46,
"allow_forking": true,
@@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 46,
- "watchers": 150,
+ "watchers": 151,
"score": 0,
"subscribers_count": 2
},
@@ -169,10 +169,10 @@
"description": "cve-2022-23131",
"fork": false,
"created_at": "2022-02-22T01:39:52Z",
- "updated_at": "2024-09-11T07:48:24Z",
+ "updated_at": "2024-11-30T15:52:15Z",
"pushed_at": "2022-02-22T01:45:34Z",
- "stargazers_count": 27,
- "watchers_count": 27,
+ "stargazers_count": 28,
+ "watchers_count": 28,
"has_discussions": false,
"forks_count": 12,
"allow_forking": true,
@@ -181,7 +181,7 @@
"topics": [],
"visibility": "public",
"forks": 12,
- "watchers": 27,
+ "watchers": 28,
"score": 0,
"subscribers_count": 1
},
diff --git a/2022/CVE-2022-3699.json b/2022/CVE-2022-3699.json
index 7630e2b147..03091495d7 100644
--- a/2022/CVE-2022-3699.json
+++ b/2022/CVE-2022-3699.json
@@ -45,10 +45,10 @@
"description": "CVE-2022-3699 with arbitrary kernel code execution capability",
"fork": false,
"created_at": "2022-12-25T04:34:26Z",
- "updated_at": "2024-08-14T20:20:50Z",
+ "updated_at": "2024-11-30T14:21:19Z",
"pushed_at": "2022-12-27T21:30:08Z",
- "stargazers_count": 70,
- "watchers_count": 70,
+ "stargazers_count": 69,
+ "watchers_count": 69,
"has_discussions": false,
"forks_count": 23,
"allow_forking": true,
@@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 23,
- "watchers": 70,
+ "watchers": 69,
"score": 0,
"subscribers_count": 3
},
diff --git a/2023/CVE-2023-21768.json b/2023/CVE-2023-21768.json
index bc969ad957..6b1b00b878 100644
--- a/2023/CVE-2023-21768.json
+++ b/2023/CVE-2023-21768.json
@@ -76,10 +76,10 @@
"description": "Using CVE-2023-21768 to manual map kernel mode driver ",
"fork": false,
"created_at": "2023-03-10T19:08:28Z",
- "updated_at": "2024-11-13T15:57:25Z",
+ "updated_at": "2024-11-30T14:21:20Z",
"pushed_at": "2023-03-10T20:16:53Z",
- "stargazers_count": 176,
- "watchers_count": 176,
+ "stargazers_count": 175,
+ "watchers_count": 175,
"has_discussions": false,
"forks_count": 35,
"allow_forking": true,
@@ -96,7 +96,7 @@
],
"visibility": "public",
"forks": 35,
- "watchers": 176,
+ "watchers": 175,
"score": 0,
"subscribers_count": 3
},
diff --git a/2023/CVE-2023-41425.json b/2023/CVE-2023-41425.json
index 996d51ddc2..ae1b54f3d0 100644
--- a/2023/CVE-2023-41425.json
+++ b/2023/CVE-2023-41425.json
@@ -89,10 +89,10 @@
"description": "WonderCMS RCE CVE-2023-41425",
"fork": false,
"created_at": "2024-08-12T06:16:17Z",
- "updated_at": "2024-11-12T07:54:22Z",
+ "updated_at": "2024-11-30T17:20:40Z",
"pushed_at": "2024-08-12T06:55:30Z",
- "stargazers_count": 14,
- "watchers_count": 14,
+ "stargazers_count": 15,
+ "watchers_count": 15,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@@ -101,7 +101,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
- "watchers": 14,
+ "watchers": 15,
"score": 0,
"subscribers_count": 1
},
diff --git a/2023/CVE-2023-4220.json b/2023/CVE-2023-4220.json
index fffc003ec3..610b12ac87 100644
--- a/2023/CVE-2023-4220.json
+++ b/2023/CVE-2023-4220.json
@@ -133,10 +133,10 @@
"description": "CVE-2023-4220 POC RCE",
"fork": false,
"created_at": "2024-07-08T07:31:35Z",
- "updated_at": "2024-11-06T23:17:18Z",
