From 0aae27907aa91e975fe7b1dc44fcc90c470d2456 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sat, 2 Jan 2021 00:09:36 +0900 Subject: [PATCH] Auto Update 2021/01/02 00:09:36 --- 2003/CVE-2003-0264.json | 46 - 2007/CVE-2007-1858.json | 25 + 2012/CVE-2012-4929.json | 23 + 2014/CVE-2014-0160.json | 23 + 2015/CVE-2015-0204.json | 23 + 2016/CVE-2016-0800.json | 25 + 2016/CVE-2016-10033.json | 4 +- 2017/CVE-2017-0038.json | 25 + 2017/CVE-2017-0065.json | 25 + 2017/CVE-2017-0106.json | 25 + 2017/CVE-2017-0108.json | 25 + 2017/CVE-2017-0143.json | 23 + 2017/CVE-2017-0145.json | 25 + 2017/CVE-2017-0199.json | 368 ++++++++ 2017/CVE-2017-0204.json | 25 + 2017/CVE-2017-0213.json | 69 ++ 2017/CVE-2017-0290.json | 25 + 2017/CVE-2017-0478.json | 23 + 2017/CVE-2017-0541.json | 23 + 2017/CVE-2017-0554.json | 25 + 2017/CVE-2017-0564.json | 25 + 2017/CVE-2017-0781.json | 23 + 2017/CVE-2017-0785.json | 138 +++ 2017/CVE-2017-0807.json | 25 + 2017/CVE-2017-1000000.json | 25 + 2017/CVE-2017-1000117.json | 460 ++++++++++ 2017/CVE-2017-1000250.json | 25 + 2017/CVE-2017-1000251.json | 94 ++ 2017/CVE-2017-1000253.json | 25 + 2017/CVE-2017-1000367.json | 71 ++ 2017/CVE-2017-1000405.json | 25 + 2017/CVE-2017-1000475.json | 25 + 2017/CVE-2017-10235.json | 25 + 2017/CVE-2017-10271.json | 207 +++++ 2017/CVE-2017-10661.json | 25 + 2017/CVE-2017-10797.json | 25 + 2017/CVE-2017-11611.json | 25 + 2017/CVE-2017-11816.json | 25 + 2017/CVE-2017-11882.json | 345 ++++++++ 2017/CVE-2017-12149.json | 46 + 2017/CVE-2017-12426.json | 25 + 2017/CVE-2017-12611.json | 25 + 2017/CVE-2017-12615.json | 115 +++ 2017/CVE-2017-12617.json | 46 + 2017/CVE-2017-12792.json | 25 + 2017/CVE-2017-12852.json | 25 + 2017/CVE-2017-12943.json | 25 + 2017/CVE-2017-13089.json | 48 + 2017/CVE-2017-13156.json | 23 + 2017/CVE-2017-13672.json | 25 + 2017/CVE-2017-13868.json | 25 + 2017/CVE-2017-13872.json | 25 + 2017/CVE-2017-14105.json | 25 + 2017/CVE-2017-14262.json | 25 + 2017/CVE-2017-14263.json | 25 + 2017/CVE-2017-14491.json | 25 + 2017/CVE-2017-15361.json | 92 ++ 2017/CVE-2017-15394.json | 25 + 2017/CVE-2017-15708.json | 25 + 2017/CVE-2017-15944.json | 23 + 2017/CVE-2017-1635.json | 25 + 2017/CVE-2017-16524.json | 25 + 2017/CVE-2017-16806.json | 25 + 2017/CVE-2017-16997.json | 25 + 2017/CVE-2017-17215.json | 23 + 2017/CVE-2017-17485.json | 23 + 2017/CVE-2017-17562.json | 23 + 2017/CVE-2017-17692.json | 25 + 2017/CVE-2017-18486.json | 25 + 2017/CVE-2017-2368.json | 25 + 2017/CVE-2017-2370.json | 69 ++ 2017/CVE-2017-2388.json | 25 + 2017/CVE-2017-2636.json | 25 + 2017/CVE-2017-2671.json | 25 + 2017/CVE-2017-2793.json | 25 + 2017/CVE-2017-3078.json | 25 + 2017/CVE-2017-3241.json | 25 + 2017/CVE-2017-3599.json | 25 + 2017/CVE-2017-3730.json | 48 + 2017/CVE-2017-3881.json | 117 +++ 2017/CVE-2017-4490.json | 48 + 2017/CVE-2017-4878.json | 25 + 2017/CVE-2017-5005.json | 25 + 2017/CVE-2017-5123.json | 46 + 2017/CVE-2017-5124.json | 25 + 2017/CVE-2017-5415.json | 25 + 2017/CVE-2017-5487.json | 23 + 2017/CVE-2017-5633.json | 25 + 2017/CVE-2017-5638.json | 966 ++++++++++++++++++++ 2017/CVE-2017-5689.json | 69 ++ 2017/CVE-2017-5715.json | 46 + 2017/CVE-2017-5721.json | 25 + 2017/CVE-2017-5753.json | 138 +++ 2017/CVE-2017-5754.json | 69 ++ 2017/CVE-2017-6370.json | 25 + 2017/CVE-2017-6736.json | 23 + 2017/CVE-2017-6971.json | 23 + 2017/CVE-2017-7038.json | 25 + 2017/CVE-2017-7047.json | 48 + 2017/CVE-2017-7061.json | 25 + 2017/CVE-2017-7089.json | 48 + 2017/CVE-2017-7173.json | 25 + 2017/CVE-2017-7184.json | 48 + 2017/CVE-2017-7188.json | 25 + 2017/CVE-2017-7269.json | 276 ++++++ 2017/CVE-2017-7472.json | 25 + 2017/CVE-2017-7494.json | 138 +++ 2017/CVE-2017-7525.json | 46 + 2017/CVE-2017-7529.json | 23 + 2017/CVE-2017-7648.json | 25 + 2017/CVE-2017-7679.json | 25 + 2017/CVE-2017-7912.json | 25 + 2017/CVE-2017-7998.json | 25 + 2017/CVE-2017-8046.json | 23 + 2017/CVE-2017-8295.json | 46 + 2017/CVE-2017-8382.json | 25 + 2017/CVE-2017-8464.json | 69 ++ 2017/CVE-2017-8543.json | 25 + 2017/CVE-2017-8570.json | 23 + 2017/CVE-2017-8625.json | 25 + 2017/CVE-2017-8641.json | 25 + 2017/CVE-2017-8759.json | 230 +++++ 2017/CVE-2017-8779.json | 25 + 2017/CVE-2017-8802.json | 25 + 2017/CVE-2017-8917.json | 23 + 2017/CVE-2017-9097.json | 25 + 2017/CVE-2017-9417.json | 25 + 2017/CVE-2017-9430.json | 48 + 2017/CVE-2017-9476.json | 25 + 2017/CVE-2017-9606.json | 25 + 2017/CVE-2017-9609.json | 25 + 2017/CVE-2017-9779.json | 25 + 2017/CVE-2017-9791.json | 46 + 2017/CVE-2017-9798.json | 69 ++ 2017/CVE-2017-9805.json | 115 +++ 2017/CVE-2017-98505.json | 25 + 2017/CVE-2017-9999.json | 25 + 2018/CVE-2018-15473.json | 8 +- 2019/CVE-2019-0192.json | 23 + 2019/CVE-2019-0193.json | 23 + 2019/CVE-2019-0211.json | 25 + 2019/CVE-2019-0232.json | 46 + 2019/CVE-2019-0539.json | 25 + 2019/CVE-2019-0604.json | 46 + 2019/CVE-2019-0678.json | 25 + 2019/CVE-2019-0708.json | 1357 ++++++++++++++++++++++++++++ 2019/CVE-2019-0709.json | 48 + 2019/CVE-2019-0768.json | 25 + 2019/CVE-2019-0785.json | 25 + 2019/CVE-2019-0803.json | 25 + 2019/CVE-2019-0808.json | 69 ++ 2019/CVE-2019-0841.json | 71 ++ 2019/CVE-2019-0888.json | 25 + 2019/CVE-2019-0986.json | 25 + 2019/CVE-2019-1002101.json | 25 + 2019/CVE-2019-1003000.json | 69 ++ 2019/CVE-2019-10149.json | 115 +++ 2019/CVE-2019-10207.json | 25 + 2019/CVE-2019-1040.json | 43 +- 2019/CVE-2019-1064.json | 71 ++ 2019/CVE-2019-10685.json | 25 + 2019/CVE-2019-1069.json | 25 + 2019/CVE-2019-10869.json | 25 + 2019/CVE-2019-10915.json | 25 + 2019/CVE-2019-1096.json | 25 + 2019/CVE-2019-11076.json | 25 + 2019/CVE-2019-11223.json | 25 + 2019/CVE-2019-1132.json | 23 + 2019/CVE-2019-11358.json | 23 + 2019/CVE-2019-11477.json | 25 + 2019/CVE-2019-11523.json | 25 + 2019/CVE-2019-11580.json | 23 + 2019/CVE-2019-11581.json | 23 + 2019/CVE-2019-11881.json | 25 + 2019/CVE-2019-12169.json | 25 + 2019/CVE-2019-12170.json | 25 + 2019/CVE-2019-12185.json | 25 + 2019/CVE-2019-12189.json | 23 + 2019/CVE-2019-12190.json | 25 + 2019/CVE-2019-12252.json | 25 + 2019/CVE-2019-12272.json | 23 + 2019/CVE-2019-12384.json | 23 + 2019/CVE-2019-12453.json | 25 + 2019/CVE-2019-12460.json | 25 + 2019/CVE-2019-12475.json | 25 + 2019/CVE-2019-12594.json | 25 + 2019/CVE-2019-12735.json | 48 + 2019/CVE-2019-12796.json | 25 + 2019/CVE-2019-12949.json | 25 + 2019/CVE-2019-13027.json | 25 + 2019/CVE-2019-13063.json | 25 + 2019/CVE-2019-13272.json | 46 + 2019/CVE-2019-13403.json | 25 + 2019/CVE-2019-14439.json | 25 + 2019/CVE-2019-16098.json | 12 +- 2019/CVE-2019-1652.json | 25 + 2019/CVE-2019-1653.json | 48 + 2019/CVE-2019-17558.json | 4 +- 2019/CVE-2019-1821.json | 25 + 2019/CVE-2019-18634.json | 4 +- 2019/CVE-2019-19781.json | 8 +- 2019/CVE-2019-1987.json | 25 + 2019/CVE-2019-2107.json | 23 + 2019/CVE-2019-2615.json | 25 + 2019/CVE-2019-2618.json | 92 ++ 2019/CVE-2019-2725.json | 207 +++++ 2019/CVE-2019-3396.json | 115 +++ 2019/CVE-2019-3398.json | 25 + 2019/CVE-2019-3462.json | 48 + 2019/CVE-2019-3719.json | 25 + 2019/CVE-2019-3799.json | 25 + 2019/CVE-2019-3847.json | 25 + 2019/CVE-2019-48814.json | 25 + 2019/CVE-2019-5418.json | 92 ++ 2019/CVE-2019-5420.json | 48 + 2019/CVE-2019-5624.json | 25 + 2019/CVE-2019-5736.json | 299 +++++++ 2019/CVE-2019-5737.json | 25 + 2019/CVE-2019-5786.json | 25 + 2019/CVE-2019-6203.json | 25 + 2019/CVE-2019-6207.json | 23 + 2019/CVE-2019-6225.json | 71 ++ 2019/CVE-2019-6249.json | 25 + 2019/CVE-2019-6340.json | 138 +++ 2019/CVE-2019-6440.json | 25 + 2019/CVE-2019-6446.json | 25 + 2019/CVE-2019-6447.json | 23 + 2019/CVE-2019-6453.json | 23 + 2019/CVE-2019-6467.json | 25 + 2019/CVE-2019-7216.json | 25 + 2019/CVE-2019-7238.json | 46 + 2019/CVE-2019-7304.json | 48 + 2019/CVE-2019-7609.json | 8 +- 2019/CVE-2019-7642.json | 25 + 2019/CVE-2019-8389.json | 25 + 2019/CVE-2019-8513.json | 25 + 2019/CVE-2019-8540.json | 25 + 2019/CVE-2019-8565.json | 25 + 2019/CVE-2019-8627.json | 25 + 2019/CVE-2019-8942.json | 23 + 2019/CVE-2019-8956.json | 25 + 2019/CVE-2019-9184.json | 25 + 2019/CVE-2019-9194.json | 25 + 2019/CVE-2019-9202.json | 25 + 2019/CVE-2019-9580.json | 25 + 2019/CVE-2019-9621.json | 25 + 2019/CVE-2019-9653.json | 25 + 2019/CVE-2019-9673.json | 25 + 2019/CVE-2019-9729.json | 25 + 2019/CVE-2019-9730.json | 25 + 2019/CVE-2019-9787.json | 23 + 2019/CVE-2019-9810.json | 23 + 2019/CVE-2019-9896.json | 25 + 2019/CVE-2019-9978.json | 94 ++ 2020/CVE-2020-0796.json | 8 +- 2020/CVE-2020-1472.json | 8 +- 2020/CVE-2020-14882.json | 16 +- 2020/CVE-2020-25213.json | 4 +- 2020/CVE-2020-35728.json | 12 +- 2020/CVE-2020-5902.json | 8 +- README.md | 1698 +++++++++++++++++++++++++++++++++++- 261 files changed, 14609 insertions(+), 111 deletions(-) create mode 100644 2007/CVE-2007-1858.json create mode 100644 2016/CVE-2016-0800.json create mode 100644 2017/CVE-2017-0038.json create mode 100644 2017/CVE-2017-0065.json create mode 100644 2017/CVE-2017-0106.json create mode 100644 2017/CVE-2017-0108.json create mode 100644 2017/CVE-2017-0145.json create mode 100644 2017/CVE-2017-0204.json create mode 100644 2017/CVE-2017-0290.json create mode 100644 2017/CVE-2017-0554.json create mode 100644 2017/CVE-2017-0564.json create mode 100644 2017/CVE-2017-0807.json create mode 100644 2017/CVE-2017-1000000.json create mode 100644 2017/CVE-2017-1000250.json create mode 100644 2017/CVE-2017-1000251.json create mode 100644 2017/CVE-2017-1000253.json create mode 100644 2017/CVE-2017-1000367.json create mode 100644 2017/CVE-2017-1000405.json create mode 100644 2017/CVE-2017-1000475.json create mode 100644 2017/CVE-2017-10235.json create mode 100644 2017/CVE-2017-10661.json create mode 100644 2017/CVE-2017-10797.json create mode 100644 2017/CVE-2017-11611.json create mode 100644 2017/CVE-2017-11816.json create mode 100644 2017/CVE-2017-12426.json create mode 100644 2017/CVE-2017-12611.json create mode 100644 2017/CVE-2017-12792.json create mode 100644 2017/CVE-2017-12852.json create mode 100644 2017/CVE-2017-12943.json create mode 100644 2017/CVE-2017-13089.json create mode 100644 2017/CVE-2017-13672.json create mode 100644 2017/CVE-2017-13868.json create mode 100644 2017/CVE-2017-13872.json create mode 100644 2017/CVE-2017-14105.json create mode 100644 2017/CVE-2017-14262.json create mode 100644 2017/CVE-2017-14263.json create mode 100644 2017/CVE-2017-14491.json create mode 100644 2017/CVE-2017-15394.json create mode 100644 2017/CVE-2017-15708.json create mode 100644 2017/CVE-2017-1635.json create mode 100644 2017/CVE-2017-16524.json create mode 100644 2017/CVE-2017-16806.json create mode 100644 2017/CVE-2017-16997.json create mode 100644 2017/CVE-2017-17692.json create mode 100644 2017/CVE-2017-18486.json create mode 100644 2017/CVE-2017-2368.json create mode 100644 2017/CVE-2017-2388.json create mode 100644 2017/CVE-2017-2636.json create mode 100644 2017/CVE-2017-2671.json create mode 100644 2017/CVE-2017-2793.json create mode 100644 2017/CVE-2017-3078.json create mode 100644 2017/CVE-2017-3241.json create mode 100644 2017/CVE-2017-3599.json create mode 100644 2017/CVE-2017-3730.json create mode 100644 2017/CVE-2017-3881.json create mode 100644 2017/CVE-2017-4490.json create mode 100644 2017/CVE-2017-4878.json create mode 100644 2017/CVE-2017-5005.json create mode 100644 2017/CVE-2017-5124.json create mode 100644 2017/CVE-2017-5415.json create mode 100644 2017/CVE-2017-5633.json create mode 100644 2017/CVE-2017-5721.json create mode 100644 2017/CVE-2017-6370.json create mode 100644 2017/CVE-2017-7038.json create mode 100644 2017/CVE-2017-7047.json