From 07b8b021e37c8eb8dc495c04d69c234d6a1fd3c7 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Wed, 4 Oct 2023 21:54:37 +0900 Subject: [PATCH] Auto Update 2023/10/04 12:54:36 --- 2009/CVE-2009-3103.json | 32 +++++++++++++++++++++++++++ 2014/CVE-2014-4210.json | 8 +++---- 2016/CVE-2016-0638.json | 8 +++---- 2017/CVE-2017-1000117.json | 30 ++++++++++++++++++++++++++ 2017/CVE-2017-17215.json | 36 +++++++++++++++++++++++++++++++ 2017/CVE-2017-3248.json | 8 +++---- 2017/CVE-2017-9248.json | 8 +++---- 2017/CVE-2017-9627.json | 32 +++++++++++++++++++++++++++ 2017/CVE-2017-9805.json | 30 ++++++++++++++++++++++++++ 2018/CVE-2018-14847.json | 12 +++++------ 2018/CVE-2018-2628.json | 8 +++---- 2019/CVE-2019-2618.json | 8 +++---- 2020/CVE-2020-2551.json | 8 +++---- 2021/CVE-2021-0928.json | 8 +++---- 2021/CVE-2021-21974.json | 12 +++++------ 2021/CVE-2021-4034.json | 8 +++---- 2021/CVE-2021-44228.json | 16 +++++++------- 2022/CVE-2022-32947.json | 8 +++---- 2022/CVE-2022-46169.json | 4 ++-- 2023/CVE-2023-20209.json | 4 ++-- 2023/CVE-2023-21282.json | 32 +++++++++++++++++++++++++++ 2023/CVE-2023-21288.json | 32 +++++++++++++++++++++++++++ 2023/CVE-2023-29357.json | 8 +++---- 2023/CVE-2023-38743.json | 4 ++-- 2023/CVE-2023-38831.json | 8 +++---- 2023/CVE-2023-42793.json | 4 ++-- 2023/CVE-2023-43654.json | 8 +++---- 2023/CVE-2023-4911.json | 32 +++++++++++++++++++++++++++ README.md | 44 +++++++++++++++++++++++++++++++++++++- 29 files changed, 379 insertions(+), 81 deletions(-) create mode 100644 2009/CVE-2009-3103.json create mode 100644 2017/CVE-2017-9627.json create mode 100644 2023/CVE-2023-21282.json create mode 100644 2023/CVE-2023-21288.json create mode 100644 2023/CVE-2023-4911.json diff --git a/2009/CVE-2009-3103.json b/2009/CVE-2009-3103.json new file mode 100644 index 0000000000..c05eb8343d --- /dev/null +++ b/2009/CVE-2009-3103.json @@ -0,0 +1,32 @@ +[ + { + "id": 79179589, + "name": "ms09050", + "full_name": "sooklalad\/ms09050", + "owner": { + "login": "sooklalad", + "id": 16028654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16028654?v=4", + "html_url": "https:\/\/github.com\/sooklalad" + }, + "html_url": "https:\/\/github.com\/sooklalad\/ms09050", + "description": "cve-2009-3103", + "fork": false, + "created_at": "2017-01-17T02:24:40Z", + "updated_at": "2018-12-28T02:07:14Z", + "pushed_at": "2017-01-17T03:31:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index 456d66effc..2ebcf091c7 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -43,10 +43,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-09-30T01:29:21Z", + "updated_at": "2023-10-04T07:37:13Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1791, - "watchers_count": 1791, + "stargazers_count": 1792, + "watchers_count": 1792, "has_discussions": false, "forks_count": 335, "allow_forking": true, @@ -76,7 +76,7 @@ ], "visibility": "public", "forks": 335, - "watchers": 1791, + "watchers": 1792, "score": 0, "subscribers_count": 34 }, diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index a2b9e59712..3e8964a3f3 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -13,10 +13,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-09-30T01:29:21Z", + "updated_at": "2023-10-04T07:37:13Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1791, - "watchers_count": 1791, + "stargazers_count": 1792, + "watchers_count": 1792, "has_discussions": false, "forks_count": 335, "allow_forking": true, @@ -46,7 +46,7 @@ ], "visibility": "public", "forks": 335, - "watchers": 1791, + "watchers": 1792, "score": 