CVE-2023-44487.zip
826.7 KB
CVE-2023-44487
Author: sastraadiwiguna-purpleeliteteaming
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
GitHub Link:
https://github.com/sastraadiwiguna-purpleeliteteaming/DDoS-Purple-Teaming-Offensive-Multi-Vector-7-Tier-Defensive-Holistic-Blueprint-
Author: sastraadiwiguna-purpleeliteteaming
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
GitHub Link:
https://github.com/sastraadiwiguna-purpleeliteteaming/DDoS-Purple-Teaming-Offensive-Multi-Vector-7-Tier-Defensive-Holistic-Blueprint-
CVE-2015-2291.zip
3.8 MB
CVE-2015-2291
Author: paysonism
(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.
GitHub Link:
https://github.com/paysonism/CVE-2015-2291-Spoofer-Analysis
Author: paysonism
(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.
GitHub Link:
https://github.com/paysonism/CVE-2015-2291-Spoofer-Analysis
CVE-2024-23897.zip
3.2 KB
CVE-2024-23897
Author: wvverez
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
GitHub Link:
https://github.com/wvverez/CVE-2024-23897
Author: wvverez
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
GitHub Link:
https://github.com/wvverez/CVE-2024-23897
CVE-2015-3306.zip
470.8 KB
CVE-2015-3306
Author: canpilayda
The modcopy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
GitHub Link:
https://github.com/canpilayda/proftpd-modcopy-cve-2015-3306
Author: canpilayda
The modcopy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
GitHub Link:
https://github.com/canpilayda/proftpd-modcopy-cve-2015-3306
CVE-2026-22812
Author: barrersoftware
None
GitHub Link:
https://github.com/barrersoftware/opencode-secure
Author: barrersoftware
None
GitHub Link:
https://github.com/barrersoftware/opencode-secure