create mode 100644 2017/CVE-2017-7061.json create mode 100644 2017/CVE-2017-7089.json create mode 100644 2017/CVE-2017-7173.json create mode 100644 2017/CVE-2017-7184.json create mode 100644 2017/CVE-2017-7188.json create mode 100644 2017/CVE-2017-7472.json create mode 100644 2017/CVE-2017-7648.json create mode 100644 2017/CVE-2017-7679.json create mode 100644 2017/CVE-2017-7912.json create mode 100644 2017/CVE-2017-7998.json create mode 100644 2017/CVE-2017-8382.json create mode 100644 2017/CVE-2017-8543.json create mode 100644 2017/CVE-2017-8625.json create mode 100644 2017/CVE-2017-8641.json create mode 100644 2017/CVE-2017-8779.json create mode 100644 2017/CVE-2017-8802.json create mode 100644 2017/CVE-2017-9097.json create mode 100644 2017/CVE-2017-9417.json create mode 100644 2017/CVE-2017-9430.json create mode 100644 2017/CVE-2017-9476.json create mode 100644 2017/CVE-2017-9606.json create mode 100644 2017/CVE-2017-9609.json create mode 100644 2017/CVE-2017-9779.json create mode 100644 2017/CVE-2017-98505.json create mode 100644 2017/CVE-2017-9999.json create mode 100644 2019/CVE-2019-0211.json create mode 100644 2019/CVE-2019-0539.json create mode 100644 2019/CVE-2019-0678.json create mode 100644 2019/CVE-2019-0709.json create mode 100644 2019/CVE-2019-0768.json create mode 100644 2019/CVE-2019-0785.json create mode 100644 2019/CVE-2019-0803.json create mode 100644 2019/CVE-2019-0841.json create mode 100644 2019/CVE-2019-0888.json create mode 100644 2019/CVE-2019-0986.json create mode 100644 2019/CVE-2019-1002101.json create mode 100644 2019/CVE-2019-10207.json create mode 100644 2019/CVE-2019-1064.json create mode 100644 2019/CVE-2019-10685.json create mode 100644 2019/CVE-2019-1069.json create mode 100644 2019/CVE-2019-10869.json create mode 100644 2019/CVE-2019-10915.json create mode 100644 2019/CVE-2019-1096.json create mode 100644 2019/CVE-2019-11076.json create mode 100644 2019/CVE-2019-11223.json create mode 100644 2019/CVE-2019-11477.json create mode 100644 2019/CVE-2019-11523.json create mode 100644 2019/CVE-2019-11881.json create mode 100644 2019/CVE-2019-12169.json create mode 100644 2019/CVE-2019-12170.json create mode 100644 2019/CVE-2019-12185.json create mode 100644 2019/CVE-2019-12190.json create mode 100644 2019/CVE-2019-12252.json create mode 100644 2019/CVE-2019-12453.json create mode 100644 2019/CVE-2019-12460.json create mode 100644 2019/CVE-2019-12475.json create mode 100644 2019/CVE-2019-12594.json create mode 100644 2019/CVE-2019-12735.json create mode 100644 2019/CVE-2019-12796.json create mode 100644 2019/CVE-2019-12949.json create mode 100644 2019/CVE-2019-13027.json create mode 100644 2019/CVE-2019-13063.json create mode 100644 2019/CVE-2019-13403.json create mode 100644 2019/CVE-2019-14439.json create mode 100644 2019/CVE-2019-1652.json create mode 100644 2019/CVE-2019-1653.json create mode 100644 2019/CVE-2019-1821.json create mode 100644 2019/CVE-2019-1987.json create mode 100644 2019/CVE-2019-2615.json create mode 100644 2019/CVE-2019-3398.json create mode 100644 2019/CVE-2019-3462.json create mode 100644 2019/CVE-2019-3719.json create mode 100644 2019/CVE-2019-3799.json create mode 100644 2019/CVE-2019-3847.json create mode 100644 2019/CVE-2019-48814.json create mode 100644 2019/CVE-2019-5420.json create mode 100644 2019/CVE-2019-5624.json create mode 100644 2019/CVE-2019-5737.json create mode 100644 2019/CVE-2019-5786.json create mode 100644 2019/CVE-2019-6203.json create mode 100644 2019/CVE-2019-6225.json create mode 100644 2019/CVE-2019-6249.json create mode 100644 2019/CVE-2019-6440.json create mode 100644 2019/CVE-2019-6446.json create mode 100644 2019/CVE-2019-6467.json create mode 100644 2019/CVE-2019-7216.json create mode 100644 2019/CVE-2019-7304.json create mode 100644 2019/CVE-2019-7642.json create mode 100644 2019/CVE-2019-8389.json create mode 100644 2019/CVE-2019-8513.json create mode 100644 2019/CVE-2019-8540.json create mode 100644 2019/CVE-2019-8565.json create mode 100644 2019/CVE-2019-8627.json create mode 100644 2019/CVE-2019-8956.json create mode 100644 2019/CVE-2019-9184.json create mode 100644 2019/CVE-2019-9194.json create mode 100644 2019/CVE-2019-9202.json create mode 100644 2019/CVE-2019-9580.json create mode 100644 2019/CVE-2019-9621.json create mode 100644 2019/CVE-2019-9653.json create mode 100644 2019/CVE-2019-9673.json create mode 100644 2019/CVE-2019-9729.json create mode 100644 2019/CVE-2019-9730.json create mode 100644 2019/CVE-2019-9896.json create mode 100644 2019/CVE-2019-9978.json diff --git a/2003/CVE-2003-0264.json b/2003/CVE-2003-0264.json index 7c9f1d3d2b..a97654ff05 100644 --- a/2003/CVE-2003-0264.json +++ b/2003/CVE-2003-0264.json @@ -67,51 +67,5 @@ "forks": 0, "watchers": 0, "score": 0 - }, - { - "id": 247077498, - "name": "CVE-2003-0264-SLmail-5.5", - "full_name": "pwncone\/CVE-2003-0264-SLmail-5.5", - "owner": { - "login": "pwncone", - "id": 57570315, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/57570315?v=4", - "html_url": "https:\/\/github.com\/pwncone" - }, - "html_url": "https:\/\/github.com\/pwncone\/CVE-2003-0264-SLmail-5.5", - "description": "A POC remote buffer overflow for CVE-2003-0264 - SLMail 5.5", - "fork": false, - "created_at": "2020-03-13T13:27:56Z", - "updated_at": "2020-03-13T13:31:38Z", - "pushed_at": "2020-03-13T13:31:36Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, - { - "id": 323381650, - "name": "CVE-2003-0264", - "full_name": "PepeTheRital\/CVE-2003-0264", - "owner": { - "login": "PepeTheRital", - "id": 65770864, - "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/65770864?v=4", - "html_url": "https:\/\/github.com\/PepeTheRital" - }, - "html_url": "https:\/\/github.com\/PepeTheRital\/CVE-2003-0264", - "description": "Exploit CVE-2003-0264 ", - "fork": false, - "created_at": "2020-12-21T15:52:32Z", - "updated_at": "2020-12-21T15:58:48Z", - "pushed_at": "2020-12-21T15:58:46Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 } ] \ No newline at end of file diff --git a/2007/CVE-2007-1858.json b/2007/CVE-2007-1858.json new file mode 100644 index 0000000000..81c741fbe8 --- /dev/null +++ b/2007/CVE-2007-1858.json @@ -0,0 +1,25 @@ +[ + { + "id": 325974459, + "name": "A2SV--SSL-VUL-Scan", + "full_name": "nyctophile6\/A2SV--SSL-VUL-Scan", + "owner": { + "login": "nyctophile6", + "id": 75995332, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/75995332?v=4", + "html_url": "https:\/\/github.com\/nyctophile6" + }, + "html_url": "https:\/\/github.com\/nyctophile6\/A2SV--SSL-VUL-Scan", + "description": "A2SV = Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SPDY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN Installation : $ apt update && apt upgrade $ apt install git $ apt install python2 $ apt install python $ git clone https:\/\/github.com\/hahwul\/ a2sv $ cd a2sv $ chmod +x * $ pip2 install -r requirements.txt usage : $ python2 a2sv.py -h It shows all commands how we can use this tool $ python a2sv.py -t 127.0.0.1 127.0.0.1 = target means here own device", + "fork": false, + "created_at": "2021-01-01T12:26:08Z", + "updated_at": "2021-01-01T12:26:12Z", + "pushed_at": "2021-01-01T12:26:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2012/CVE-2012-4929.json b/2012/CVE-2012-4929.json index 0df4954845..9831f3111d 100644 --- a/2012/CVE-2012-4929.json +++ b/2012/CVE-2012-4929.json @@ -21,5 +21,28 @@ "forks": 8, "watchers": 20, "score": 0 + }, + { + "id": 325974459, + "name": "A2SV--SSL-VUL-Scan", + "full_name": "nyctophile6\/A2SV--SSL-VUL-Scan", + "owner": { + "login": "nyctophile6", + "id": 75995332, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/75995332?v=4", + "html_url": "https:\/\/github.com\/nyctophile6" + }, + "html_url": "https:\/\/github.com\/nyctophile6\/A2SV--SSL-VUL-Scan", + "description": "A2SV = Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SPDY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN Installation : $ apt update && apt upgrade $ apt install git $ apt install python2 $ apt install python $ git clone https:\/\/github.com\/hahwul\/ a2sv $ cd a2sv $ chmod +x * $ pip2 install -r requirements.txt usage : $ python2 a2sv.py -h It shows all commands how we can use this tool $ python a2sv.py -t 127.0.0.1 127.0.0.1 = target means here own device", + "fork": false, + "created_at": "2021-01-01T12:26:08Z", + "updated_at": "2021-01-01T12:26:12Z", + "pushed_at": "2021-01-01T12:26:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2014/CVE-2014-0160.json b/2014/CVE-2014-0160.json index 2fbe6d1d10..cdff518bb6 100644 --- a/2014/CVE-2014-0160.json +++ b/2014/CVE-2014-0160.json @@ -1194,5 +1194,28 @@ "forks": 0, "watchers": 1, "score": 0 + }, + { + "id": 325974459, + "name": "A2SV--SSL-VUL-Scan", + "full_name": "nyctophile6\/A2SV--SSL-VUL-Scan", + "owner": { + "login": "nyctophile6", + "id": 75995332, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/75995332?v=4", + "html_url": "https:\/\/github.com\/nyctophile6" + }, + "html_url": "https:\/\/github.com\/nyctophile6\/A2SV--SSL-VUL-Scan", + "description": "A2SV = Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SPDY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN Installation : $ apt update && apt upgrade $ apt install git $ apt install python2 $ apt install python $ git clone https:\/\/github.com\/hahwul\/ a2sv $ cd a2sv $ chmod +x * $ pip2 install -r requirements.txt usage : $ python2 a2sv.py -h It shows all commands how we can use this tool $ python a2sv.py -t 127.0.0.1 127.0.0.1 = target means here own device", + "fork": false, + "created_at": "2021-01-01T12:26:08Z", + "updated_at": "2021-01-01T12:26:12Z", + "pushed_at": "2021-01-01T12:26:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2015/CVE-2015-0204.json b/2015/CVE-2015-0204.json index 64dc387997..84c55d3341 100644 --- a/2015/CVE-2015-0204.json +++ b/2015/CVE-2015-0204.json @@ -90,5 +90,28 @@ "forks": 0, "watchers": 1, "score": 0 + }, + { + "id": 325974459, + "name": "A2SV--SSL-VUL-Scan", + "full_name": "nyctophile6\/A2SV--SSL-VUL-Scan", + "owner": { + "login": "nyctophile6", + "id": 75995332, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/75995332?v=4", + "html_url": "https:\/\/github.com\/nyctophile6" + }, + "html_url": "https:\/\/github.com\/nyctophile6\/A2SV--SSL-VUL-Scan", + "description": "A2SV = Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SPDY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN Installation : $ apt update && apt upgrade $ apt install git $ apt install python2 $ apt install python $ git clone https:\/\/github.com\/hahwul\/ a2sv $ cd a2sv $ chmod +x * $ pip2 install -r requirements.txt usage : $ python2 a2sv.py -h It shows all commands how we can use this tool $ python a2sv.py -t 127.0.0.1 127.0.0.1 = target means here own device", + "fork": false, + "created_at": "2021-01-01T12:26:08Z", + "updated_at": "2021-01-01T12:26:12Z", + "pushed_at": "2021-01-01T12:26:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2016/CVE-2016-0800.json b/2016/CVE-2016-0800.json new file mode 100644 index 0000000000..81c741fbe8 --- /dev/null +++ b/2016/CVE-2016-0800.json @@ -0,0 +1,25 @@ +[ + { + "id": 325974459, + "name": "A2SV--SSL-VUL-Scan", + "full_name": "nyctophile6\/A2SV--SSL-VUL-Scan", + "owner": { + "login": "nyctophile6", + "id": 75995332, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/75995332?v=4", + "html_url": "https:\/\/github.com\/nyctophile6" + }, + "html_url": "https:\/\/github.com\/nyctophile6\/A2SV--SSL-VUL-Scan", + "description": "A2SV = Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SPDY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN Installation : $ apt update && apt upgrade $ apt install git $ apt install python2 $ apt install python $ git clone https:\/\/github.com\/hahwul\/ a2sv $ cd a2sv $ chmod +x * $ pip2 install -r requirements.txt usage : $ python2 a2sv.py -h It shows all commands how we can use this tool $ python a2sv.py -t 127.0.0.1 127.0.0.1 = target means here own device", + "fork": false, + "created_at": "2021-01-01T12:26:08Z", + "updated_at": "2021-01-01T12:26:12Z", + "pushed_at": "2021-01-01T12:26:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2016/CVE-2016-10033.json b/2016/CVE-2016-10033.json index f4620e4eee..64364bc1e7 100644 --- a/2016/CVE-2016-10033.json +++ b/2016/CVE-2016-10033.json @@ -17,8 +17,8 @@ "pushed_at": "2019-10-13T12:23:02Z", "stargazers_count": 355, "watchers_count": 355, - "forks_count": 139, - "forks": 139, + "forks_count": 140, + "forks": 140, "watchers": 355, "score": 0 }, diff --git a/2017/CVE-2017-0038.json b/2017/CVE-2017-0038.json new file mode 100644 index 0000000000..aff487d412 --- /dev/null +++ b/2017/CVE-2017-0038.json @@ -0,0 +1,25 @@ +[ + { + "id": 85834314, + "name": "CVE-2017-0038-EXP-C-JS", + "full_name": "k0keoyo\/CVE-2017-0038-EXP-C-JS", + "owner": { + "login": "k0keoyo", + "id": 13257929, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13257929?v=4", + "html_url": "https:\/\/github.com\/k0keoyo" + }, + "html_url": "https:\/\/github.com\/k0keoyo\/CVE-2017-0038-EXP-C-JS", + "description": null, + "fork": false, + "created_at": "2017-03-22T13:59:48Z", + "updated_at": "2019-09-13T11:40:59Z", + "pushed_at": "2017-03-23T14:07:37Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 8, + "forks": 8, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0065.json b/2017/CVE-2017-0065.json new file mode 100644 index 0000000000..318519d2a2 --- /dev/null +++ b/2017/CVE-2017-0065.json @@ -0,0 +1,25 @@ +[ + { + "id": 85072866, + "name": "cve-2017-0065", + "full_name": "Dankirk\/cve-2017-0065", + "owner": { + "login": "Dankirk", + "id": 10588760, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10588760?v=4", + "html_url": "https:\/\/github.com\/Dankirk" + }, + "html_url": "https:\/\/github.com\/Dankirk\/cve-2017-0065", + "description": "Exploiting Edge's read:\/\/ urlhandler", + "fork": false, + "created_at": "2017-03-15T13:01:29Z", + "updated_at": "2019-10-26T13:38:33Z", + "pushed_at": "2020-10-01T04:14:25Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 15, + "forks": 15, + "watchers": 15, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0106.json b/2017/CVE-2017-0106.json new file mode 100644 index 0000000000..54ea8d497c --- /dev/null +++ b/2017/CVE-2017-0106.json @@ -0,0 +1,25 @@ +[ + { + "id": 88117539, + "name": "CVE-2017-0106", + "full_name": "ryhanson\/CVE-2017-0106", + "owner": { + "login": "ryhanson", + "id": 3486433, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3486433?v=4", + "html_url": "https:\/\/github.com\/ryhanson" + }, + "html_url": "https:\/\/github.com\/ryhanson\/CVE-2017-0106", + "description": null, + "fork": false, + "created_at": "2017-04-13T02:42:08Z", + "updated_at": "2017-04-13T02:42:08Z", + "pushed_at": "2017-04-13T02:42:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0108.json b/2017/CVE-2017-0108.json new file mode 100644 index 0000000000..8c1c66ead4 --- /dev/null +++ b/2017/CVE-2017-0108.json @@ -0,0 +1,25 @@ +[ + { + "id": 88317204, + "name": "CVE-2017-0108", + "full_name": "homjxi0e\/CVE-2017-0108", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-0108", + "description": null, + "fork": false, + "created_at": "2017-04-15T02:10:16Z", + "updated_at": "2017-12-04T20:08:18Z", + "pushed_at": "2017-04-15T02:16:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0143.json b/2017/CVE-2017-0143.json index e8c4df551e..9720c465a1 100644 --- a/2017/CVE-2017-0143.json +++ b/2017/CVE-2017-0143.json @@ -1,4 +1,27 @@ [ + { + "id": 91496993, + "name": "wannafind", + "full_name": "valarauco\/wannafind", + "owner": { + "login": "valarauco", + "id": 434898, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/434898?v=4", + "html_url": "https:\/\/github.com\/valarauco" + }, + "html_url": "https:\/\/github.com\/valarauco\/wannafind", + "description": "Simple script using nmap to detect CVE-2017-0143 MS17-010 in your network", + "fork": false, + "created_at": "2017-05-16T19:34:38Z", + "updated_at": "2017-12-06T14:25:10Z", + "pushed_at": "2017-05-26T17:28:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, { "id": 301944849, "name": "Etern-blue-Windows-7-Checker", diff --git a/2017/CVE-2017-0145.json b/2017/CVE-2017-0145.json new file mode 100644 index 0000000000..d13fa5253f --- /dev/null +++ b/2017/CVE-2017-0145.json @@ -0,0 +1,25 @@ +[ + { + "id": 91811261, + "name": "chef_tissues", + "full_name": "MelonSmasher\/chef_tissues", + "owner": { + "login": "MelonSmasher", + "id": 1491053, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1491053?v=4", + "html_url": "https:\/\/github.com\/MelonSmasher" + }, + "html_url": "https:\/\/github.com\/MelonSmasher\/chef_tissues", + "description": "Install patch for CVE-2017-0145 AKA WannaCry.", + "fork": false, + "created_at": "2017-05-19T13:55:06Z", + "updated_at": "2018-04-04T01:07:21Z", + "pushed_at": "2017-05-19T16:49:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0199.json b/2017/CVE-2017-0199.json index e74bc17a8e..dd3323b649 100644 --- a/2017/CVE-2017-0199.json +++ b/2017/CVE-2017-0199.json @@ -1,4 +1,372 @@ [ + { + "id": 88117490, + "name": "CVE-2017-0199", + "full_name": "ryhanson\/CVE-2017-0199", + "owner": { + "login": "ryhanson", + "id": 3486433, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3486433?v=4", + "html_url": "https:\/\/github.com\/ryhanson" + }, + "html_url": "https:\/\/github.com\/ryhanson\/CVE-2017-0199", + "description": null, + "fork": false, + "created_at": "2017-04-13T02:41:36Z", + "updated_at": "2017-04-13T02:41:36Z", + "pushed_at": "2017-04-13T02:41:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 88185964, + "name": "cve-2017-0199", + "full_name": "SyFi\/cve-2017-0199", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi" + }, + "html_url": "https:\/\/github.com\/SyFi\/cve-2017-0199", + "description": null, + "fork": false, + "created_at": "2017-04-13T16:40:27Z", + "updated_at": "2019-12-06T00:55:16Z", + "pushed_at": "2017-04-13T16:45:10Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 7, + "forks": 7, + "watchers": 12, + "score": 0 + }, + { + "id": 88486475, + "name": "CVE-2017-0199", + "full_name": "bhdresh\/CVE-2017-0199", + "owner": { + "login": "bhdresh", + "id": 8931885, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8931885?v=4", + "html_url": "https:\/\/github.com\/bhdresh" + }, + "html_url": "https:\/\/github.com\/bhdresh\/CVE-2017-0199", + "description": "Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF\/PPSX file and deliver metasploit \/ meterpreter \/ other payload to victim without any complex configuration.", + "fork": false, + "created_at": "2017-04-17T08:10:07Z", + "updated_at": "2020-12-30T20:45:13Z", + "pushed_at": "2017-11-19T11:01:16Z", + "stargazers_count": 637, + "watchers_count": 637, + "forks_count": 283, + "forks": 283, + "watchers": 637, + "score": 0 + }, + { + "id": 88590374, + "name": "CVE-2017-0199-Fix", + "full_name": "NotAwful\/CVE-2017-0199-Fix", + "owner": { + "login": "NotAwful", + "id": 25178947, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/25178947?v=4", + "html_url": "https:\/\/github.com\/NotAwful" + }, + "html_url": "https:\/\/github.com\/NotAwful\/CVE-2017-0199-Fix", + "description": "Quick and dirty fix to OLE2 executing code via .hta", + "fork": false, + "created_at": "2017-04-18T06:33:45Z", + "updated_at": "2018-03-18T10:23:47Z", + "pushed_at": "2017-04-24T20:48:36Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 1, + "forks": 1, + "watchers": 14, + "score": 0 + }, + { + "id": 88700030, + "name": "CVE-2017-0199-master", + "full_name": "haibara3839\/CVE-2017-0199-master", + "owner": { + "login": "haibara3839", + "id": 17246565, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17246565?v=4", + "html_url": "https:\/\/github.com\/haibara3839" + }, + "html_url": "https:\/\/github.com\/haibara3839\/CVE-2017-0199-master", + "description": "CVE-2017-0199", + "fork": false, + "created_at": "2017-04-19T04:15:54Z", + "updated_at": "2020-08-13T13:59:18Z", + "pushed_at": "2017-04-19T04:25:47Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 11, + "forks": 11, + "watchers": 16, + "score": 0 + }, + { + "id": 89043209, + "name": "CVE-2017-0199", + "full_name": "Exploit-install\/CVE-2017-0199", + "owner": { + "login": "Exploit-install", + "id": 13824191, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/13824191?v=4", + "html_url": "https:\/\/github.com\/Exploit-install" + }, + "html_url": "https:\/\/github.com\/Exploit-install\/CVE-2017-0199", + "description": "Exploit toolkit CVE-2017-0199 - v2.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious RTF file and deliver metasploit \/ meterpreter \/ any other payload to victim without any complex configuration.", + "fork": false, + "created_at": "2017-04-22T04:01:38Z", + "updated_at": "2020-04-07T06:30:43Z", + "pushed_at": "2017-04-22T04:01:54Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 11, + "forks": 11, + "watchers": 7, + "score": 0 + }, + { + "id": 89065031, + "name": "PoC-CVE-2017-0199", + "full_name": "zakybstrd21215\/PoC-CVE-2017-0199", + "owner": { + "login": "zakybstrd21215", + "id": 22362343, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22362343?v=4", + "html_url": "https:\/\/github.com\/zakybstrd21215" + }, + "html_url": "https:\/\/github.com\/zakybstrd21215\/PoC-CVE-2017-0199", + "description": "Exploit toolkit for vulnerability RCE Microsoft RTF", + "fork": false, + "created_at": "2017-04-22T11:32:39Z", + "updated_at": "2019-02-02T15:31:28Z", + "pushed_at": "2017-04-22T11:35:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 89145802, + "name": "CVE-2017-0199", + "full_name": "n1shant-sinha\/CVE-2017-0199", + "owner": { + "login": "n1shant-sinha", + "id": 8848453, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/8848453?v=4", + "html_url": "https:\/\/github.com\/n1shant-sinha" + }, + "html_url": "https:\/\/github.com\/n1shant-sinha\/CVE-2017-0199", + "description": "Exploit toolkit CVE-2017-0199 - v2.