mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/04/04 00:27:19

Browse source
This commit is contained in:
motikan2010-bot 2024-04-04 09:27:19 +09:00
parent db5300662b
commit b8afbf82c9
23 changed files with 200 additions and 94 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
2017/CVE-2017-20165.json
View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2023-01-11T10:20:27Z",
"updated_at": "2024-02-01T02:54:57Z",
"pushed_at": "2024-04-02T19:13:23Z",
"pushed_at": "2024-04-03T20:38:19Z",
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,

2
2019/CVE-2019-18845.json
View file

@ -13,7 +13,7 @@
"description": "The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\\SYSTEM privileges, by mapping \\Device\\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.",
"fork": false,
"created_at": "2022-07-10T05:53:41Z",
"updated_at": "2023-07-14T15:06:00Z",
"updated_at": "2024-04-03T21:41:01Z",
"pushed_at": "2022-07-10T04:20:56Z",
"stargazers_count": 0,
"watchers_count": 0,

8
2021/CVE-2021-36934.json
View file

@ -168,10 +168,10 @@
"description": "HiveNightmare a.k.a. SeriousSam Local Privilege Escalation in Windows CVE-2021-36934",
"fork": false,
"created_at": "2021-07-22T07:49:29Z",
"updated_at": "2024-02-24T11:42:34Z",
"updated_at": "2024-04-03T21:09:35Z",
"pushed_at": "2021-07-22T11:39:31Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -180,7 +180,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},

2
2021/CVE-2021-44228.json
View file

@ -1527,7 +1527,7 @@
"fork": false,
"created_at": "2021-12-11T12:16:45Z",
"updated_at": "2023-05-28T11:06:10Z",
"pushed_at": "2024-04-01T18:46:58Z",
"pushed_at": "2024-04-03T18:40:23Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,

8
2022/CVE-2022-1388.json
View file

@ -410,10 +410,10 @@
"description": "POC for CVE-2022-1388",
"fork": false,
"created_at": "2022-05-09T11:46:45Z",
"updated_at": "2024-03-24T21:44:02Z",
"updated_at": "2024-04-03T18:29:16Z",
"pushed_at": "2022-05-09T20:52:07Z",
"stargazers_count": 235,
"watchers_count": 235,
"stargazers_count": 234,
"watchers_count": 234,
"has_discussions": false,
"forks_count": 41,
"allow_forking": true,
@ -422,7 +422,7 @@
"topics": [],
"visibility": "public",
"forks": 41,
"watchers": 235,
"watchers": 234,
"score": 0,
"subscribers_count": 6
},

8
2023/CVE-2023-24488.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-24488 PoC",
"fork": false,
"created_at": "2023-07-01T17:47:17Z",
"updated_at": "2023-12-04T18:13:57Z",
"updated_at": "2024-04-03T21:18:48Z",
"pushed_at": "2023-07-01T17:49:16Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-29360.json
View file

@ -13,10 +13,10 @@
"description": "Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver",
"fork": false,
"created_at": "2023-09-24T21:59:23Z",
"updated_at": "2024-03-15T03:21:46Z",
"updated_at": "2024-04-03T19:19:49Z",
"pushed_at": "2023-10-12T19:18:32Z",
"stargazers_count": 123,
"watchers_count": 123,
"stargazers_count": 124,
"watchers_count": 124,
"has_discussions": false,
"forks_count": 30,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 30,
"watchers": 123,
"watchers": 124,
"score": 0,
"subscribers_count": 2
}

37
2023/CVE-2023-33466.json Normal file
View file

@ -0,0 +1,37 @@
[
{
"id": 781710965,
"name": "CVE-2023-33466",
"full_name": "v3gahax\/CVE-2023-33466",
"owner": {
"login": "v3gahax",
"id": 165963777,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165963777?v=4",
"html_url": "https:\/\/github.com\/v3gahax"
},
"html_url": "https:\/\/github.com\/v3gahax\/CVE-2023-33466",
"description": "CVE-2023-33466 (Windows)",
"fork": false,
"created_at": "2024-04-03T22:26:02Z",
"updated_at": "2024-04-03T23:01:59Z",
"pushed_at": "2024-04-03T23:06:42Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"biohacking",
"exploit",
"medical",
"rce-exploit"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-36802.json
View file