+ "updated_at": "2024-11-30T17:20:41Z",
"pushed_at": "2024-08-07T23:36:20Z",
- "stargazers_count": 3,
- "watchers_count": 3,
+ "stargazers_count": 4,
+ "watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@@ -145,7 +145,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
- "watchers": 3,
+ "watchers": 4,
"score": 0,
"subscribers_count": 1
},
diff --git a/2023/CVE-2023-45777.json b/2023/CVE-2023-45777.json
index ac84e375f1..be2cd48fd0 100644
--- a/2023/CVE-2023-45777.json
+++ b/2023/CVE-2023-45777.json
@@ -14,10 +14,10 @@
"description": "Writeup and exploit for CVE-2023-45777, bypass for Intent validation inside AccountManagerService on Android 13 despite \"Lazy Bundle\" mitigation",
"fork": false,
"created_at": "2024-01-20T07:14:06Z",
- "updated_at": "2024-11-06T02:14:36Z",
+ "updated_at": "2024-11-30T12:57:29Z",
"pushed_at": "2024-01-21T05:04:01Z",
- "stargazers_count": 80,
- "watchers_count": 80,
+ "stargazers_count": 81,
+ "watchers_count": 81,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 8,
- "watchers": 80,
+ "watchers": 81,
"score": 0,
"subscribers_count": 4
}
diff --git a/2024/CVE-2024-0012.json b/2024/CVE-2024-0012.json
index 0573307268..660c2289a8 100644
--- a/2024/CVE-2024-0012.json
+++ b/2024/CVE-2024-0012.json
@@ -215,5 +215,41 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
+ },
+ {
+ "id": 896532665,
+ "name": "CVE-2024-0012",
+ "full_name": "0xjessie21\/CVE-2024-0012",
+ "owner": {
+ "login": "0xjessie21",
+ "id": 2928054,
+ "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2928054?v=4",
+ "html_url": "https:\/\/github.com\/0xjessie21",
+ "user_view_type": "public"
+ },
+ "html_url": "https:\/\/github.com\/0xjessie21\/CVE-2024-0012",
+ "description": "CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC",
+ "fork": false,
+ "created_at": "2024-11-30T16:06:02Z",
+ "updated_at": "2024-11-30T17:57:25Z",
+ "pushed_at": "2024-11-30T17:57:21Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "has_discussions": false,
+ "forks_count": 0,
+ "allow_forking": true,
+ "is_template": false,
+ "web_commit_signoff_required": false,
+ "topics": [
+ "cve",
+ "cve-2024-0012",
+ "exploit",
+ "paloaltonetworks"
+ ],
+ "visibility": "public",
+ "forks": 0,
+ "watchers": 0,
+ "score": 0,
+ "subscribers_count": 0
}
]
\ No newline at end of file
diff --git a/2024/CVE-2024-11252.json b/2024/CVE-2024-11252.json
new file mode 100644
index 0000000000..ebad13370a
--- /dev/null
+++ b/2024/CVE-2024-11252.json
@@ -0,0 +1,33 @@
+[
+ {
+ "id": 896497712,
+ "name": "CVE-2024-11252-Sassy-Social-Share-XSS",
+ "full_name": "reinh3rz\/CVE-2024-11252-Sassy-Social-Share-XSS",
+ "owner": {
+ "login": "reinh3rz",
+ "id": 144375735,
+ "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144375735?v=4",
+ "html_url": "https:\/\/github.com\/reinh3rz",
+ "user_view_type": "public"
+ },
+ "html_url": "https:\/\/github.com\/reinh3rz\/CVE-2024-11252-Sassy-Social-Share-XSS",
+ "description": null,
+ "fork": false,
+ "created_at": "2024-11-30T14:20:57Z",
+ "updated_at": "2024-11-30T14:30:34Z",
+ "pushed_at": "2024-11-30T14:30:31Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "has_discussions": false,
