mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2020/11/13 00:09:10

Browse source
This commit is contained in:
motikan2010-bot 2020-11-13 00:09:10 +09:00
parent f41d5f9e28
commit 06ff607a4e
26 changed files with 235 additions and 85 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
2015/CVE-2015-1538.json
View file

@ -59,7 +59,7 @@
"description": "An exploit for CVE-2015-1538-1 - Google Stagefright stsc MP4 Atom Integer Overflow Remote Code Execution",
"fork": false,
"created_at": "2015-09-10T23:00:59Z",
"updated_at": "2020-09-09T16:16:48Z",
"updated_at": "2020-11-12T10:10:45Z",
"pushed_at": "2015-09-10T23:01:09Z",
"stargazers_count": 192,
"watchers_count": 192,

2
2015/CVE-2015-3636.json
View file

@ -82,7 +82,7 @@
"description": "PoC code for 32 bit Android OS",
"fork": false,
"created_at": "2015-09-12T01:31:36Z",
"updated_at": "2020-10-12T09:52:11Z",
"updated_at": "2020-11-12T10:10:34Z",
"pushed_at": "2015-12-15T05:42:02Z",
"stargazers_count": 130,
"watchers_count": 130,

8
2015/CVE-2015-5602.json
View file

@ -13,13 +13,13 @@
"description": "Sudo <= 1.8.14 Local Privilege Escalation and vulnerable container",
"fork": false,
"created_at": "2017-12-16T00:23:30Z",
"updated_at": "2020-03-29T08:18:39Z",
"updated_at": "2020-11-12T13:12:48Z",
"pushed_at": "2017-12-16T00:39:19Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"forks_count": 12,
"forks": 12,
"watchers": 7,
"watchers": 8,
"score": 0
},
{

4
2015/CVE-2015-8562.json
View file

@ -132,8 +132,8 @@
"pushed_at": "2020-03-23T15:56:02Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 3,
"forks": 3,
"forks_count": 4,
"forks": 4,
"watchers": 4,
"score": 0
},

4
2017/CVE-2017-15361.json
View file

@ -86,8 +86,8 @@
"pushed_at": "2018-09-04T21:35:36Z",
"stargazers_count": 33,
"watchers_count": 33,
"forks_count": 24,
"forks": 24,
"forks_count": 25,
"forks": 25,
"watchers": 33,
"score": 0
},

8
2017/CVE-2017-3881.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2017-3881 Cisco Catalyst Remote Code Execution PoC",
"fork": false,
"created_at": "2017-04-10T03:44:04Z",
"updated_at": "2020-09-23T11:03:49Z",
"updated_at": "2020-11-12T10:36:38Z",
"pushed_at": "2017-04-12T09:17:27Z",
"stargazers_count": 170,
"watchers_count": 170,
"stargazers_count": 171,
"watchers_count": 171,
"forks_count": 81,
"forks": 81,
"watchers": 170,
"watchers": 171,
"score": 0
},
{

4
2017/CVE-2017-5638.json
View file

@ -86,8 +86,8 @@
"pushed_at": "2017-03-09T19:50:50Z",
"stargazers_count": 21,
"watchers_count": 21,
"forks_count": 18,
"forks": 18,
"forks_count": 19,
"forks": 19,
"watchers": 21,
"score": 0
},

14
2017/CVE-2017-7921.json
View file

@ -36,13 +36,13 @@
"description": "海康威视未授权访问检测poc及口令爆破",
"fork": false,
"created_at": "2020-11-12T09:02:10Z",
"updated_at": "2020-11-12T09:02:15Z",
"pushed_at": "2020-11-12T09:02:12Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"updated_at": "2020-11-12T11:53:42Z",
"pushed_at": "2020-11-12T09:33:24Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 2,
"forks": 2,
"watchers": 1,
"score": 0
}
]

4
2018/CVE-2018-6389.json
View file

@ -473,8 +473,8 @@
"description": null,
"fork": false,
"created_at": "2020-10-18T14:01:59Z",
"updated_at": "2020-11-12T02:52:44Z",
"pushed_at": "2020-11-12T02:52:42Z",
"updated_at": "2020-11-12T12:21:51Z",
"pushed_at": "2020-11-12T12:21:49Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,