@ -103,10 +103,10 @@
"description": "Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver",
"fork": false,
"created_at": "2023-10-23T18:33:41Z",
"updated_at": "2024-03-20T08:29:41Z",
"updated_at": "2024-04-03T19:20:07Z",
"pushed_at": "2023-10-26T11:44:46Z",
"stargazers_count": 98,
"watchers_count": 98,
"stargazers_count": 99,
"watchers_count": 99,
"has_discussions": false,
"forks_count": 24,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 24,
"watchers": 98,
"watchers": 99,
"score": 0,
"subscribers_count": 3
}

8
2023/CVE-2023-44487.json
View file

@ -241,10 +241,10 @@
"description": "Highly configurable tool to check a server's vulnerability against CVE-2023-44487 by rapidly sending HEADERS and RST_STREAM frames and documenting the server's responses.",
"fork": false,
"created_at": "2023-11-08T20:56:22Z",
"updated_at": "2024-02-01T10:39:42Z",
"updated_at": "2024-04-03T20:49:32Z",
"pushed_at": "2024-01-11T17:44:09Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -264,7 +264,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-45866.json
View file

@ -13,10 +13,10 @@
"description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)",
"fork": false,
"created_at": "2024-01-16T06:52:02Z",
"updated_at": "2024-04-03T16:11:23Z",
"updated_at": "2024-04-03T20:33:15Z",
"pushed_at": "2024-03-31T22:00:43Z",
"stargazers_count": 333,
"watchers_count": 333,
"stargazers_count": 334,
"watchers_count": 334,
"has_discussions": false,
"forks_count": 53,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 53,
"watchers": 333,
"watchers": 334,
"score": 0,
"subscribers_count": 5
},

2
2023/CVE-2023-46304.json
View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2024-04-03T17:57:23Z",
"updated_at": "2024-04-03T18:15:17Z",
"pushed_at": "2024-04-03T18:14:35Z",
"pushed_at": "2024-04-03T19:00:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2023/CVE-2023-48022.json
View file

@ -43,10 +43,10 @@
"description": "ShadowRay RCE POC (CVE-2023-48022)",
"fork": false,
"created_at": "2024-03-29T09:54:31Z",
"updated_at": "2024-03-29T10:02:38Z",
"updated_at": "2024-04-03T22:44:04Z",
"pushed_at": "2024-04-02T06:35:40Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

4
2023/CVE-2023-48788.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 28,
"watchers_count": 28,
"has_discussions": false,
"forks_count": 7,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 7,
"forks": 8,
"watchers": 28,
"score": 0,
"subscribers_count": 4

8
2024/CVE-2024-0197.json
View file

@ -13,10 +13,10 @@
"description": "Proof of concept for Local Privilege Escalation in Thales Sentinel HASP LDK.",
"fork": false,
"created_at": "2024-02-27T15:25:58Z",
"updated_at": "2024-04-03T16:18:00Z",
"updated_at": "2024-04-04T00:15:46Z",
"pushed_at": "2024-02-27T15:30:16Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-1086.json
View file

@ -13,10 +13,10 @@
"description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.",
"fork": false,
"created_at": "2024-03-20T21:16:41Z",
"updated_at": "2024-04-03T17:57:57Z",
"updated_at": "2024-04-03T23:11:46Z",
"pushed_at": "2024-04-02T21:18:42Z",
"stargazers_count": 1303,
"watchers_count": 1303,
"stargazers_count": 1308,
"watchers_count": 1308,
"has_discussions": false,
"forks_count": 129,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 129,
"watchers": 1303,
"watchers": 1308,
"score": 0,
"subscribers_count": 10
},

10
2024/CVE-2024-21762.json
View file

@ -78,13 +78,13 @@
"stargazers_count": 80,
"watchers_count": 80,
"has_discussions": false,
"forks_count": 14,
"forks_count": 15,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 14,
"forks": 15,
"watchers": 80,
"score": 0,
"subscribers_count": 4
@ -164,17 +164,17 @@
"fork": false,
"created_at": "2024-04-03T16:26:02Z",
"updated_at": "2024-04-03T16:48:52Z",
"pushed_at": "2024-04-03T18:14:03Z",
"pushed_at": "2024-04-03T19:45:36Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0

8
2024/CVE-2024-23334.json
View file

@ -103,10 +103,10 @@
"description": "aiohttp LFI (CVE-2024-23334)",
"fork": false,
"created_at": "2024-03-19T16:28:56Z",
"updated_at": "2024-04-03T14:30:21Z",
"updated_at": "2024-04-03T20:20:24Z",
"pushed_at": "2024-03-19T17:06:26Z",
"stargazers_count": 14,
"watchers_count": 14,
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 14,
"watchers": 15,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-27198.json
View file