0, "subscribers_count": 34 }, diff --git a/2017/CVE-2017-1000117.json b/2017/CVE-2017-1000117.json index 8f93160c90..53c7dcc10f 100644 --- a/2017/CVE-2017-1000117.json +++ b/2017/CVE-2017-1000117.json @@ -539,6 +539,36 @@ "score": 0, "subscribers_count": 2 }, + { + "id": 166267328, + "name": "cve-2017-1000117", + "full_name": "cved-sources\/cve-2017-1000117", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2017-1000117", + "description": "cve-2017-1000117", + "fork": false, + "created_at": "2019-01-17T17:28:01Z", + "updated_at": "2021-04-15T21:21:51Z", + "pushed_at": "2021-04-15T21:21:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, { "id": 187589348, "name": "CVE-2017-1000117", diff --git a/2017/CVE-2017-17215.json b/2017/CVE-2017-17215.json index 3cbe4dbabf..4f8114f809 100644 --- a/2017/CVE-2017-17215.json +++ b/2017/CVE-2017-17215.json @@ -29,6 +29,42 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 313596733, + "name": "HG532d-RCE-Exploit", + "full_name": "wilfred-wulbou\/HG532d-RCE-Exploit", + "owner": { + "login": "wilfred-wulbou", + "id": 25276623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25276623?v=4", + "html_url": "https:\/\/github.com\/wilfred-wulbou" + }, + "html_url": "https:\/\/github.com\/wilfred-wulbou\/HG532d-RCE-Exploit", + "description": "A Remote Code Execution (RCE) exploit for Huawei HG532d based on CVE-2017-17215 vulnerability. Modded from original PoC code from exploit-db.com", + "fork": false, + "created_at": "2020-11-17T11:22:20Z", + "updated_at": "2023-09-28T11:22:12Z", + "pushed_at": "2021-03-31T23:28:44Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-17215", + "exploit", + "hg532", + "rce", + "vulnerability" + ], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, { "id": 560898089, "name": "HuaWei_Route_HG532_RCE_CVE-2017-17215", diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index 7e7bd0f6e2..47f7e73f82 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -43,10 +43,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-09-30T01:29:21Z", + "updated_at": "2023-10-04T07:37:13Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1791, - "watchers_count": 1791, + "stargazers_count": 1792, + "watchers_count": 1792, "has_discussions": false, "forks_count": 335, "allow_forking": true, @@ -76,7 +76,7 @@ ], "visibility": "public", "forks": 335, - "watchers": 1791, + "watchers": 1792, "score": 0, "subscribers_count": 34 }, diff --git a/2017/CVE-2017-9248.json b/2017/CVE-2017-9248.json index 4f8727bb56..2b76c202fc 100644 --- a/2017/CVE-2017-9248.json +++ b/2017/CVE-2017-9248.json @@ -43,10 +43,10 @@ "description": "A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.", "fork": false, "created_at": "2018-08-03T04:36:23Z", - "updated_at": "2023-10-03T06:38:37Z", + "updated_at": "2023-10-04T06:48:07Z", "pushed_at": "2018-08-14T07:47:02Z", - "stargazers_count": 91, - "watchers_count": 91, + "stargazers_count": 92, + "watchers_count": 92, "has_discussions": false, "forks_count": 25, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 25, - "watchers": 91, + "watchers": 92, "score": 0, "subscribers_count": 7 }, diff --git a/2017/CVE-2017-9627.json b/2017/CVE-2017-9627.json new file mode 100644 index 0000000000..1271aae971 --- /dev/null +++ b/2017/CVE-2017-9627.json @@ -0,0 +1,32 @@ +[ + { + "id": 355839204, + "name": "aaLogger", + "full_name": "USSCltd\/aaLogger", + "owner": { + "login": "USSCltd", + "id": 