+ "forks_count": 0,
+ "allow_forking": true,
+ "is_template": false,
+ "web_commit_signoff_required": false,
+ "topics": [],
+ "visibility": "public",
+ "forks": 0,
+ "watchers": 0,
+ "score": 0,
+ "subscribers_count": 0
+ }
+]
\ No newline at end of file
diff --git a/2024/CVE-2024-11477.json b/2024/CVE-2024-11477.json
index 5f17a65662..4ac298f5fb 100644
--- a/2024/CVE-2024-11477.json
+++ b/2024/CVE-2024-11477.json
@@ -14,10 +14,10 @@
"description": "CVE-2024-11477 7Zip Code Execution Writeup and Analysis",
"fork": false,
"created_at": "2024-11-29T06:13:36Z",
- "updated_at": "2024-11-30T11:32:10Z",
+ "updated_at": "2024-11-30T14:03:16Z",
"pushed_at": "2024-11-29T21:02:56Z",
- "stargazers_count": 11,
- "watchers_count": 11,
+ "stargazers_count": 12,
+ "watchers_count": 12,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
- "watchers": 11,
+ "watchers": 12,
"score": 0,
"subscribers_count": 1
}
diff --git a/2024/CVE-2024-26229.json b/2024/CVE-2024-26229.json
index 06f928bc55..4173a6a0a4 100644
--- a/2024/CVE-2024-26229.json
+++ b/2024/CVE-2024-26229.json
@@ -14,10 +14,10 @@
"description": "CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I\/O Control Code",
"fork": false,
"created_at": "2024-06-10T17:02:03Z",
- "updated_at": "2024-11-28T05:47:36Z",
+ "updated_at": "2024-11-30T13:35:20Z",
"pushed_at": "2024-07-04T10:39:15Z",
- "stargazers_count": 321,
- "watchers_count": 321,
+ "stargazers_count": 322,
+ "watchers_count": 322,
"has_discussions": false,
"forks_count": 63,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 63,
- "watchers": 321,
+ "watchers": 322,
"score": 0,
"subscribers_count": 5
},
diff --git a/2024/CVE-2024-2961.json b/2024/CVE-2024-2961.json
index 09dc8436f6..85d3f4f861 100644
--- a/2024/CVE-2024-2961.json
+++ b/2024/CVE-2024-2961.json
@@ -76,10 +76,10 @@
"description": "Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()",
"fork": false,
"created_at": "2024-05-27T08:30:06Z",
- "updated_at": "2024-11-29T22:01:50Z",
+ "updated_at": "2024-11-30T14:01:49Z",
"pushed_at": "2024-09-30T08:45:56Z",
- "stargazers_count": 422,
- "watchers_count": 422,
+ "stargazers_count": 423,
+ "watchers_count": 423,
"has_discussions": false,
"forks_count": 52,
"allow_forking": true,
@@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 52,
- "watchers": 422,
+ "watchers": 423,
"score": 0,
"subscribers_count": 8
},
diff --git a/2024/CVE-2024-44083.json b/2024/CVE-2024-44083.json
index 0192f9f5a5..ee45265b92 100644
--- a/2024/CVE-2024-44083.json
+++ b/2024/CVE-2024-44083.json
@@ -14,10 +14,10 @@
"description": "Makes IDA (most versions) to crash upon opening it. ",
"fork": false,
"created_at": "2024-08-25T12:33:14Z",
- "updated_at": "2024-11-29T20:27:42Z",
+ "updated_at": "2024-11-30T16:47:45Z",
"pushed_at": "2024-08-30T09:58:12Z",
- "stargazers_count": 67,
- "watchers_count": 67,
+ "stargazers_count": 68,
+ "watchers_count": 68,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
- "watchers": 67,
+ "watchers": 68,
"score": 0,
"subscribers_count": 1
}
diff --git a/2024/CVE-2024-44285.json b/2024/CVE-2024-44285.json
new file mode 100644
index 0000000000..b1bab43932
--- /dev/null
+++ b/2024/CVE-2024-44285.json
