In our latest release, we have added a significant number of trending CVEs and are excited to announce the addition of new local privilege escalation templates.
These valuable contributions come from our community, with a notable contribution from @daffainfo, and are available at Local Privilege Escalation Templates.
These templates utilize the newly introduced code protocol, enhancing their capability to detect vulnerabilities more effectively.
It’s important to note that these templates are specifically designed for local execution to identify privilege escalation vulnerabilities.
For security reasons, they are not executed as part of the default Nuclei scan. We ensure the security and authenticity of these templates by signing them officially.
To run these templates, users need to provide the -code
flag along with -itags local
.
These additions are particularly useful for penetration testing and red-teaming focusing on privilege escalation, and we plan to further expand their coverage in future updates.
Following Are The Other Highlights Of This Release:
- javascript/cves/2024/CVE-2024-23897.yaml by @iamnoooob,@rootxharsh,@pdresearch ????
- http/cves/2024/CVE-2024-0204.yaml by @dhiyaneshdk ????
- http/cves/2023/CVE-2023-47211.yaml by @gy741 ????
- http/cves/2023/CVE-2023-22527.yaml by @Iamnooob,@rootxharsh,@pdresearch ????
- http/cves/2023/CVE-2023-6875.yaml by @iamnoooob,@rootxharsh,@pdresearch ????
- http/cves/2019/CVE-2019-16469.yaml by @DomenicoVeneziano ????
What’s Changed
New Templates Added: 106
| CVEs Added: 14
| First-time contributions: 14
- javascript/cves/2024/CVE-2024-23897.yaml by @iamnoooob,@rootxharsh,@pdresearch ????
- http/cves/2024/CVE-2024-0204.yaml by @dhiyaneshdk ????
- http/cves/2023/CVE-2023-48023.yaml by @cookiehanhoan,@harryha
- http/cves/2023/CVE-2023-47643.yaml by @isacaya
- http/cves/2023/CVE-2023-47211.yaml by @gy741 ????
- http/cves/2023/CVE-2023-44352.yaml by @pwnwithlove
- http/cves/2023/CVE-2023-27640.yaml by @mastercho
- http/cves/2023/CVE-2023-27639.yaml by @mastercho
- http/cves/2023/CVE-2023-22527.yaml by @Iamnooob,@rootxharsh,@pdresearch ????
- http/cves/2023/CVE-2023-6977.yaml by @gy741
- http/cves/2023/CVE-2023-6875.yaml by @iamnoooob,@rootxharsh,@pdresearch ????
- http/cves/2023/CVE-2023-6023.yaml by @M0ck3d,@cookiehanhoan
- http/cves/2019/CVE-2019-16469.yaml by @DomenicoVeneziano ????
- http/cves/2018/CVE-2018-10942.yaml by @mastercho
- http/vulnerabilities/apache/apache-nifi-rce.yaml by @arliya
- http/vulnerabilities/juniper/junos-xss.yaml by @dhiyaneshdk
- http/vulnerabilities/prestashop/prestashop-blocktestimonial-file-upload.yaml by @mastercho
- http/vulnerabilities/vbulletin/vbulletin-backdoor.yaml by @mastercho
- code/privilege-escalation/linux/binary/privesc-aa-exec.yaml by @daffainfo
- code/privilege-escalation/linux/binary/privesc-ash.yaml by @daffainfo
- code/privilege-escalation/linux/binary/privesc-awk.yaml by @daffainfo
- code/privilege-escalation/linux/binary/privesc-bash.yaml by @daffainfo
For more information click here