19225769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19225769?v=4", + "html_url": "https:\/\/github.com\/USSCltd" + }, + "html_url": "https:\/\/github.com\/USSCltd\/aaLogger", + "description": "CVE-2017-9627 CVE-2017-9629 CVE-2017-9631", + "fork": false, + "created_at": "2021-04-08T09:16:47Z", + "updated_at": "2021-09-24T08:56:05Z", + "pushed_at": "2021-04-08T09:20:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9805.json b/2017/CVE-2017-9805.json index f935adaee0..5919129d70 100644 --- a/2017/CVE-2017-9805.json +++ b/2017/CVE-2017-9805.json @@ -428,6 +428,36 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 354456108, + "name": "CVE-2017-9805-Exploit", + "full_name": "0xd3vil\/CVE-2017-9805-Exploit", + "owner": { + "login": "0xd3vil", + "id": 32324065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32324065?v=4", + "html_url": "https:\/\/github.com\/0xd3vil" + }, + "html_url": "https:\/\/github.com\/0xd3vil\/CVE-2017-9805-Exploit", + "description": "CVE-2017-9805-Exploit", + "fork": false, + "created_at": "2021-04-04T04:35:19Z", + "updated_at": "2023-09-28T11:26:26Z", + "pushed_at": "2021-04-04T04:35:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, { "id": 544634552, "name": "CVE-2017-9805", diff --git a/2018/CVE-2018-14847.json b/2018/CVE-2018-14847.json index a990ffc402..35289cd6c7 100644 --- a/2018/CVE-2018-14847.json +++ b/2018/CVE-2018-14847.json @@ -258,19 +258,19 @@ "description": "This is a proof of concept of the critical WinBox vulnerability (CVE-2018-14847) which allows for arbitrary file read of plain text passwords. The vulnerability has long since been fixed, so this project has ended and will not be supported or updated anymore. You can fork it and update it yourself instead.", "fork": false, "created_at": "2021-04-21T16:42:31Z", - "updated_at": "2023-09-13T23:52:53Z", + "updated_at": "2023-10-04T09:05:21Z", "pushed_at": "2021-04-21T16:46:37Z", - "stargazers_count": 23, - "watchers_count": 23, + "stargazers_count": 24, + "watchers_count": 24, "has_discussions": false, - "forks_count": 10, + "forks_count": 11, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 10, - "watchers": 23, + "forks": 11, + "watchers": 24, "score": 0, "subscribers_count": 2 }, diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index 778cd1f9dc..8ab380f3fe 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -587,10 +587,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-09-30T01:29:21Z", + "updated_at": "2023-10-04T07:37:13Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1791, - "watchers_count": 1791, + "stargazers_count": 1792, + "watchers_count": 1792, "has_discussions": false, "forks_count": 335, "allow_forking": true, @@ -620,7 +620,7 @@ ], "visibility": "public", "forks": 335, - "watchers": 1791, + "watchers": 1792, "score": 0, "subscribers_count": 34 }, diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index 64490b248e..ee58a8863a 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -193,10 +193,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-09-30T01:29:21Z", + "updated_at": "2023-10-04T07:37:13Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1791, - "watchers_count": 1791, + "stargazers_count": 1792, + "watchers_count": 1792, "has_discussions": false, "forks_count": 335, "allow_forking": true, @@ -226,7 +226,7 @@ ], "visibility": "public", "forks": 335, - "watchers": 1791, + "watchers": 1792, "score": 0, "subscribers_count": 34 } diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index d777f16366..1f9d9f767f 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -13,10 +13,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2023-09-30T01:29:21Z", + "updated_at": "2023-10-04T07:37:13Z", "pushed_at": "2022-07-17T12:41:46Z", - "stargazers_count": 1791, - "watchers_count": 1791, + "stargazers_count": 1792, + "watchers_count": 1792, "has_discussions": false, "forks_count": 335, "allow_forking": true, @@ -46,7 +46,7 @@ ], "visibility": "public", "forks": 335, - "watchers": 1791, + "watchers": 1792, "score": 0, "subscribers_count": 34 }, diff --git a/2021/CVE-2021-0928.json b/2021/CVE-2021-0928.json index de59d0c229..d53d12f8f7 100644 --- a/2021/CVE-2021-0928.json +++ b/2021/CVE-2021-0928.json @@ -13,10 +13,10 @@ "description": "Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a `writeToParcel`\/`createFromParcel` serialization mismatch in `OutputConfiguration`", "fork": false, "created_at": "2022-01-29T10:14:32Z", - "updated_at": "2023-09-15T21:10:45Z", + "updated_at": "2023-10-04T07:14:46Z", "pushed_at": "2022-03-03T17:50:03Z", - "stargazers_count": 78, - "watchers_count": 78, + "stargazers_count": 79, + "watchers_count": 79, "has_discussions": false, "forks_count": 19, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 19, - "watchers": 78, + "watchers": 79, "score": 0, "subscribers_count": 4 } diff --git a/2021/CVE-2021-21974.json b/2021/CVE-2021-21974.json index 28e1f57dac..882c601ebc 100644 --- a/2021/CVE-2021-21974.json +++ b/2021/CVE-2021-21974.json @@ -13,19 +13,19 @@ "description": "POC for CVE-2021-21974 VMWare ESXi RCE Exploit", "fork": false, "created_at": "2021-05-25T17:14:38Z", - "updated_at": "2023-09-28T11:28:03Z", + "updated_at": "2023-10-04T09:04:39Z", "pushed_at": "2021-07-09T19:38:41Z", - "stargazers_count": 155, - "watchers_count": 155, + "stargazers_count": 156, + "watchers_count": 156, "has_discussions": false, - "forks_count": 44, + "forks_count": 45, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 44, - "watchers": 155, + "forks": 45, + "watchers": 156, "score": 0, "subscribers_count": 4 }, diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index e96f351c14..ffa8793657 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -1982,10 +1982,10 @@ "description": "Proof of concept for pwnkit vulnerability", "fork": false, "created_at": "2022-01-27T14:43:57Z", - "updated_at": "2023-09-28T20:52:37Z", + "updated_at": "2023-10-04T07:02:41Z", "pushed_at": "2023-01-12T19:23:29Z", - "stargazers_count": 333, - "watchers_count": 333, + "stargazers_count": 334, + "watchers_count": 334, "has_discussions": false, "forks_count": 41, "allow_forking": true, @@ -1994,7 +1994,7 @@ "topics": [], "visibility": "public", "forks": 41, - "watchers": 333, + "watchers": 334, "score": 0, "subscribers_count": 6 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 6d99d20b52..8596a6efb3 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -972,10 +972,10 @@ "description": "Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam", "fork": false, "created_at": "2021-12-10T23:35:31Z", - "updated_at": "2023-08-09T18:23:24Z", + "updated_at": "2023-10-04T09:54:18Z", "pushed_at": "2021-12-14T13:43:35Z", - "stargazers_count": 98, - "watchers_count": 98, + "stargazers_count": 99, + "watchers_count": 99, "has_discussions": false, "forks_count": 20, "allow_forking": true, @@ -989,7 +989,7 @@ ], "visibility": "public", "forks": 20, - "watchers": 98, + "watchers": 99, "score": 0, "subscribers_count": 2 }, @@ -2076,10 +2076,10 @@ "description": "An agent to hotpatch the log4j RCE from