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious RTF file and deliver metasploit \/ meterpreter payload to victim without any complex configuration.", + "fork": false, + "created_at": "2017-04-23T13:58:30Z", + "updated_at": "2018-10-18T14:32:17Z", + "pushed_at": "2017-04-23T14:05:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 89296859, + "name": "htattack", + "full_name": "kn0wm4d\/htattack", + "owner": { + "login": "kn0wm4d", + "id": 15344287, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15344287?v=4", + "html_url": "https:\/\/github.com\/kn0wm4d" + }, + "html_url": "https:\/\/github.com\/kn0wm4d\/htattack", + "description": "An exploit implementation for RCE in RTF & DOCs (CVE-2017-0199)", + "fork": false, + "created_at": "2017-04-24T23:44:31Z", + "updated_at": "2020-08-29T04:54:33Z", + "pushed_at": "2017-04-24T23:45:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + }, + { + "id": 89314149, + "name": "Cve-2017-0199", + "full_name": "joke998\/Cve-2017-0199", + "owner": { + "login": "joke998", + "id": 25948923, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/25948923?v=4", + "html_url": "https:\/\/github.com\/joke998" + }, + "html_url": "https:\/\/github.com\/joke998\/Cve-2017-0199", + "description": null, + "fork": false, + "created_at": "2017-04-25T03:38:15Z", + "updated_at": "2017-04-25T03:38:15Z", + "pushed_at": "2017-04-25T03:38:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 89314954, + "name": "Cve-2017-0199-", + "full_name": "joke998\/Cve-2017-0199-", + "owner": { + "login": "joke998", + "id": 25948923, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/25948923?v=4", + "html_url": "https:\/\/github.com\/joke998" + }, + "html_url": "https:\/\/github.com\/joke998\/Cve-2017-0199-", + "description": "Cve-2017-0199", + "fork": false, + "created_at": "2017-04-25T03:48:53Z", + "updated_at": "2017-04-25T03:48:53Z", + "pushed_at": "2017-04-25T03:48:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 95870771, + "name": "Microsoft-Word-CVE-2017-0199-", + "full_name": "sUbc0ol\/Microsoft-Word-CVE-2017-0199-", + "owner": { + "login": "sUbc0ol", + "id": 24601456, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/24601456?v=4", + "html_url": "https:\/\/github.com\/sUbc0ol" + }, + "html_url": "https:\/\/github.com\/sUbc0ol\/Microsoft-Word-CVE-2017-0199-", + "description": null, + "fork": false, + "created_at": "2017-06-30T09:08:40Z", + "updated_at": "2020-03-26T07:51:03Z", + "pushed_at": "2017-06-30T09:11:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 104072875, + "name": "CVE-2017-0199", + "full_name": "viethdgit\/CVE-2017-0199", + "owner": { + "login": "viethdgit", + "id": 24888568, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/24888568?v=4", + "html_url": "https:\/\/github.com\/viethdgit" + }, + "html_url": "https:\/\/github.com\/viethdgit\/CVE-2017-0199", + "description": null, + "fork": false, + "created_at": "2017-09-19T12:38:47Z", + "updated_at": "2017-09-19T12:38:47Z", + "pushed_at": "2017-09-19T12:47:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 109420190, + "name": "RTF-Cleaner", + "full_name": "nicpenning\/RTF-Cleaner", + "owner": { + "login": "nicpenning", + "id": 5582679, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5582679?v=4", + "html_url": "https:\/\/github.com\/nicpenning" + }, + "html_url": "https:\/\/github.com\/nicpenning\/RTF-Cleaner", + "description": "RTF de-obfuscator for CVE-2017-0199 documents to find URLs statically.", + "fork": false, + "created_at": "2017-11-03T16:47:16Z", + "updated_at": "2019-06-29T16:49:45Z", + "pushed_at": "2017-11-03T20:55:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, + { + "id": 111145351, + "name": "2017-11-17-Maldoc-Using-CVE-2017-0199", + "full_name": "bloomer1016\/2017-11-17-Maldoc-Using-CVE-2017-0199", + "owner": { + "login": "bloomer1016", + "id": 12056770, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/12056770?v=4", + "html_url": "https:\/\/github.com\/bloomer1016" + }, + "html_url": "https:\/\/github.com\/bloomer1016\/2017-11-17-Maldoc-Using-CVE-2017-0199", + "description": null, + "fork": false, + "created_at": "2017-11-17T20:00:29Z", + "updated_at": "2020-03-29T03:29:38Z", + "pushed_at": "2017-11-17T20:00:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 113558617, + "name": "RTF-Cleaner", + "full_name": "jacobsoo\/RTF-Cleaner", + "owner": { + "login": "jacobsoo", + "id": 3516693, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3516693?v=4", + "html_url": "https:\/\/github.com\/jacobsoo" + }, + "html_url": "https:\/\/github.com\/jacobsoo\/RTF-Cleaner", + "description": "RTF Cleaner, tries to extract URL from malicious RTF samples using CVE-2017-0199 & CVE-2017-8759", + "fork": false, + "created_at": "2017-12-08T09:45:25Z", + "updated_at": "2018-02-21T04:37:47Z", + "pushed_at": "2017-12-08T09:46:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, { "id": 126305253, "name": "CVE-2017-0199", diff --git a/2017/CVE-2017-0204.json b/2017/CVE-2017-0204.json new file mode 100644 index 0000000000..d6031649dd --- /dev/null +++ b/2017/CVE-2017-0204.json @@ -0,0 +1,25 @@ +[ + { + "id": 88117558, + "name": "CVE-2017-0204", + "full_name": "ryhanson\/CVE-2017-0204", + "owner": { + "login": "ryhanson", + "id": 3486433, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3486433?v=4", + "html_url": "https:\/\/github.com\/ryhanson" + }, + "html_url": "https:\/\/github.com\/ryhanson\/CVE-2017-0204", + "description": null, + "fork": false, + "created_at": "2017-04-13T02:42:24Z", + "updated_at": "2017-04-13T03:12:29Z", + "pushed_at": "2017-04-13T02:42:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0213.json b/2017/CVE-2017-0213.json index 8bda0c4f7e..57f05fbb6e 100644 --- a/2017/CVE-2017-0213.json +++ b/2017/CVE-2017-0213.json @@ -1,4 +1,73 @@ [ + { + "id": 95809289, + "name": "CVE-2017-0213-", + "full_name": "shaheemirza\/CVE-2017-0213-", + "owner": { + "login": "shaheemirza", + "id": 4853436, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4853436?v=4", + "html_url": "https:\/\/github.com\/shaheemirza" + }, + "html_url": "https:\/\/github.com\/shaheemirza\/CVE-2017-0213-", + "description": null, + "fork": false, + "created_at": "2017-06-29T18:49:44Z", + "updated_at": "2020-11-25T23:12:09Z", + "pushed_at": "2017-06-07T17:09:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 6, + "forks": 6, + "watchers": 1, + "score": 0 + }, + { + "id": 95974378, + "name": "CVE-2017-0213", + "full_name": "zcgonvh\/CVE-2017-0213", + "owner": { + "login": "zcgonvh", + "id": 25787677, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25787677?v=4", + "html_url": "https:\/\/github.com\/zcgonvh" + }, + "html_url": "https:\/\/github.com\/zcgonvh\/CVE-2017-0213", + "description": "CVE-2017-0213 for command line", + "fork": false, + "created_at": "2017-07-01T16:07:04Z", + "updated_at": "2020-10-21T22:15:15Z", + "pushed_at": "2017-07-01T16:19:12Z", + "stargazers_count": 55, + "watchers_count": 55, + "forks_count": 25, + "forks": 25, + "watchers": 55, + "score": 0 + }, + { + "id": 105444160, + "name": "CVE-2017-0213", + "full_name": "billa3283\/CVE-2017-0213", + "owner": { + "login": "billa3283", + "id": 32428387, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32428387?v=4", + "html_url": "https:\/\/github.com\/billa3283" + }, + "html_url": "https:\/\/github.com\/billa3283\/CVE-2017-0213", + "description": null, + "fork": false, + "created_at": "2017-10-01T13:29:59Z", + "updated_at": "2017-10-01T13:29:59Z", + "pushed_at": "2017-10-01T13:30:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 125799686, "name": "CVE-2017-0213", diff --git a/2017/CVE-2017-0290.json b/2017/CVE-2017-0290.json new file mode 100644 index 0000000000..7c61c69cf8 --- /dev/null +++ b/2017/CVE-2017-0290.json @@ -0,0 +1,25 @@ +[ + { + "id": 90935850, + "name": "CVE-2017-0290-", + "full_name": "homjxi0e\/CVE-2017-0290-", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-0290-", + "description": null, + "fork": false, + "created_at": "2017-05-11T04:01:51Z", + "updated_at": "2017-05-11T04:01:51Z", + "pushed_at": "2017-05-11T05:24:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0478.json b/2017/CVE-2017-0478.json index 01b1ed5429..a420023ef6 100644 --- a/2017/CVE-2017-0478.json +++ b/2017/CVE-2017-0478.json @@ -1,4 +1,27 @@ [ + { + "id": 85445247, + "name": "CVE-2017-0478", + "full_name": "JiounDai\/CVE-2017-0478", + "owner": { + "login": "JiounDai", + "id": 4220640, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4220640?v=4", + "html_url": "https:\/\/github.com\/JiounDai" + }, + "html_url": "https:\/\/github.com\/JiounDai\/CVE-2017-0478", + "description": "poc of CVE-2017-0478", + "fork": false, + "created_at": "2017-03-19T02:18:37Z", + "updated_at": "2020-08-11T04:38:14Z", + "pushed_at": "2017-03-19T02:43:19Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 5, + "forks": 5, + "watchers": 7, + "score": 0 + }, { "id": 141312944, "name": "CVE-2017-0478", diff --git a/2017/CVE-2017-0541.json b/2017/CVE-2017-0541.json index 85e70a6879..496585240f 100644 --- a/2017/CVE-2017-0541.json +++ b/2017/CVE-2017-0541.json @@ -1,4 +1,27 @@ [ + { + "id": 87639690, + "name": "CVE-2017-0541", + "full_name": "JiounDai\/CVE-2017-0541", + "owner": { + "login": "JiounDai", + "id": 4220640, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4220640?v=4", + "html_url": "https:\/\/github.com\/JiounDai" + }, + "html_url": "https:\/\/github.com\/JiounDai\/CVE-2017-0541", + "description": "poc and vulnerability analysis of CVE-2017-0541", + "fork": false, + "created_at": "2017-04-08T14:28:22Z", + "updated_at": "2018-11-26T08:18:04Z", + "pushed_at": "2017-04-08T14:45:44Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 11, + "forks": 11, + "watchers": 19, + "score": 0 + }, { "id": 141312906, "name": "CVE-2017-0541", diff --git a/2017/CVE-2017-0554.json b/2017/CVE-2017-0554.json new file mode 100644 index 0000000000..c275ff098d --- /dev/null +++ b/2017/CVE-2017-0554.json @@ -0,0 +1,25 @@ +[ + { + "id": 115291853, + "name": "tethr", + "full_name": "lanrat\/tethr", + "owner": { + "login": "lanrat", + "id": 164192, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/164192?v=4", + "html_url": "https:\/\/github.com\/lanrat" + }, + "html_url": "https:\/\/github.com\/lanrat\/tethr", + "description": "Android Tethering Provisioning Check Bypass (CVE-2017-0554)", + "fork": false, + "created_at": "2017-12-24T23:18:28Z", + "updated_at": "2020-09-10T21:28:07Z", + "pushed_at": "2020-09-11T04:45:20Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 3, + "forks": 3, + "watchers": 10, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0564.json b/2017/CVE-2017-0564.json new file mode 100644 index 0000000000..4c2c7d1950 --- /dev/null +++ b/2017/CVE-2017-0564.json @@ -0,0 +1,25 @@ +[ + { + "id": 117041381, + "name": "CVE-2017-0564-ION-PoC", + "full_name": "guoygang\/CVE-2017-0564-ION-PoC", + "owner": { + "login": "guoygang", + "id": 16954452, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16954452?v=4", + "html_url": "https:\/\/github.com\/guoygang" + }, + "html_url": "https:\/\/github.com\/guoygang\/CVE-2017-0564-ION-PoC", + "description": "ION通用提权漏洞PoC以及分析", + "fork": false, + "created_at": "2018-01-11T02:50:26Z", + "updated_at": "2019-07-16T01:41:58Z", + "pushed_at": "2018-01-11T02:53:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0781.json b/2017/CVE-2017-0781.json index 42bdeaf8b7..7621ead424 100644 --- a/2017/CVE-2017-0781.json +++ b/2017/CVE-2017-0781.json @@ -1,4 +1,27 @@ [ + { + "id": 106299703, + "name": "CVE-2017-0781", + "full_name": "ojasookert\/CVE-2017-0781", + "owner": { + "login": "ojasookert", + "id": 12931198, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12931198?v=4", + "html_url": "https:\/\/github.com\/ojasookert" + }, + "html_url": "https:\/\/github.com\/ojasookert\/CVE-2017-0781", + "description": "Blueborne CVE-2017-0781 Android heap overflow vulnerability", + "fork": false, + "created_at": "2017-10-09T15:13:25Z", + "updated_at": "2020-12-21T16:51:53Z", + "pushed_at": "2017-10-09T15:20:11Z", + "stargazers_count": 73, + "watchers_count": 73, + "forks_count": 35, + "forks": 35, + "watchers": 73, + "score": 0 + }, { "id": 125669064, "name": "android712-blueborne", diff --git a/2017/CVE-2017-0785.json b/2017/CVE-2017-0785.json index 47ebc50906..0d33b5a1e6 100644 --- a/2017/CVE-2017-0785.json +++ b/2017/CVE-2017-0785.json @@ -1,4 +1,96 @@ [ + { + "id": 