8
2018/CVE-2018-7600.json
View file

@ -36,13 +36,13 @@
"description": "Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 \/ CVE-2018-7600 \/ SA-CORE-2018-002)",
"fork": false,
"created_at": "2018-04-12T22:53:14Z",
"updated_at": "2020-10-27T13:33:49Z",
"updated_at": "2020-11-12T11:45:52Z",
"pushed_at": "2019-03-13T07:11:23Z",
"stargazers_count": 440,
"watchers_count": 440,
"stargazers_count": 441,
"watchers_count": 441,
"forks_count": 145,
"forks": 145,
"watchers": 440,
"watchers": 441,
"score": 0
},
{

4
2019/CVE-2019-17558.json
View file

@ -40,8 +40,8 @@
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2047,
"watchers_count": 2047,
"forks_count": 546,
"forks": 546,
"forks_count": 545,
"forks": 545,
"watchers": 2047,
"score": 0
},

12
2019/CVE-2019-19781.json
View file

@ -40,8 +40,8 @@
"pushed_at": "2020-01-18T07:01:29Z",
"stargazers_count": 352,
"watchers_count": 352,
"forks_count": 114,
"forks": 114,
"forks_count": 113,
"forks": 113,
"watchers": 352,
"score": 0
},
@ -82,13 +82,13 @@
"description": "Test a host for susceptibility to CVE-2019-19781",
"fork": false,
"created_at": "2020-01-11T00:26:16Z",
"updated_at": "2020-10-23T20:03:04Z",
"updated_at": "2020-11-12T11:23:32Z",
"pushed_at": "2020-10-23T19:35:42Z",
"stargazers_count": 98,
"watchers_count": 98,
"stargazers_count": 99,
"watchers_count": 99,
"forks_count": 29,
"forks": 29,
"watchers": 98,
"watchers": 99,
"score": 0
},
{

4
2019/CVE-2019-7238.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2019-02-25T07:37:07Z",
"stargazers_count": 134,
"watchers_count": 134,
"forks_count": 43,
"forks": 43,
"forks_count": 44,
"forks": 44,
"watchers": 134,
"score": 0
},

24
2020/CVE-2020-1472.json
View file

@ -36,13 +36,13 @@
"description": "Test tool for CVE-2020-1472",
"fork": false,
"created_at": "2020-09-08T08:58:37Z",
"updated_at": "2020-11-09T17:44:53Z",
"updated_at": "2020-11-12T13:58:04Z",
"pushed_at": "2020-10-21T12:10:28Z",
"stargazers_count": 1182,
"watchers_count": 1182,
"stargazers_count": 1183,
"watchers_count": 1183,
"forks_count": 267,
"forks": 267,
"watchers": 1182,
"watchers": 1183,
"score": 0
},
{
@ -82,13 +82,13 @@
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
"fork": false,
"created_at": "2020-09-14T16:56:51Z",
"updated_at": "2020-11-11T15:44:42Z",
"updated_at": "2020-11-12T14:01:25Z",
"pushed_at": "2020-11-03T09:45:24Z",
"stargazers_count": 694,
"watchers_count": 694,
"stargazers_count": 695,
"watchers_count": 695,
"forks_count": 201,
"forks": 201,
"watchers": 694,
"watchers": 695,
"score": 0
},
{
@ -266,13 +266,13 @@
"description": "Ladon Moudle CVE-2020-1472 Exploit 域控提权神器",
"fork": false,
"created_at": "2020-09-15T16:10:21Z",
"updated_at": "2020-11-08T11:21:47Z",
"updated_at": "2020-11-12T14:04:11Z",
"pushed_at": "2020-09-15T16:40:53Z",
"stargazers_count": 42,
"watchers_count": 42,
"stargazers_count": 43,
"watchers_count": 43,
"forks_count": 10,
"forks": 10,
"watchers": 42,
"watchers": 43,
"score": 0
},
{

28
2020/CVE-2020-14882.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2047,
"watchers_count": 2047,
"forks_count": 546,
"forks": 546,
"forks_count": 545,
"forks": 545,
"watchers": 2047,
"score": 0
},
@ -59,13 +59,13 @@
"description": "CVE-202014882、CVE-202014883",
"fork": false,
"created_at": "2020-10-28T11:43:37Z",
"updated_at": "2020-11-11T07:10:25Z",
"updated_at": "2020-11-12T14:47:52Z",
"pushed_at": "2020-11-04T02:26:59Z",
"stargazers_count": 153,
"watchers_count": 153,
"forks_count": 28,
"forks": 28,
"watchers": 153,
"stargazers_count": 164,
"watchers_count": 164,
"forks_count": 29,
"forks": 29,
"watchers": 164,
"score": 0
},
{
@ -381,13 +381,13 @@
"description": null,
"fork": false,
"created_at": "2020-11-09T08:03:44Z",
"updated_at": "2020-11-12T06:23:26Z",
"updated_at": "2020-11-12T10:07:30Z",
"pushed_at": "2020-11-12T06:23:23Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 1,
"forks": 1,
"watchers": 2,
"score": 0
},
{