CVE-2021-44228.", "fork": false, "created_at": "2021-12-12T01:24:51Z", - "updated_at": "2023-09-04T15:01:24Z", + "updated_at": "2023-10-04T11:09:30Z", "pushed_at": "2022-10-24T02:25:53Z", - "stargazers_count": 496, - "watchers_count": 496, + "stargazers_count": 497, + "watchers_count": 497, "has_discussions": false, "forks_count": 72, "allow_forking": true, @@ -2088,7 +2088,7 @@ "topics": [], "visibility": "public", "forks": 72, - "watchers": 496, + "watchers": 497, "score": 0, "subscribers_count": 26 }, diff --git a/2022/CVE-2022-32947.json b/2022/CVE-2022-32947.json index 571da91932..42250bdc6f 100644 --- a/2022/CVE-2022-32947.json +++ b/2022/CVE-2022-32947.json @@ -13,10 +13,10 @@ "description": "CVE-2022-32947 walkthough and demo", "fork": false, "created_at": "2023-09-17T08:21:47Z", - "updated_at": "2023-10-03T09:50:33Z", + "updated_at": "2023-10-04T11:45:57Z", "pushed_at": "2023-09-18T03:04:48Z", - "stargazers_count": 113, - "watchers_count": 113, + "stargazers_count": 114, + "watchers_count": 114, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 113, + "watchers": 114, "score": 0, "subscribers_count": 2 } diff --git a/2022/CVE-2022-46169.json b/2022/CVE-2022-46169.json index 5f4f59e7d7..15b84f60d0 100644 --- a/2022/CVE-2022-46169.json +++ b/2022/CVE-2022-46169.json @@ -48,13 +48,13 @@ "stargazers_count": 48, "watchers_count": 48, "has_discussions": false, - "forks_count": 13, + "forks_count": 12, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 13, + "forks": 12, "watchers": 48, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-20209.json b/2023/CVE-2023-20209.json index ec9cf9e39d..5ac5508838 100644 --- a/2023/CVE-2023-20209.json +++ b/2023/CVE-2023-20209.json @@ -18,13 +18,13 @@ "stargazers_count": 11, "watchers_count": 11, "has_discussions": false, - "forks_count": 3, + "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 3, + "forks": 4, "watchers": 11, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-21282.json b/2023/CVE-2023-21282.json new file mode 100644 index 0000000000..fcbcd688c0 --- /dev/null +++ b/2023/CVE-2023-21282.json @@ -0,0 +1,32 @@ +[ + { + "id": 700249234, + "name": "external_aac_AOSP10_r33_CVE-2023-21282", + "full_name": "Trinadh465\/external_aac_AOSP10_r33_CVE-2023-21282", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_aac_AOSP10_r33_CVE-2023-21282", + "description": null, + "fork": false, + "created_at": "2023-10-04T08:31:10Z", + "updated_at": "2023-10-04T08:33:06Z", + "pushed_at": "2023-10-04T08:33:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21288.json b/2023/CVE-2023-21288.json new file mode 100644 index 0000000000..e95d3819ed --- /dev/null +++ b/2023/CVE-2023-21288.json @@ -0,0 +1,32 @@ +[ + { + "id": 700206219, + "name": "platform_frameworks_base_CVE-2023-21288", + "full_name": "Trinadh465\/platform_frameworks_base_CVE-2023-21288", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_CVE-2023-21288", + "description": null, + "fork": false, + "created_at": "2023-10-04T06:42:19Z", + "updated_at": "2023-10-04T06:48:34Z", + "pushed_at": "2023-10-04T07:10:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29357.json b/2023/CVE-2023-29357.json index 7ff545eb15..d2ded3af60 100644 --- a/2023/CVE-2023-29357.json +++ b/2023/CVE-2023-29357.json @@ -13,10 +13,10 @@ "description": "Microsoft SharePoint Server Elevation of Privilege Vulnerability", "fork": false, "created_at": "2023-09-26T16:18:41Z", - "updated_at": "2023-10-04T06:20:54Z", + "updated_at": "2023-10-04T07:05:21Z", "pushed_at": "2023-09-26T19:04:21Z", - "stargazers_count": 143, - "watchers_count": 143, + "stargazers_count": 