104278164, + "name": "CVE-2017-0785", + "full_name": "ojasookert\/CVE-2017-0785", + "owner": { + "login": "ojasookert", + "id": 12931198, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12931198?v=4", + "html_url": "https:\/\/github.com\/ojasookert" + }, + "html_url": "https:\/\/github.com\/ojasookert\/CVE-2017-0785", + "description": "Blueborne CVE-2017-0785 Android information leak vulnerability", + "fork": false, + "created_at": "2017-09-20T23:32:29Z", + "updated_at": "2020-10-25T00:52:16Z", + "pushed_at": "2017-09-23T05:11:45Z", + "stargazers_count": 431, + "watchers_count": 431, + "forks_count": 190, + "forks": 190, + "watchers": 431, + "score": 0 + }, + { + "id": 104516404, + "name": "CVE-2017-0785", + "full_name": "aymankhalfatni\/CVE-2017-0785", + "owner": { + "login": "aymankhalfatni", + "id": 19715320, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/19715320?v=4", + "html_url": "https:\/\/github.com\/aymankhalfatni" + }, + "html_url": "https:\/\/github.com\/aymankhalfatni\/CVE-2017-0785", + "description": "CVE-2017-0785: BlueBorne PoC", + "fork": false, + "created_at": "2017-09-22T20:33:12Z", + "updated_at": "2017-09-22T20:34:33Z", + "pushed_at": "2017-09-22T20:34:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 104522460, + "name": "-CVE-2017-0785-BlueBorne-PoC", + "full_name": "Alfa100001\/-CVE-2017-0785-BlueBorne-PoC", + "owner": { + "login": "Alfa100001", + "id": 29385626, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/29385626?v=4", + "html_url": "https:\/\/github.com\/Alfa100001" + }, + "html_url": "https:\/\/github.com\/Alfa100001\/-CVE-2017-0785-BlueBorne-PoC", + "description": "CVE-2017-0785 BlueBorne PoC", + "fork": false, + "created_at": "2017-09-22T22:03:40Z", + "updated_at": "2020-09-10T09:52:50Z", + "pushed_at": "2017-09-22T22:23:52Z", + "stargazers_count": 27, + "watchers_count": 27, + "forks_count": 15, + "forks": 15, + "watchers": 27, + "score": 0 + }, + { + "id": 105568835, + "name": "BlueBorne-CVE-2017-0785", + "full_name": "Hackerscript\/BlueBorne-CVE-2017-0785", + "owner": { + "login": "Hackerscript", + "id": 29609985, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/29609985?v=4", + "html_url": "https:\/\/github.com\/Hackerscript" + }, + "html_url": "https:\/\/github.com\/Hackerscript\/BlueBorne-CVE-2017-0785", + "description": "this script is used for hack bluetooth devices CVE 2017 0785 which was done by ARMIS This File is password protected for password contact atusha@gmail.comr", + "fork": false, + "created_at": "2017-10-02T18:21:43Z", + "updated_at": "2017-10-02T18:21:43Z", + "pushed_at": "2017-10-02T18:21:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 105816209, "name": "blueborne", @@ -22,6 +114,52 @@ "watchers": 31, "score": 0 }, + { + "id": 116589306, + "name": "diff", + "full_name": "sigbitsadmin\/diff", + "owner": { + "login": "sigbitsadmin", + "id": 33204560, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/33204560?v=4", + "html_url": "https:\/\/github.com\/sigbitsadmin" + }, + "html_url": "https:\/\/github.com\/sigbitsadmin\/diff", + "description": "Simply diff for CVE-2017-0785", + "fork": false, + "created_at": "2018-01-07T18:30:42Z", + "updated_at": "2018-01-07T18:31:03Z", + "pushed_at": "2018-01-07T18:31:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 117460479, + "name": "diff", + "full_name": "SigBitsLabs\/diff", + "owner": { + "login": "SigBitsLabs", + "id": 33204577, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33204577?v=4", + "html_url": "https:\/\/github.com\/SigBitsLabs" + }, + "html_url": "https:\/\/github.com\/SigBitsLabs\/diff", + "description": "diff for CVE-2017-0785 (Blueborne)", + "fork": false, + "created_at": "2018-01-14T19:36:03Z", + "updated_at": "2018-01-14T19:36:27Z", + "pushed_at": "2018-01-14T19:36:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 122293991, "name": "Bluetooth-Crash-CVE-2017-0785", diff --git a/2017/CVE-2017-0807.json b/2017/CVE-2017-0807.json new file mode 100644 index 0000000000..c5690b0fcd --- /dev/null +++ b/2017/CVE-2017-0807.json @@ -0,0 +1,25 @@ +[ + { + "id": 117631583, + "name": "PoC_CVE-2017-0807", + "full_name": "kpatsakis\/PoC_CVE-2017-0807", + "owner": { + "login": "kpatsakis", + "id": 9294190, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/9294190?v=4", + "html_url": "https:\/\/github.com\/kpatsakis" + }, + "html_url": "https:\/\/github.com\/kpatsakis\/PoC_CVE-2017-0807", + "description": "Proof of concept of CVE-2017-0807", + "fork": false, + "created_at": "2018-01-16T04:34:06Z", + "updated_at": "2018-11-26T05:17:02Z", + "pushed_at": "2018-01-16T04:55:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000000.json b/2017/CVE-2017-1000000.json new file mode 100644 index 0000000000..ff74bdb86a --- /dev/null +++ b/2017/CVE-2017-1000000.json @@ -0,0 +1,25 @@ +[ + { + "id": 91563154, + "name": "DWF-CVE-2017-1000000", + "full_name": "smythtech\/DWF-CVE-2017-1000000", + "owner": { + "login": "smythtech", + "id": 9844564, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/9844564?v=4", + "html_url": "https:\/\/github.com\/smythtech" + }, + "html_url": "https:\/\/github.com\/smythtech\/DWF-CVE-2017-1000000", + "description": null, + "fork": false, + "created_at": "2017-05-17T10:14:54Z", + "updated_at": "2017-07-06T21:23:57Z", + "pushed_at": "2017-05-17T10:27:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000117.json b/2017/CVE-2017-1000117.json index 9937f56c87..47fc0974d2 100644 --- a/2017/CVE-2017-1000117.json +++ b/2017/CVE-2017-1000117.json @@ -1,4 +1,464 @@ [ + { + "id": 100002532, + "name": "CVE-2017-1000117", + "full_name": "timwr\/CVE-2017-1000117", + "owner": { + "login": "timwr", + "id": 684924, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/684924?v=4", + "html_url": "https:\/\/github.com\/timwr" + }, + "html_url": "https:\/\/github.com\/timwr\/CVE-2017-1000117", + "description": "Proof of concept of CVE-2017-1000117", + "fork": false, + "created_at": "2017-08-11T07:03:23Z", + "updated_at": "2019-01-23T02:32:39Z", + "pushed_at": "2017-08-11T08:27:04Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 15, + "forks": 15, + "watchers": 6, + "score": 0 + }, + { + "id": 100058519, + "name": "test-git-vuln_CVE-2017-1000117", + "full_name": "GrahamMThomas\/test-git-vuln_CVE-2017-1000117", + "owner": { + "login": "GrahamMThomas", + "id": 14031456, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/14031456?v=4", + "html_url": "https:\/\/github.com\/GrahamMThomas" + }, + "html_url": "https:\/\/github.com\/GrahamMThomas\/test-git-vuln_CVE-2017-1000117", + "description": "Repo to test the new git vulnerability", + "fork": false, + "created_at": "2017-08-11T18:05:01Z", + "updated_at": "2017-09-26T17:09:13Z", + "pushed_at": "2017-08-11T20:15:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 100069051, + "name": "CVE-2017-1000117", + "full_name": "Manouchehri\/CVE-2017-1000117", + "owner": { + "login": "Manouchehri", + "id": 7232674, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7232674?v=4", + "html_url": "https:\/\/github.com\/Manouchehri" + }, + "html_url": "https:\/\/github.com\/Manouchehri\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-11T20:47:53Z", + "updated_at": "2018-04-19T04:23:54Z", + "pushed_at": "2017-08-11T21:26:33Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 14, + "forks": 14, + "watchers": 16, + "score": 0 + }, + { + "id": 100080640, + "name": "CVE-2017-1000117", + "full_name": "thelastbyte\/CVE-2017-1000117", + "owner": { + "login": "thelastbyte", + "id": 7829097, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/7829097?v=4", + "html_url": "https:\/\/github.com\/thelastbyte" + }, + "html_url": "https:\/\/github.com\/thelastbyte\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-12T01:10:49Z", + "updated_at": "2017-09-01T22:06:02Z", + "pushed_at": "2017-09-01T22:08:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 100116587, + "name": "CVE-2017-1000117", + "full_name": "alilangtest\/CVE-2017-1000117", + "owner": { + "login": "alilangtest", + "id": 20162983, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20162983?v=4", + "html_url": "https:\/\/github.com\/alilangtest" + }, + "html_url": "https:\/\/github.com\/alilangtest\/CVE-2017-1000117", + "description": "test", + "fork": false, + "created_at": "2017-08-12T14:14:55Z", + "updated_at": "2019-05-09T09:27:01Z", + "pushed_at": "2017-08-12T14:25:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 100130122, + "name": "CVE-2017-1000117", + "full_name": "VulApps\/CVE-2017-1000117", + "owner": { + "login": "VulApps", + "id": 29811930, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/29811930?v=4", + "html_url": "https:\/\/github.com\/VulApps" + }, + "html_url": "https:\/\/github.com\/VulApps\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-12T18:20:02Z", + "updated_at": "2020-03-21T15:06:32Z", + "pushed_at": "2017-08-12T18:22:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 21, + "forks": 21, + "watchers": 4, + "score": 0 + }, + { + "id": 100280254, + "name": "CVE-2017-1000117", + "full_name": "greymd\/CVE-2017-1000117", + "owner": { + "login": "greymd", + "id": 3874767, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3874767?v=4", + "html_url": "https:\/\/github.com\/greymd" + }, + "html_url": "https:\/\/github.com\/greymd\/CVE-2017-1000117", + "description": "Check Git's vulnerability CVE-2017-1000117", + "fork": false, + "created_at": "2017-08-14T15:05:48Z", + "updated_at": "2020-06-01T01:41:41Z", + "pushed_at": "2017-08-16T15:39:15Z", + "stargazers_count": 137, + "watchers_count": 137, + "forks_count": 25, + "forks": 25, + "watchers": 137, + "score": 0 + }, + { + "id": 100325886, + "name": "Fix-CVE-2017-1000117", + "full_name": "shogo82148\/Fix-CVE-2017-1000117", + "owner": { + "login": "shogo82148", + "id": 1157344, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1157344?v=4", + "html_url": "https:\/\/github.com\/shogo82148" + }, + "html_url": "https:\/\/github.com\/shogo82148\/Fix-CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-15T01:40:18Z", + "updated_at": "2017-08-17T03:44:20Z", + "pushed_at": "2017-08-17T03:44:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 100357293, + "name": "CVE-2017-1000117_wasawasa", + "full_name": "sasairc\/CVE-2017-1000117_wasawasa", + "owner": { + "login": "sasairc", + "id": 9349287, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/9349287?v=4", + "html_url": "https:\/\/github.com\/sasairc" + }, + "html_url": "https:\/\/github.com\/sasairc\/CVE-2017-1000117_wasawasa", + "description": null, + "fork": false, + "created_at": "2017-08-15T08:39:23Z", + "updated_at": "2017-08-15T09:39:16Z", + "pushed_at": "2017-08-15T08:43:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 100374790, + "name": "CVE-2017-1000117-test", + "full_name": "Shadow5523\/CVE-2017-1000117-test", + "owner": { + "login": "Shadow5523", + "id": 22784789, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22784789?v=4", + "html_url": "https:\/\/github.com\/Shadow5523" + }, + "html_url": "https:\/\/github.com\/Shadow5523\/CVE-2017-1000117-test", + "description": "CVE-2017-1000117の検証", + "fork": false, + "created_at": "2017-08-15T12:24:57Z", + "updated_at": "2017-08-17T14:54:39Z", + "pushed_at": "2017-08-18T02:18:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 100437085, + "name": "CVE-2017-1000117", + "full_name": "bells17\/CVE-2017-1000117", + "owner": { + "login": "bells17", + "id": 