25
2020/CVE-2020-15228.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 312263531,
"name": "fix-CVE-2020-15228",
"full_name": "guettli\/fix-CVE-2020-15228",
"owner": {
"login": "guettli",
"id": 414336,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/414336?v=4",
"html_url": "https:\/\/github.com\/guettli"
},
"html_url": "https:\/\/github.com\/guettli\/fix-CVE-2020-15228",
"description": "Fix CVE-2020-15228 (set-env, add-path in Github-Actions)",
"fork": false,
"created_at": "2020-11-12T11:59:47Z",
"updated_at": "2020-11-12T15:02:45Z",
"pushed_at": "2020-11-12T15:02:43Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2020/CVE-2020-15999.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2020-15999",
"fork": false,
"created_at": "2020-10-28T16:16:25Z",
"updated_at": "2020-11-11T03:47:51Z",
"updated_at": "2020-11-12T09:46:24Z",
"pushed_at": "2020-11-03T17:53:20Z",
"stargazers_count": 18,
"watchers_count": 18,
"stargazers_count": 19,
"watchers_count": 19,
"forks_count": 4,
"forks": 4,
"watchers": 18,
"watchers": 19,
"score": 0
}
]

25
2020/CVE-2020-16126.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 312235133,
"name": "Ubuntu-Gnome-privilege-escalation",
"full_name": "zev3n\/Ubuntu-Gnome-privilege-escalation",
"owner": {
"login": "zev3n",
"id": 31406753,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/31406753?v=4",
"html_url": "https:\/\/github.com\/zev3n"
},
"html_url": "https:\/\/github.com\/zev3n\/Ubuntu-Gnome-privilege-escalation",
"description": "A bash script exploit of [CVE-2020-16126\/CVE-2020-16127] to achieve privilege escalation.",
"fork": false,
"created_at": "2020-11-12T09:58:42Z",
"updated_at": "2020-11-12T10:34:58Z",
"pushed_at": "2020-11-12T10:24:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2020/CVE-2020-17382.json
View file

@ -13,13 +13,13 @@
"description": "PoC exploits for CVE-2020-17382",
"fork": false,
"created_at": "2020-09-17T18:26:32Z",
"updated_at": "2020-11-09T11:40:46Z",
"updated_at": "2020-11-12T14:57:06Z",
"pushed_at": "2020-10-02T18:45:43Z",
"stargazers_count": 97,
"watchers_count": 97,
"stargazers_count": 98,
"watchers_count": 98,
"forks_count": 23,
"forks": 23,
"watchers": 97,
"watchers": 98,
"score": 0
}
]

25
2020/CVE-2020-2020.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 312256179,
"name": "CVE-2020-2020-14882",
"full_name": "x51\/CVE-2020-2020-14882",
"owner": {
"login": "x51",
"id": 45651912,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/45651912?v=4",
"html_url": "https:\/\/github.com\/x51"
},
"html_url": "https:\/\/github.com\/x51\/CVE-2020-2020-14882",
"description": null,
"fork": false,
"created_at": "2020-11-12T11:27:39Z",
"updated_at": "2020-11-12T12:16:35Z",
"pushed_at": "2020-11-12T12:26:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2020/CVE-2020-28414.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 312285919,
"name": "CVE-2020-28414",
"full_name": "jet-pentest\/CVE-2020-28414",
"owner": {
"login": "jet-pentest",
"id": 71512502,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/71512502?v=4",
"html_url": "https:\/\/github.com\/jet-pentest"
},
"html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-28414",
"description": null,
"fork": false,
"created_at": "2020-11-12T13:31:50Z",
"updated_at": "2020-11-12T13:32:04Z",
"pushed_at": "2020-11-12T13:32:02Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2020/CVE-2020-28415.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 312286062,
"name": "CVE-2020-28415",
"full_name": "jet-pentest\/CVE-2020-28415",
"owner": {
"login": "jet-pentest",
"id": 71512502,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/71512502?v=4",
"html_url": "https:\/\/github.com\/jet-pentest"
},
"html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-28415",
"description": null,
"fork": false,
"created_at": "2020-11-12T13:32:23Z",
"updated_at": "2020-11-12T13:32:34Z",
"pushed_at": "2020-11-12T13:32:31Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