@@ -0,0 +1,33 @@
+[
+ {
+ "id": 896477779,
+ "name": "explt",
+ "full_name": "slds1\/explt",
+ "owner": {
+ "login": "slds1",
+ "id": 147923950,
+ "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147923950?v=4",
+ "html_url": "https:\/\/github.com\/slds1",
+ "user_view_type": "public"
+ },
+ "html_url": "https:\/\/github.com\/slds1\/explt",
+ "description": "App for CVE-2024-44285",
+ "fork": false,
+ "created_at": "2024-11-30T13:22:05Z",
+ "updated_at": "2024-11-30T13:23:04Z",
+ "pushed_at": "2024-11-30T13:23:01Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "has_discussions": false,
+ "forks_count": 0,
+ "allow_forking": true,
+ "is_template": false,
+ "web_commit_signoff_required": false,
+ "topics": [],
+ "visibility": "public",
+ "forks": 0,
+ "watchers": 0,
+ "score": 0,
+ "subscribers_count": 0
+ }
+]
\ No newline at end of file
diff --git a/2024/CVE-2024-4577.json b/2024/CVE-2024-4577.json
index 9a98529088..65e158e692 100644
--- a/2024/CVE-2024-4577.json
+++ b/2024/CVE-2024-4577.json
@@ -1687,19 +1687,19 @@
"description": "CVE-2024-4577 RCE PoC",
"fork": false,
"created_at": "2024-11-06T05:30:33Z",
- "updated_at": "2024-11-22T12:52:03Z",
+ "updated_at": "2024-11-30T12:51:07Z",
"pushed_at": "2024-11-20T06:24:59Z",
- "stargazers_count": 9,
- "watchers_count": 9,
+ "stargazers_count": 13,
+ "watchers_count": 13,
"has_discussions": false,
- "forks_count": 1,
+ "forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
- "forks": 1,
- "watchers": 9,
+ "forks": 2,
+ "watchers": 13,
"score": 0,
"subscribers_count": 1
}
diff --git a/README.md b/README.md
index f394f12093..c1cdc7c419 100644
--- a/README.md
+++ b/README.md
@@ -13,6 +13,7 @@
- [iSee857/CVE-2024-0012-poc](https://github.com/iSee857/CVE-2024-0012-poc)
- [XiaomingX/cve-2024-0012-poc](https://github.com/XiaomingX/cve-2024-0012-poc)
- [PunitTailor55/Paloalto-CVE-2024-0012](https://github.com/PunitTailor55/Paloalto-CVE-2024-0012)
+- [0xjessie21/CVE-2024-0012](https://github.com/0xjessie21/CVE-2024-0012)
### CVE-2024-0015 (2024-02-16)
@@ -2162,6 +2163,13 @@
### CVE-2024-11201
- [NSQAQ/CVE-2024-11201](https://github.com/NSQAQ/CVE-2024-11201)
+### CVE-2024-11252 (2024-11-30)
+
+The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including, 3.3.69 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
+
+
+- [reinh3rz/CVE-2024-11252-Sassy-Social-Share-XSS](https://github.com/reinh3rz/CVE-2024-11252-Sassy-Social-Share-XSS)
+
### CVE-2024-11318 (2024-11-18)
An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet, affecting version 2.3.1. This vulnerability could allow a remote attacker to obtain the session of an unauthenticated user by brute-force attacking the session identifier on the "/cgi-bin/ocap/" endpoint.
@@ -6195,6 +6203,13 @@
- [ifpdz/CVE-2024-44258](https://github.com/ifpdz/CVE-2024-44258)
+### CVE-2024-44285 (2024-10-28)
+
+A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
+
+
+- [slds1/explt](https://github.com/slds1/explt)
+
### CVE-2024-44337 (2024-10-15)
The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. Submit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252` contains fixes to this problem.