@ -43,10 +43,10 @@
"description": "Exploit for CVE-2024-27198 - TeamCity Server",
"fork": false,
"created_at": "2024-03-05T05:43:06Z",
"updated_at": "2024-03-29T00:15:39Z",
"updated_at": "2024-04-03T22:05:25Z",
"pushed_at": "2024-03-08T06:13:09Z",
"stargazers_count": 23,
"watchers_count": 23,
"stargazers_count": 24,
"watchers_count": 24,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -58,7 +58,7 @@
],
"visibility": "public",
"forks": 4,
"watchers": 23,
"watchers": 24,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-29059.json
View file

@ -13,10 +13,10 @@
"description": "Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)",
"fork": false,
"created_at": "2024-03-11T10:14:39Z",
"updated_at": "2024-04-03T18:22:00Z",
"updated_at": "2024-04-03T20:05:44Z",
"pushed_at": "2024-03-25T12:56:16Z",
"stargazers_count": 61,
"watchers_count": 61,
"stargazers_count": 62,
"watchers_count": 62,
"has_discussions": false,
"forks_count": 14,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 14,
"watchers": 61,
"watchers": 62,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-29269.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2024-29269",
"fork": false,
"created_at": "2024-04-03T02:02:27Z",
"updated_at": "2024-04-03T02:27:00Z",
"updated_at": "2024-04-03T21:44:25Z",
"pushed_at": "2024-04-03T02:19:52Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}