144, + "watchers_count": 144, "has_discussions": false, "forks_count": 20, "allow_forking": true, @@ -32,7 +32,7 @@ ], "visibility": "public", "forks": 20, - "watchers": 143, + "watchers": 144, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-38743.json b/2023/CVE-2023-38743.json index da44534f09..5598d5aa02 100644 --- a/2023/CVE-2023-38743.json +++ b/2023/CVE-2023-38743.json @@ -18,13 +18,13 @@ "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, + "forks": 2, "watchers": 4, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-38831.json b/2023/CVE-2023-38831.json index 336f4d11cd..07164ac4bd 100644 --- a/2023/CVE-2023-38831.json +++ b/2023/CVE-2023-38831.json @@ -179,13 +179,13 @@ "stargazers_count": 23, "watchers_count": 23, "has_discussions": false, - "forks_count": 5, + "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 5, + "forks": 6, "watchers": 23, "score": 0, "subscribers_count": 0 @@ -617,7 +617,7 @@ "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -627,7 +627,7 @@ "winrar" ], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 4, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-42793.json b/2023/CVE-2023-42793.json index d8d561d473..f4f676d641 100644 --- a/2023/CVE-2023-42793.json +++ b/2023/CVE-2023-42793.json @@ -18,7 +18,7 @@ "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -26,7 +26,7 @@ "cve-2023-42793" ], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 3, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-43654.json b/2023/CVE-2023-43654.json index cccb86d8f4..f91d6027dc 100644 --- a/2023/CVE-2023-43654.json +++ b/2023/CVE-2023-43654.json @@ -13,10 +13,10 @@ "description": "A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654", "fork": false, "created_at": "2023-10-02T11:33:37Z", - "updated_at": "2023-10-04T06:05:37Z", + "updated_at": "2023-10-04T09:02:59Z", "pushed_at": "2023-10-02T18:14:28Z", - "stargazers_count": 10, - "watchers_count": 10, + "stargazers_count": 21, + "watchers_count": 21, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 10, + "watchers": 21, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-4911.json b/2023/CVE-2023-4911.json new file mode 100644 index 0000000000..d717d1c1a3 --- /dev/null +++ b/2023/CVE-2023-4911.json @@ -0,0 +1,32 @@ +[ + { + "id": 700333818, + "name": "CVE-2023-4911-PoC", + "full_name": "Green-Avocado\/CVE-2023-4911-PoC", + "owner": { + "login": "Green-Avocado", + "id": 58372700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58372700?v=4", + "html_url": "https:\/\/github.com\/Green-Avocado" + }, + "html_url": "https:\/\/github.com\/Green-Avocado\/CVE-2023-4911-PoC", + "description": "https:\/\/www.qualys.com\/2023\/10\/03\/cve-2023-4911\/looney-tunables-local-privilege-escalation-glibc-ld-so.txt", + "fork": false, + "created_at": "2023-10-04T11:58:58Z", + "updated_at": "2023-10-04T12:01:04Z", + "pushed_at": "2023-10-04T12:02:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index fdc27c47bd..1b3eb1df08 100644 --- a/README.md +++ b/README.md @@ -719,6 +719,13 @@ - [OITApps/Find-VulnerableElectronVersion](https://github.com/OITApps/Find-VulnerableElectronVersion) - [GTGalaxi/ElectronVulnerableVersion](https://github.com/GTGalaxi/ElectronVulnerableVersion) +### CVE-2023-4911 (2023-10-03) + +A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. + + +- [Green-Avocado/CVE-2023-4911-PoC](https://github.com/Green-Avocado/CVE-2023-4911-PoC) + ### CVE-2023-5024 (2023-09-17) Es wurde eine Schwachstelle in Planno 23.04.04 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Komponente Comment Handler. Durch Beeinflussen mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. @@ -888,6 +895,13 @@ - [Trinadh465/platform_frameworks_base_CVE-2023-21281](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-21281) +### CVE-2023-21282 (2023-08-14) + +In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.