4
2020/CVE-2020-2883.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2020-05-10T09:29:36Z",
"stargazers_count": 163,
"watchers_count": 163,
"forks_count": 32,
"forks": 32,
"forks_count": 31,
"forks": 31,
"watchers": 163,
"score": 0
},

12
2020/CVE-2020-3952.json
View file

@ -59,13 +59,13 @@
"description": "Exploit for CVE-2020-3952 in vCenter 6.7",
"fork": false,
"created_at": "2020-04-16T07:40:51Z",
"updated_at": "2020-11-10T15:40:43Z",
"updated_at": "2020-11-12T11:31:31Z",
"pushed_at": "2020-04-16T08:38:42Z",
"stargazers_count": 224,
"watchers_count": 224,
"forks_count": 53,
"forks": 53,
"watchers": 224,
"stargazers_count": 225,
"watchers_count": 225,
"forks_count": 54,
"forks": 54,
"watchers": 225,
"score": 0
},
{

8
2020/CVE-2020-6287.json
View file

@ -36,13 +36,13 @@
"description": "PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https:\/\/github.com\/rapid7\/metasploit-framework\/pull\/13852\/commits\/d1e2c75b3eafa7f62a6aba9fbe6220c8da97baa8 This PoC only create user with unauthentication permission and no more administrator permission set. This project is created only for educational purposes and cannot be used for law violation or personal gain. The author of this project is not responsible for any possible harm caused by the materials of this project. Original finding: CVE-2020-6287: Pablo Artuso CVE-2020-6286: Yvan 'iggy' G. Usage: python sap-CVE-2020-6287-add-user.py <HTTP(s):\/\/IP:Port",
"fork": false,
"created_at": "2020-07-20T18:45:53Z",
"updated_at": "2020-11-05T07:49:02Z",
"updated_at": "2020-11-12T09:29:22Z",
"pushed_at": "2020-07-21T18:50:07Z",
"stargazers_count": 68,
"watchers_count": 68,
"stargazers_count": 69,
"watchers_count": 69,
"forks_count": 20,
"forks": 20,
"watchers": 68,
"watchers": 69,
"score": 0
},
{

25
README.md
View file

@ -645,6 +645,9 @@ A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and
- [wuzuowei/CVE-2020-1983](https://github.com/wuzuowei/CVE-2020-1983)
### CVE-2020-2020
- [x51/CVE-2020-2020-14882](https://github.com/x51/CVE-2020-2020-14882)
### CVE-2020-2034 (2020-07-08)
<code>
@ -2368,6 +2371,14 @@ Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerab
- [Langriklol/CVE-2020-15227](https://github.com/Langriklol/CVE-2020-15227)
- [hu4wufu/CVE-2020-15227](https://github.com/hu4wufu/CVE-2020-15227)
### CVE-2020-15228 (2020-10-01)
<code>
In the `@actions/core` npm module before version 1.2.6,`addPath` and `exportVariable` functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment variables being modified without the intention of the workflow or action author. The runner will release an update that disables the `set-env` and `add-path` workflow commands in the near future. For now, users should upgrade to `@actions/core v1.2.6` or later, and replace any instance of the `set-env` or `add-path` commands in their workflows with the new Environment File Syntax. Workflows and actions using the old commands or older versions of the toolkit will start to warn, then error out during workflow execution.
</code>
- [guettli/fix-CVE-2020-15228](https://github.com/guettli/fix-CVE-2020-15228)
### CVE-2020-15367 (2020-07-07)
<code>
@ -2443,6 +2454,14 @@ Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed
- [marcinguy/CVE-2020-15999](https://github.com/marcinguy/CVE-2020-15999)
### CVE-2020-16126 (2020-11-10)
<code>
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion.
</code>
- [zev3n/Ubuntu-Gnome-privilege-escalation](https://github.com/zev3n/Ubuntu-Gnome-privilege-escalation)
### CVE-2020-16152
- [eriknl/CVE-2020-16152](https://github.com/eriknl/CVE-2020-16152)
@ -2865,6 +2884,12 @@ The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an
- [dievus/CVE-2020-28351](https://github.com/dievus/CVE-2020-28351)
### CVE-2020-28414
- [jet-pentest/CVE-2020-28414](https://github.com/jet-pentest/CVE-2020-28414)
### CVE-2020-28415
- [jet-pentest/CVE-2020-28415](https://github.com/jet-pentest/CVE-2020-28415)
### CVE-2020-72381
- [jdordonezn/CVE-2020-72381](https://github.com/jdordonezn/CVE-2020-72381)