114
2024/CVE-2024-3094.json
View file

@ -13,10 +13,10 @@
"description": "Information for CVE-2024-3094",
"fork": false,
"created_at": "2024-03-29T17:03:01Z",
"updated_at": "2024-04-03T18:20:39Z",
"updated_at": "2024-04-03T18:49:13Z",
"pushed_at": "2024-04-01T16:01:34Z",
"stargazers_count": 42,
"watchers_count": 42,
"stargazers_count": 43,
"watchers_count": 43,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 42,
"watchers": 43,
"score": 0,
"subscribers_count": 2
},
@ -387,10 +387,10 @@
"description": "A shell script designed to help users identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability. Versions 5.6.0 and 5.6.1 of xz-utils are known to be vulnerable, and this script aids in detecting them and optionally downgrading to a stable, un-compromised version (5.4.6) or upgrading to latest version.",
"fork": false,
"created_at": "2024-03-30T19:23:30Z",
"updated_at": "2024-04-03T16:50:40Z",
"updated_at": "2024-04-03T19:58:28Z",
"pushed_at": "2024-04-03T07:56:31Z",
"stargazers_count": 13,
"watchers_count": 13,
"stargazers_count": 14,
"watchers_count": 14,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -409,7 +409,7 @@
],
"visibility": "public",
"forks": 5,
"watchers": 13,
"watchers": 14,
"score": 0,
"subscribers_count": 2
},
@ -487,10 +487,10 @@
"description": "An ssh honeypot with the XZ backdoor. CVE-2024-3094",
"fork": false,
"created_at": "2024-03-30T22:07:24Z",
"updated_at": "2024-04-03T08:49:32Z",
"updated_at": "2024-04-03T20:57:28Z",
"pushed_at": "2024-04-02T03:38:32Z",
"stargazers_count": 101,
"watchers_count": 101,
"stargazers_count": 102,
"watchers_count": 102,
"has_discussions": false,
"forks_count": 14,
"allow_forking": true,
@ -504,7 +504,7 @@
],
"visibility": "public",
"forks": 14,
"watchers": 101,
"watchers": 102,
"score": 0,
"subscribers_count": 5
},
@ -646,10 +646,10 @@
"description": null,
"fork": false,
"created_at": "2024-03-31T10:46:33Z",
"updated_at": "2024-04-03T16:13:17Z",
"updated_at": "2024-04-04T00:28:00Z",
"pushed_at": "2024-04-03T15:46:41Z",
"stargazers_count": 16,
"watchers_count": 16,
"stargazers_count": 17,
"watchers_count": 17,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -658,7 +658,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 16,
"watchers": 17,
"score": 0,
"subscribers_count": 2
},
@ -1006,19 +1006,19 @@
"description": "notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)",
"fork": false,
"created_at": "2024-04-01T14:28:09Z",
"updated_at": "2024-04-03T18:29:40Z",
"updated_at": "2024-04-04T00:29:34Z",
"pushed_at": "2024-04-03T04:58:50Z",
"stargazers_count": 2214,
"watchers_count": 2214,
"stargazers_count": 2491,
"watchers_count": 2491,
"has_discussions": false,
"forks_count": 127,
"forks_count": 144,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 127,
"watchers": 2214,
"forks": 144,
"watchers": 2491,
"score": 0,
"subscribers_count": 14
},
@ -1036,10 +1036,10 @@
"description": "Checker - CVE-2024-3094",
"fork": false,
"created_at": "2024-04-01T15:15:16Z",
"updated_at": "2024-04-02T22:46:47Z",
"updated_at": "2024-04-03T18:37:25Z",
"pushed_at": "2024-04-02T10:39:09Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -1048,7 +1048,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
@ -1346,7 +1346,7 @@
"fork": false,
"created_at": "2024-04-02T23:10:06Z",
"updated_at": "2024-04-02T23:10:07Z",
"pushed_at": "2024-04-02T23:10:07Z",
"pushed_at": "2024-04-03T20:05:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
@ -1450,5 +1450,65 @@
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 781642777,
"name": "CVE-2024-3094-Checker",
"full_name": "TheTorjanCaptain\/CVE-2024-3094-Checker",
"owner": {
"login": "TheTorjanCaptain",
"id": 109307319,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109307319?v=4",
"html_url": "https:\/\/github.com\/TheTorjanCaptain"
},
"html_url": "https:\/\/github.com\/TheTorjanCaptain\/CVE-2024-3094-Checker",
"description": "The repository consists of a checker file that confirms if your xz version and xz-utils package is vulnerable to CVE-2024-3094.",
"fork": false,
"created_at": "2024-04-03T19:10:43Z",
"updated_at": "2024-04-03T19:12:47Z",
"pushed_at": "2024-04-03T19:36:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 781709179,
"name": "CVE-2024-3094-Checker",
"full_name": "iheb2b\/CVE-2024-3094-Checker",
"owner": {
"login": "iheb2b",
"id": 61081690,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61081690?v=4",
"html_url": "https:\/\/github.com\/iheb2b"
},
"html_url": "https:\/\/github.com\/iheb2b\/CVE-2024-3094-Checker",
"description": "The CVE-2024-3094 Checker is a Bash tool for identifying if Linux systems are at risk from the CVE-2024-3094 flaw in XZ\/LZMA utilities. It checks XZ versions, SSHD's LZMA linkage, and scans for specific byte patterns, delivering results in a concise table format. ",
"fork": false,
"created_at": "2024-04-03T22:19:50Z",
"updated_at": "2024-04-03T22:20:53Z",
"pushed_at": "2024-04-03T22:24:23Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

9
README.md
View file

@ -281,6 +281,8 @@
- [Security-Phoenix-demo/CVE-2024-3094-fix-exploits](https://github.com/Security-Phoenix-demo/CVE-2024-3094-fix-exploits)
- [MagpieRYL/CVE-2024-3094-backdoor-env-container](https://github.com/MagpieRYL/CVE-2024-3094-backdoor-env-container)
- [Bella-Bc/xz-backdoor-CVE-2024-3094-Check](https://github.com/Bella-Bc/xz-backdoor-CVE-2024-3094-Check)
- [TheTorjanCaptain/CVE-2024-3094-Checker](https://github.com/TheTorjanCaptain/CVE-2024-3094-Checker)
- [iheb2b/CVE-2024-3094-Checker](https://github.com/iheb2b/CVE-2024-3094-Checker)
### CVE-2024-12883
- [mhtsec/cve-2024-12883](https://github.com/mhtsec/cve-2024-12883)
@ -4877,6 +4879,13 @@
- [Thirukrishnan/CVE-2023-33410](https://github.com/Thirukrishnan/CVE-2023-33410)
### CVE-2023-33466 (2023-06-29)
<code>Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the attacker to overwrite the configuration, which can be exploited to trigger Remote Code Execution (RCE).
</code>
- [v3gahax/CVE-2023-33466](https://github.com/v3gahax/CVE-2023-33466)
### CVE-2023-33476 (2023-06-02)
<code>ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write.