\n\n + + +- [Trinadh465/external_aac_AOSP10_r33_CVE-2023-21282](https://github.com/Trinadh465/external_aac_AOSP10_r33_CVE-2023-21282) + ### CVE-2023-21286 (2023-08-14) In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n @@ -895,6 +909,13 @@ - [Trinadh465/platform_frameworks_base_CVE-2023-21286](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-21286) +### CVE-2023-21288 (2023-08-14) + +In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/platform_frameworks_base_CVE-2023-21288](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-21288) + ### CVE-2023-21389 - [sxsuperxuan/Weblogic_CVE-2023-21389](https://github.com/sxsuperxuan/Weblogic_CVE-2023-21389) @@ -3881,7 +3902,11 @@ - [ally-petitt/CVE-2023-43154-PoC](https://github.com/ally-petitt/CVE-2023-43154-PoC) -### CVE-2023-43261 +### CVE-2023-43261 (-) + +An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. + + - [win3zz/CVE-2023-43261](https://github.com/win3zz/CVE-2023-43261) ### CVE-2023-43263 (2023-09-26) @@ -29855,6 +29880,13 @@ - [faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc](https://github.com/faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc) +### CVE-2017-9627 (2017-07-07) + +An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service. + + +- [USSCltd/aaLogger](https://github.com/USSCltd/aaLogger) + ### CVE-2017-9769 (2017-08-02) A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process. @@ -29907,6 +29939,7 @@ - [rvermeulen/apache-struts-cve-2017-9805](https://github.com/rvermeulen/apache-struts-cve-2017-9805) - [jongmartinez/-CVE-2017-9805-](https://github.com/jongmartinez/-CVE-2017-9805-) - [z3bd/CVE-2017-9805](https://github.com/z3bd/CVE-2017-9805) +- [0xd3vil/CVE-2017-9805-Exploit](https://github.com/0xd3vil/CVE-2017-9805-Exploit) - [Shakun8/CVE-2017-9805](https://github.com/Shakun8/CVE-2017-9805) ### CVE-2017-9822 (2017-07-20) @@ -30629,6 +30662,7 @@ - [1337g/CVE-2017-17215](https://github.com/1337g/CVE-2017-17215) +- [wilfred-wulbou/HG532d-RCE-Exploit](https://github.com/wilfred-wulbou/HG532d-RCE-Exploit) - [ltfafei/HuaWei_Route_HG532_RCE_CVE-2017-17215](https://github.com/ltfafei/HuaWei_Route_HG532_RCE_CVE-2017-17215) ### CVE-2017-17275 @@ -30771,6 +30805,7 @@ - [chenzhuo0618/test](https://github.com/chenzhuo0618/test) - [siling2017/CVE-2017-1000117](https://github.com/siling2017/CVE-2017-1000117) - [Q2h1Cg/CVE-2017-1000117](https://github.com/Q2h1Cg/CVE-2017-1000117) +- [cved-sources/cve-2017-1000117](https://github.com/cved-sources/cve-2017-1000117) - [leezp/CVE-2017-1000117](https://github.com/leezp/CVE-2017-1000117) - [AnonymKing/CVE-2017-1000117](https://github.com/AnonymKing/CVE-2017-1000117) - [Jerry-zhuang/CVE-2017-1000117](https://github.com/Jerry-zhuang/CVE-2017-1000117) @@ -34889,6 +34924,13 @@ - [xiaoxiaoleo/CVE-2009-2698](https://github.com/xiaoxiaoleo/CVE-2009-2698) +### CVE-2009-3103 (2009-09-08) + +Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, aka "SMBv2 Negotiation Vulnerability." NOTE: some of these details are obtained from third party information. + + +- [sooklalad/ms09050](https://github.com/sooklalad/ms09050) + ### CVE-2009-3555 (2009-11-09) The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.