2158863, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/2158863?v=4", + "html_url": "https:\/\/github.com\/bells17" + }, + "html_url": "https:\/\/github.com\/bells17\/CVE-2017-1000117", + "description": "https:\/\/github.com\/greymd\/CVE-2017-1000117 の勉強用", + "fork": false, + "created_at": "2017-08-16T02:04:02Z", + "updated_at": "2017-10-13T17:48:19Z", + "pushed_at": "2017-08-16T09:35:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 100437171, + "name": "CVE-2017-1000117", + "full_name": "ieee0824\/CVE-2017-1000117", + "owner": { + "login": "ieee0824", + "id": 5692475, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5692475?v=4", + "html_url": "https:\/\/github.com\/ieee0824" + }, + "html_url": "https:\/\/github.com\/ieee0824\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-16T02:05:08Z", + "updated_at": "2017-08-16T08:10:25Z", + "pushed_at": "2017-08-16T10:03:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 100445561, + "name": "CVE-2017-1000117", + "full_name": "rootclay\/CVE-2017-1000117", + "owner": { + "login": "rootclay", + "id": 29671471, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29671471?v=4", + "html_url": "https:\/\/github.com\/rootclay" + }, + "html_url": "https:\/\/github.com\/rootclay\/CVE-2017-1000117", + "description": "CVE-2017-1000117", + "fork": false, + "created_at": "2017-08-16T03:52:27Z", + "updated_at": "2017-08-16T04:00:53Z", + "pushed_at": "2017-08-16T06:14:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 100446125, + "name": "CVE-2017-1000117-sl", + "full_name": "ieee0824\/CVE-2017-1000117-sl", + "owner": { + "login": "ieee0824", + "id": 5692475, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5692475?v=4", + "html_url": "https:\/\/github.com\/ieee0824" + }, + "html_url": "https:\/\/github.com\/ieee0824\/CVE-2017-1000117-sl", + "description": "Experiment of CVE-2017-1000117", + "fork": false, + "created_at": "2017-08-16T04:01:08Z", + "updated_at": "2017-08-16T05:42:26Z", + "pushed_at": "2017-08-16T09:54:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 100498924, + "name": "CVE-2017-1000117", + "full_name": "takehaya\/CVE-2017-1000117", + "owner": { + "login": "takehaya", + "id": 10973623, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10973623?v=4", + "html_url": "https:\/\/github.com\/takehaya" + }, + "html_url": "https:\/\/github.com\/takehaya\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-16T14:34:37Z", + "updated_at": "2017-08-16T14:34:37Z", + "pushed_at": "2017-08-17T18:45:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 100544749, + "name": "CVE-2017-1000117", + "full_name": "ikmski\/CVE-2017-1000117", + "owner": { + "login": "ikmski", + "id": 6622579, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6622579?v=4", + "html_url": "https:\/\/github.com\/ikmski" + }, + "html_url": "https:\/\/github.com\/ikmski\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-17T00:37:47Z", + "updated_at": "2017-08-17T00:37:47Z", + "pushed_at": "2017-08-17T00:57:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 100730507, + "name": "CVE-2017-1000117", + "full_name": "nkoneko\/CVE-2017-1000117", + "owner": { + "login": "nkoneko", + "id": 1922341, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1922341?v=4", + "html_url": "https:\/\/github.com\/nkoneko" + }, + "html_url": "https:\/\/github.com\/nkoneko\/CVE-2017-1000117", + "description": "GitのCommand Injectionの脆弱性を利用してスクリプトを落として実行する例", + "fork": false, + "created_at": "2017-08-18T16:23:53Z", + "updated_at": "2018-06-27T07:59:10Z", + "pushed_at": "2017-08-18T16:30:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 100926724, + "name": "test", + "full_name": "chenzhuo0618\/test", + "owner": { + "login": "chenzhuo0618", + "id": 5562130, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5562130?v=4", + "html_url": "https:\/\/github.com\/chenzhuo0618" + }, + "html_url": "https:\/\/github.com\/chenzhuo0618\/test", + "description": "test for CVE-2017-1000117", + "fork": false, + "created_at": "2017-08-21T07:46:16Z", + "updated_at": "2017-08-21T07:46:48Z", + "pushed_at": "2017-08-21T08:51:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 102318198, + "name": "CVE-2017-1000117", + "full_name": "siling2017\/CVE-2017-1000117", + "owner": { + "login": "siling2017", + "id": 27729343, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/27729343?v=4", + "html_url": "https:\/\/github.com\/siling2017" + }, + "html_url": "https:\/\/github.com\/siling2017\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-09-04T04:18:19Z", + "updated_at": "2017-09-04T04:18:29Z", + "pushed_at": "2017-09-04T04:18:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 112913757, + "name": "CVE-2017-1000117", + "full_name": "Q2h1Cg\/CVE-2017-1000117", + "owner": { + "login": "Q2h1Cg", + "id": 3953030, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3953030?v=4", + "html_url": "https:\/\/github.com\/Q2h1Cg" + }, + "html_url": "https:\/\/github.com\/Q2h1Cg\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-12-03T08:58:18Z", + "updated_at": "2017-12-03T08:58:33Z", + "pushed_at": "2017-12-03T08:59:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 166267328, "name": "cve-2017-1000117", diff --git a/2017/CVE-2017-1000250.json b/2017/CVE-2017-1000250.json new file mode 100644 index 0000000000..d2b627aab1 --- /dev/null +++ b/2017/CVE-2017-1000250.json @@ -0,0 +1,25 @@ +[ + { + "id": 110457097, + "name": "CVE-2017-1000250-PoC", + "full_name": "olav-st\/CVE-2017-1000250-PoC", + "owner": { + "login": "olav-st", + "id": 1856634, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1856634?v=4", + "html_url": "https:\/\/github.com\/olav-st" + }, + "html_url": "https:\/\/github.com\/olav-st\/CVE-2017-1000250-PoC", + "description": "Proof of concept exploit script for CVE-2017-1000250. Written while researching for the essay in TTM4137 Wireless Security.", + "fork": false, + "created_at": "2017-11-12T18:18:52Z", + "updated_at": "2019-03-20T07:23:31Z", + "pushed_at": "2017-11-12T19:46:35Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000251.json b/2017/CVE-2017-1000251.json new file mode 100644 index 0000000000..0a8cb96f74 --- /dev/null +++ b/2017/CVE-2017-1000251.json @@ -0,0 +1,94 @@ +[ + { + "id": 104546702, + "name": "Blueborne-CVE-2017-1000251", + "full_name": "hayzamjs\/Blueborne-CVE-2017-1000251", + "owner": { + "login": "hayzamjs", + "id": 3922884, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3922884?v=4", + "html_url": "https:\/\/github.com\/hayzamjs" + }, + "html_url": "https:\/\/github.com\/hayzamjs\/Blueborne-CVE-2017-1000251", + "description": "Blueborne CVE-2017-1000251 PoC for linux machines", + "fork": false, + "created_at": "2017-09-23T06:29:31Z", + "updated_at": "2020-11-04T16:52:04Z", + "pushed_at": "2017-10-11T17:46:21Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 13, + "forks": 13, + "watchers": 16, + "score": 0 + }, + { + "id": 105091487, + "name": "blueborne-CVE-2017-1000251", + "full_name": "tlatkdgus1\/blueborne-CVE-2017-1000251", + "owner": { + "login": "tlatkdgus1", + "id": 13446909, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/13446909?v=4", + "html_url": "https:\/\/github.com\/tlatkdgus1" + }, + "html_url": "https:\/\/github.com\/tlatkdgus1\/blueborne-CVE-2017-1000251", + "description": "clone", + "fork": false, + "created_at": "2017-09-28T02:12:57Z", + "updated_at": "2017-09-28T02:19:14Z", + "pushed_at": "2017-09-28T02:19:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 105433963, + "name": "blueborne-CVE-2017-1000251-POC", + "full_name": "own2pwn\/blueborne-CVE-2017-1000251-POC", + "owner": { + "login": "own2pwn", + "id": 7850039, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/7850039?v=4", + "html_url": "https:\/\/github.com\/own2pwn" + }, + "html_url": "https:\/\/github.com\/own2pwn\/blueborne-CVE-2017-1000251-POC", + "description": null, + "fork": false, + "created_at": "2017-10-01T10:15:40Z", + "updated_at": "2018-11-16T07:29:50Z", + "pushed_at": "2017-10-01T10:23:36Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + }, + { + "id": 110958300, + "name": "blueborne-CVE-2017-1000251", + "full_name": "marcinguy\/blueborne-CVE-2017-1000251", + "owner": { + "login": "marcinguy", + "id": 20355405, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20355405?v=4", + "html_url": "https:\/\/github.com\/marcinguy" + }, + "html_url": "https:\/\/github.com\/marcinguy\/blueborne-CVE-2017-1000251", + "description": "Linux Kernel < 4.13.1 - BlueTooth Buffer Overflow (PoC) BlueBorne - Proof of Concept - Unarmed\/Unweaponized - DoS (Crash) only", + "fork": false, + "created_at": "2017-11-16T10:35:05Z", + "updated_at": "2019-11-23T05:24:53Z", + "pushed_at": "2018-02-11T18:25:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000253.json b/2017/CVE-2017-1000253.json new file mode 100644 index 0000000000..d4d6381b57 --- /dev/null +++ b/2017/CVE-2017-1000253.json @@ -0,0 +1,25 @@ +[ + { + "id": 137769369, + "name": "PIE-Stack-Clash-CVE-2017-1000253", + "full_name": "RicterZ\/PIE-Stack-Clash-CVE-2017-1000253", + "owner": { + "login": "RicterZ", + "id": 5282759, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/5282759?v=4", + "html_url": "https:\/\/github.com\/RicterZ" + }, + "html_url": "https:\/\/github.com\/RicterZ\/PIE-Stack-Clash-CVE-2017-1000253", + "description": "Demo-ing CVE-2017-1000253 in a container", + "fork": false, + "created_at": "2018-06-18T15:22:01Z", + "updated_at": "2020-09-21T07:09:05Z", + "pushed_at": "2017-11-01T07:59:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 5, + "forks": 5, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000367.json b/2017/CVE-2017-1000367.json new file mode 100644 index 0000000000..75fb95c9ac --- /dev/null +++ b/2017/CVE-2017-1000367.json @@ -0,0 +1,71 @@ +[ + { + "id": 92862379, + "name": "sudo-CVE-2017-1000367", + "full_name": "c0d3z3r0\/sudo-CVE-2017-1000367", + "owner": { + "login": "c0d3z3r0", + "id": 6205797, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6205797?v=4", + "html_url": "https:\/\/github.com\/c0d3z3r0" + }, + "html_url": "https:\/\/github.com\/c0d3z3r0\/sudo-CVE-2017-1000367", + "description": null, + "fork": false, + "created_at": "2017-05-30T18:12:38Z", + "updated_at": "2020-12-12T08:21:34Z", + "pushed_at": "2017-06-05T19:53:35Z", + "stargazers_count": 114, + "watchers_count": 114, + "forks_count": 41, + "forks": 41, + "watchers": 114, + "score": 0 + }, + { + "id": 93312242, + "name": "CVE-2017-1000367", + "full_name": "homjxi0e\/CVE-2017-1000367", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-1000367", + "description": null, + "fork": false, + "created_at": "2017-06-04T12:31:59Z", + "updated_at": "2020-05-18T10:42:07Z", + "pushed_at": "2017-06-04T12:49:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 4, + "forks": 4, + "watchers": 1, + "score": 0 + }, + { + "id": 93726308, + "name": "sudo_exploit", + "full_name": "pucerpocok\/sudo_exploit", + "owner": { + "login": "pucerpocok", + "id": 25666150, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25666150?v=4", + "html_url": "https:\/\/github.com\/pucerpocok" + }, + "html_url": "https:\/\/github.com\/pucerpocok\/sudo_exploit", + "description": "own implementation of the CVE-2017-1000367 sudo privilege escalation vulnerability in python", + "fork": false, + "created_at": "2017-06-08T08:37:38Z", + "updated_at": "2020-10-21T10:34:25Z", + "pushed_at": "2017-06-08T08:38:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000405.json b/2017/CVE-2017-1000405.json new file mode 100644 index 0000000000..548e030c7f --- /dev/null +++ b/2017/CVE-2017-1000405.json @@ -0,0 +1,25 @@ +[ + { + "id": 112534496, + "name": "HugeDirtyCowPOC", + "full_name": "bindecy\/HugeDirtyCowPOC", + "owner": { + "login": "bindecy", + "id": 33990073, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/33990073?v=4", + "html_url": "https:\/\/github.com\/bindecy" + }, + "html_url": "https:\/\/github.com\/bindecy\/HugeDirtyCowPOC", + "description": "A POC for the Huge Dirty Cow vulnerability (CVE-2017-1000405)", + "fork": false, + "created_at": "2017-11-29T22:19:51Z", + "updated_at": "2020-12-23T12:22:34Z", + "pushed_at": "2017-11-30T00:24:14Z", + "stargazers_count": 199, + "watchers_count": 199, + "forks_count": 63, + "forks": 63, + "watchers": 199, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000475.json b/2017/CVE-2017-1000475.json new file mode 100644 index 0000000000..216cc33121 --- /dev/null +++ b/2017/CVE-2017-1000475.json @@ -0,0 +1,25 @@ +[ + { + "id": 118515767, + "name": "CVE-2017-1000475", + "full_name": "lajarajorge\/CVE-2017-1000475", + "owner": { + "login": "lajarajorge", + "id": 35707370, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/35707370?v=4", + "html_url": "https:\/\/github.com\/lajarajorge" + }, + "html_url": "https:\/\/github.com\/lajarajorge\/CVE-2017-1000475", + "description": "Unquoted Path Service", + "fork": false, + "created_at": "2018-01-22T21:10:22Z", + "updated_at": "2018-01-22T21:10:22Z", + "pushed_at": "2018-01-22T21:34:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10235.json b/2017/CVE-2017-10235.json new file mode 100644 index 0000000000..a6e2664d75 --- /dev/null +++ b/2017/CVE-2017-10235.json @@ -0,0 +1,25 @@ +[ + { + "id": 104800054, + "name": "vbox_cve_2017_10235", + "full_name": "fundacion-sadosky\/vbox_cve_2017_10235", + "owner": { + "login": "fundacion-sadosky", + "id": 30127931, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/30127931?v=4", + "html_url": "https:\/\/github.com\/fundacion-sadosky" + }, + "html_url": "https:\/\/github.com\/fundacion-sadosky\/vbox_cve_2017_10235", + "description": "[CVE-2017-10235] Description and PoC of VirtualBox E1000 device Buffer Overflow", + "fork": false, + "created_at": "2017-09-25T20:42:47Z", + "updated_at": "2020-09-16T11:51:04Z", + "pushed_at": "2018-01-15T19:26:45Z", + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 4, + "forks": 4, + "watchers": 26, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10271.json b/2017/CVE-2017-10271.json index 6753524357..c2c3b87a52 100644 --- a/2017/CVE-2017-10271.json +++ b/2017/CVE-2017-10271.json @@ -1,4 +1,73 @@ [ + { + "id": 115195951, + "name": "CVE-2017-10271", + "full_name": "1337g\/CVE-2017-10271", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-10271", + "description": "CVE-2017-10271 WEBLOGIC RCE (TESTED)", + "fork": false, + "created_at": "2017-12-23T13:04:23Z", + "updated_at": "2020-09-01T16:02:59Z", + "pushed_at": "2017-12-23T13:12:06Z", + "stargazers_count": 38, + "watchers_count": 38, + "forks_count": 26, + "forks": 26, + "watchers": 38, + "score": 0 + }, + { + "id": 115311346, + "name": "CVE-2017-10271", + "full_name": "s3xy\/CVE-2017-10271", + "owner": { + "login": "s3xy", + "id": 34327996, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/34327996?v=4", + "html_url": "https:\/\/github.com\/s3xy" + }, + "html_url": "https:\/\/github.com\/s3xy\/CVE-2017-10271", + "description": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.", + "fork": false, + "created_at": "2017-12-25T06:11:54Z", + "updated_at": "2020-12-11T01:36:14Z", + "pushed_at": "2017-12-25T06:21:23Z", + "stargazers_count": 24, + "watchers_count": 24, + "forks_count": 9, + "forks": 9, + "watchers": 24, + "score": 0 + }, + { + "id": 115339400, + "name": "PoCs-Weblogic_2017_10271", + "full_name": "ZH3FENG\/PoCs-Weblogic_2017_10271", + "owner": { + "login": "ZH3FENG", + "id": 20502660, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20502660?v=4", + "html_url": "https:\/\/github.com\/ZH3FENG" + }, + "html_url": "https:\/\/github.com\/ZH3FENG\/PoCs-Weblogic_2017_10271", + "description": "Simplified PoC for Weblogic-CVE-2017-10271", + "fork": false, + "created_at": "2017-12-25T13:18:45Z", + "updated_at": "2019-03-19T07:31:45Z", + "pushed_at": "2017-12-25T13:23:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, { "id": 115571903, "name": "CVE-2017-10271", @@ -22,6 +91,75 @@ "watchers": 128, "score": 0 }, + { + "id": 115596796, + "name": "CVE-2017-10271", + "full_name": "Luffin\/CVE-2017-10271", + "owner": { + "login": "Luffin", + "id": 13807870, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13807870?v=4", + "html_url": "https:\/\/github.com\/Luffin" + }, + "html_url": "https:\/\/github.com\/Luffin\/CVE-2017-10271", + "description": "CVE-2017-10271 POC", + "fork": false, + "created_at": "2017-12-28T07:19:13Z", + "updated_at": "2020-08-10T02:31:05Z", + "pushed_at": "2018-01-10T02:34:56Z", + "stargazers_count": 29, + "watchers_count": 29, + "forks_count": 15, + "forks": 15, + "watchers": 29, + "score": 0 + }, + { + "id": 116099094, + "name": "weblogic_wls_wsat_rce", + "full_name": "cjjduck\/weblogic_wls_wsat_rce", + "owner": { + "login": "cjjduck", + "id": 23519154, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/23519154?v=4", + "html_url": "https:\/\/github.com\/cjjduck" + }, + "html_url": "https:\/\/github.com\/cjjduck\/weblogic_wls_wsat_rce", + "description": "forked from https:\/\/github.com\/s3xy\/CVE-2017-10271. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.Modified by hanc00l", + "fork": false, + "created_at": "2018-01-03T06:14:28Z", + "updated_at": "2020-10-09T02:33:00Z", + "pushed_at": "2018-01-03T00:42:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 39, + "forks": 39, + "watchers": 3, + "score": 0 + }, + { + "id": 116430643, + "name": "CVE-2017-10271", + "full_name": "kkirsche\/CVE-2017-10271", + "owner": { + "login": "kkirsche", + "id": 947110, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/947110?v=4", + "html_url": "https:\/\/github.com\/kkirsche" + }, + "html_url": "https:\/\/github.com\/kkirsche\/CVE-2017-10271", + "description": "Oracle WebLogic WLS-WSAT Remote Code Execution Exploit (CVE-2017-10271)", + "fork": false, + "created_at": "2018-01-05T21:57:03Z", + "updated_at": "2020-12-04T14:32:52Z", + "pushed_at": "2018-01-26T14:28:58Z", + "stargazers_count": 119, + "watchers_count": 119, + "forks_count": 43, + "forks": 43, + "watchers": 119, + "score": 0 + }, { "id": 117624791, "name": "CVE-2017-10271", @@ -45,6 +183,29 @@ "watchers": 3, "score": 0 }, + { + "id": 117926261, + "name": "cve-2017-10271-poc", + "full_name": "SuperHacker-liuan\/cve-2017-10271-poc", + "owner": { + "login": "SuperHacker-liuan", + "id": 30787037, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/30787037?v=4", + "html_url": "https:\/\/github.com\/SuperHacker-liuan" + }, + "html_url": "https:\/\/github.com\/SuperHacker-liuan\/cve-2017-10271-poc", + "description": "cve-2017-10271 POC", + "fork": false, + "created_at": "2018-01-18T03:21:15Z", + "updated_at": "2020-01-06T03:15:27Z", + "pushed_at": "2018-02-02T07:47:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 1, + "forks": 1, + "watchers": 5, + "score": 0 + }, { "id": 118044092, "name": "CVE-2017-10271", @@ -68,6 +229,52 @@ "watchers": 1, "score": 0 }, + { + "id": 118144871, + "name": "Oracle-WebLogic-CVE-2017-10271", + "full_name": "peterpeter228\/Oracle-WebLogic-CVE-2017-10271", + "owner": { + "login": "peterpeter228", + "id": 22089258, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22089258?v=4", + "html_url": "https:\/\/github.com\/peterpeter228" + }, + "html_url": "https:\/\/github.com\/peterpeter228\/Oracle-WebLogic-CVE-2017-10271", + "description": "WebLogic wls-wsat RCE CVE-2017-10271", + "fork": false, + "created_at": "2018-01-19T15:50:08Z", + "updated_at": "2020-09-24T10:47:12Z", + "pushed_at": "2018-01-19T11:29:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 120462394, + "name": "CVE-2017-10271", + "full_name": "Sch01ar\/CVE-2017-10271", + "owner": { + "login": "Sch01ar", + "id": 28928231, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/28928231?v=4", + "html_url": "https:\/\/github.com\/Sch01ar" + }, + "html_url": "https:\/\/github.com\/Sch01ar\/CVE-2017-10271", + "description": null, + "fork": false, + "created_at": "2018-02-06T13:38:40Z", + "updated_at": "2018-02-06T13:59:34Z", + "pushed_at": "2018-02-08T09:21:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 120571410, "name": "weblogic_honeypot", diff --git a/2017/CVE-2017-10661.json b/2017/CVE-2017-10661.json new file mode 100644 index 0000000000..5b677aa7f0 --- /dev/null +++ b/2017/CVE-2017-10661.json @@ -0,0 +1,25 @@ +[ + { + "id": 100021936, + "name": "CVE-2017-10661_POC", + "full_name": "GeneBlue\/CVE-2017-10661_POC", + "owner": { + "login": "GeneBlue", + "id": 10919709, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10919709?v=4", + "html_url": "https:\/\/github.com\/GeneBlue" + }, + "html_url": "https:\/\/github.com\/GeneBlue\/CVE-2017-10661_POC", + "description": "poc for cve-2017-10661", + "fork": false, + "created_at": "2017-08-11T10:45:10Z", + "updated_at": "2020-12-17T10:26:55Z", + "pushed_at": "2017-08-11T10:45:56Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 5, + "forks": 5, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10797.json b/2017/CVE-2017-10797.json new file mode 100644 index 0000000000..5df2c8c2db --- /dev/null +++ b/2017/CVE-2017-10797.json @@ -0,0 +1,25 @@ +[ + { + "id": 119376202, + "name": "CVE-2017-10797", + "full_name": "n4xh4ck5\/CVE-2017-10797", + "owner": { + "login": "n4xh4ck5", + "id": 26029224, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26029224?v=4", + "html_url": "https:\/\/github.com\/n4xh4ck5" + }, + "html_url": "https:\/\/github.com\/n4xh4ck5\/CVE-2017-10797", + "description": "CVE-2017-10797- User Enumeration in OwnCloud Server 8.1-10.0", + "fork": false, + "created_at": "2018-01-29T11:53:14Z", + "updated_at": "2020-03-26T17:06:19Z", + "pushed_at": "2018-01-29T11:56:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11611.json b/2017/CVE-2017-11611.json new file mode 100644 index 0000000000..90882cf38f --- /dev/null +++ b/2017/CVE-2017-11611.json @@ -0,0 +1,25 @@ +[ + { + "id": 101361478, + "name": "Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc", + "full_name": "faizzaidi\/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc", + "description": "WolfCMS-v0.8.3.1 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2017-11611", + "fork": false, + "created_at": "2017-08-25T03:19:05Z", + "updated_at": "2020-07-17T05:22:39Z", + "pushed_at": "2017-08-25T03:19:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11816.json b/2017/CVE-2017-11816.json new file mode 100644 index 0000000000..cb13ce8342 --- /dev/null +++ b/2017/CVE-2017-11816.json @@ -0,0 +1,25 @@ +[ + { + "id": 106789971, + "name": "CVE-2017-11816", + "full_name": "lr3800\/CVE-2017-11816", + "owner": { + "login": "lr3800", + "id": 22863274, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22863274?v=4", + "html_url": "https:\/\/github.com\/lr3800" + }, + "html_url": "https:\/\/github.com\/lr3800\/CVE-2017-11816", + "description": null, + "fork": false, + "created_at": "2017-10-13T07:05:55Z", + "updated_at": "2017-10-13T07:05:55Z", + "pushed_at": "2017-10-13T14:25:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11882.json b/2017/CVE-2017-11882.json index ec0ccf2aaf..ca47f361fc 100644 --- a/2017/CVE-2017-11882.json +++ b/2017/CVE-2017-11882.json @@ -1,4 +1,280 @@ [ + { + "id": 111305094, + "name": "cve-2017-11882", + "full_name": "zhouat\/cve-2017-11882", + "owner": { + "login": "zhouat", + "id": 8078184, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/8078184?v=4", + "html_url": "https:\/\/github.com\/zhouat" + }, + "html_url": "https:\/\/github.com\/zhouat\/cve-2017-11882", + "description": null, + "fork": false, + "created_at": "2017-11-19T14:57:41Z", + "updated_at": "2017-11-21T09:11:26Z", + "pushed_at": "2017-11-18T14:21:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 111435936, + "name": "CVE-2017-11882", + "full_name": "embedi\/CVE-2017-11882", + "owner": { + "login": "embedi", + "id": 24190344, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/24190344?v=4", + "html_url": "https:\/\/github.com\/embedi" + }, + "html_url": "https:\/\/github.com\/embedi\/CVE-2017-11882", + "description": "Proof-of-Concept exploits for CVE-2017-11882", + "fork": false, + "created_at": "2017-11-20T16:35:30Z", + "updated_at": "2020-12-29T03:30:26Z", + "pushed_at": "2017-11-29T16:13:23Z", + "stargazers_count": 479, + "watchers_count": 479, + "forks_count": 199, + "forks": 199, + "watchers": 479, + "score": 0 + }, + { + "id": 111505810, + "name": "CVE-2017-11882", + "full_name": "Ridter\/CVE-2017-11882", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter" + }, + "html_url": "https:\/\/github.com\/Ridter\/CVE-2017-11882", + "description": "CVE-2017-11882 from https:\/\/github.com\/embedi\/CVE-2017-11882", + "fork": false, + "created_at": "2017-11-21T05:55:53Z", + "updated_at": "2020-12-31T12:10:38Z", + "pushed_at": "2017-11-29T03:33:53Z", + "stargazers_count": 479, + "watchers_count": 479, + "forks_count": 245, + "forks": 245, + "watchers": 479, + "score": 0 + }, + { + "id": 111525857, + "name": "2017-11882_Generator", + "full_name": "BlackMathIT\/2017-11882_Generator", + "owner": { + "login": "BlackMathIT", + "id": 26303870, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26303870?v=4", + "html_url": "https:\/\/github.com\/BlackMathIT" + }, + "html_url": "https:\/\/github.com\/BlackMathIT\/2017-11882_Generator", + "description": "CVE-2017-11882 File Generator PoC", + "fork": false, + "created_at": "2017-11-21T09:15:28Z", + "updated_at": "2020-03-26T09:20:58Z", + "pushed_at": "2017-11-22T08:38:18Z", + "stargazers_count": 32, + "watchers_count": 32, + "forks_count": 24, + "forks": 24, + "watchers": 32, + "score": 0 + }, + { + "id": 111566147, + "name": "CVE-2017-11882", + "full_name": "unamer\/CVE-2017-11882", + "owner": { + "login": "unamer", + "id": 12728984, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12728984?v=4", + "html_url": "https:\/\/github.com\/unamer" + }, + "html_url": "https:\/\/github.com\/unamer\/CVE-2017-11882", + "description": "CVE-2017-11882 Exploit accepts over 17k bytes long command\/code in maximum.", + "fork": false, + "created_at": "2017-11-21T15:22:41Z", + "updated_at": "2020-12-21T21:53:43Z", + "pushed_at": "2017-12-06T12:47:31Z", + "stargazers_count": 279, + "watchers_count": 279, + "forks_count": 76, + "forks": 76, + "watchers": 279, + "score": 0 + }, + { + "id": 111585219, + "name": "CVE-2017-11882-metasploit", + "full_name": "0x09AL\/CVE-2017-11882-metasploit", + "owner": { + "login": "0x09AL", + "id": 25826294, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25826294?v=4", + "html_url": "https:\/\/github.com\/0x09AL" + }, + "html_url": "https:\/\/github.com\/0x09AL\/CVE-2017-11882-metasploit", + "description": "This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https:\/\/embedi.com\/blog\/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.", + "fork": false, + "created_at": "2017-11-21T18:17:28Z", + "updated_at": "2020-09-30T09:12:42Z", + "pushed_at": "2017-11-21T20:34:57Z", + "stargazers_count": 94, + "watchers_count": 94, + "forks_count": 48, + "forks": 48, + "watchers": 94, + "score": 0 + }, + { + "id": 111601525, + "name": "ABC", + "full_name": "HZachev\/ABC", + "owner": { + "login": "HZachev", + "id": 33879843, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33879843?v=4", + "html_url": "https:\/\/github.com\/HZachev" + }, + "html_url": "https:\/\/github.com\/HZachev\/ABC", + "description": "CVE-2017-11882", + "fork": false, + "created_at": "2017-11-21T21:07:57Z", + "updated_at": "2017-11-21T21:07:57Z", + "pushed_at": "2017-11-21T22:04:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 111619944, + "name": "CVE-2017-11882", + "full_name": "starnightcyber\/CVE-2017-11882", + "owner": { + "login": "starnightcyber", + "id": 19260696, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19260696?v=4", + "html_url": "https:\/\/github.com\/starnightcyber" + }, + "html_url": "https:\/\/github.com\/starnightcyber\/CVE-2017-11882", + "description": "CVE-2017-11882 exploitation", + "fork": false, + "created_at": "2017-11-22T01:11:39Z", + "updated_at": "2020-11-09T03:32:38Z", + "pushed_at": "2017-11-28T03:06:32Z", + "stargazers_count": 38, + "watchers_count": 38, + "forks_count": 53, + "forks": 53, + "watchers": 38, + "score": 0 + }, + { + "id": 111637919, + "name": "CVE-2017-11882", + "full_name": "Grey-Li\/CVE-2017-11882", + "owner": { + "login": "Grey-Li", + "id": 33873392, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33873392?v=4", + "html_url": "https:\/\/github.com\/Grey-Li" + }, + "html_url": "https:\/\/github.com\/Grey-Li\/CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2017-11-22T04:53:44Z", + "updated_at": "2017-11-22T04:54:38Z", + "pushed_at": "2017-11-22T04:54:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 111887551, + "name": "CVE-2017-11882-for-Kali", + "full_name": "legendsec\/CVE-2017-11882-for-Kali", + "owner": { + "login": "legendsec", + "id": 13389492, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/13389492?v=4", + "html_url": "https:\/\/github.com\/legendsec" + }, + "html_url": "https:\/\/github.com\/legendsec\/CVE-2017-11882-for-Kali", + "description": "# CVE-2017-11882-metasploit This is a Metasploit module which exploits CVE-2017-11882 using the POC below: https:\/\/embedi.com\/blog\/skeleton-closet-ms-office-vulnerability-you-didnt-know-about. ## Installation 1) Copy the cve_2017_11882.rb to \/usr\/share\/metasploit-framework\/modules\/exploits\/windows\/local\/ 2) Copy the cve-2017-11882.rtf to \/usr\/share\/metasploit-framework\/data\/exploits\/ This module is a quick port to Metasploit and uses mshta.exe to execute the payload. There are better ways to implement this module and exploit but will update it as soon as I have the time.", + "fork": false, + "created_at": "2017-11-24T07:11:13Z", + "updated_at": "2017-11-24T07:11:13Z", + "pushed_at": "2017-11-24T07:11:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 111904379, + "name": "cve-2017-11882", + "full_name": "CSC-pentest\/cve-2017-11882", + "owner": { + "login": "CSC-pentest", + "id": 33954862, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/33954862?v=4", + "html_url": "https:\/\/github.com\/CSC-pentest" + }, + "html_url": "https:\/\/github.com\/CSC-pentest\/cve-2017-11882", + "description": null, + "fork": false, + "created_at": "2017-11-24T10:09:49Z", + "updated_at": "2017-11-24T10:09:49Z", + "pushed_at": "2017-11-24T10:13:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 112133932, + "name": "CVE-2017-11882-", + "full_name": "Shadowshusky\/CVE-2017-11882-", + "owner": { + "login": "Shadowshusky", + "id": 31649758, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/31649758?v=4", + "html_url": "https:\/\/github.com\/Shadowshusky" + }, + "html_url": "https:\/\/github.com\/Shadowshusky\/CVE-2017-11882-", + "description": null, + "fork": false, + "created_at": "2017-11-27T01:50:44Z", + "updated_at": "2017-11-27T01:50:54Z", + "pushed_at": "2017-11-27T01:50:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 117080574, "name": "CVE-2018-0802", @@ -22,6 +298,75 @@ "watchers": 266, "score": 0 }, + { + "id": 117234193, + "name": "RTF_11882_0802", + "full_name": "Ridter\/RTF_11882_0802", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter" + }, + "html_url": "https:\/\/github.com\/Ridter\/RTF_11882_0802", + "description": "PoC for CVE-2018-0802 And CVE-2017-11882", + "fork": false, + "created_at": "2018-01-12T11:38:33Z", + "updated_at": "2020-12-16T09:38:06Z", + "pushed_at": "2018-01-12T11:42:29Z", + "stargazers_count": 155, + "watchers_count": 155, + "forks_count": 64, + "forks": 64, + "watchers": 155, + "score": 0 + }, + { + "id": 117637164, + "name": "CVE-2017-11882", + "full_name": "likescam\/CVE-2017-11882", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2018-01-16T05:47:47Z", + "updated_at": "2018-01-16T05:47:59Z", + "pushed_at": "2018-01-16T05:47:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 117637270, + "name": "CVE-2018-0802_CVE-2017-11882", + "full_name": "likescam\/CVE-2018-0802_CVE-2017-11882", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-0802_CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2018-01-16T05:49:01Z", + "updated_at": "2020-11-26T04:09:34Z", + "pushed_at": "2018-01-16T05:49:10Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 4, + "forks": 4, + "watchers": 10, + "score": 0 + }, { "id": 130633082, "name": "CVE-2017-11882-Possible-Remcos-Malspam", diff --git a/2017/CVE-2017-12149.json b/2017/CVE-2017-12149.json index cd57ddf306..59afd15dd1 100644 --- a/2017/CVE-2017-12149.json +++ b/2017/CVE-2017-12149.json @@ -1,4 +1,27 @@ [ + { + "id": 111536144, + "name": "CVE-2017-12149", + "full_name": "sevck\/CVE-2017-12149", + "owner": { + "login": "sevck", + "id": 11308052, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/11308052?v=4", + "html_url": "https:\/\/github.com\/sevck" + }, + "html_url": "https:\/\/github.com\/sevck\/CVE-2017-12149", + "description": "CVE-2017-12149 JBOSS as 6.X反序列化(反弹shell版)", + "fork": false, + "created_at": "2017-11-21T10:48:24Z", + "updated_at": "2020-05-13T05:16:58Z", + "pushed_at": "2017-11-22T06:59:57Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 10, + "forks": 10, + "watchers": 19, + "score": 0 + }, { "id": 112277258, "name": "jboss-_CVE-2017-12149", @@ -22,6 +45,29 @@ "watchers": 109, "score": 0 }, + { + "id": 115089440, + "name": "CVE-2017-12149", + "full_name": "1337g\/CVE-2017-12149", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-12149", + "description": "CVE-2017-12149 JBOSS RCE (TESTED) ", + "fork": false, + "created_at": "2017-12-22T07:30:29Z", + "updated_at": "2020-03-10T20:03:04Z", + "pushed_at": "2017-12-23T06:43:16Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 9, + "forks": 9, + "watchers": 10, + "score": 0 + }, { "id": 203873391, "name": "CVE-2017-12149", diff --git a/2017/CVE-2017-12426.json b/2017/CVE-2017-12426.json new file mode 100644 index 0000000000..e31a643ca1 --- /dev/null +++ b/2017/CVE-2017-12426.json @@ -0,0 +1,25 @@ +[ + { + "id": 100264267, + "name": "CVE-2017-12426", + "full_name": "sm-paul-schuette\/CVE-2017-12426", + "owner": { + "login": "sm-paul-schuette", + "id": 29304646, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/29304646?v=4", + "html_url": "https:\/\/github.com\/sm-paul-schuette" + }, + "html_url": "https:\/\/github.com\/sm-paul-schuette\/CVE-2017-12426", + "description": null, + "fork": false, + "created_at": "2017-08-14T12:18:15Z", + "updated_at": "2017-08-14T12:18:15Z", + "pushed_at": "2017-08-14T12:19:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12611.json b/2017/CVE-2017-12611.json new file mode 100644 index 0000000000..e8fb2bbb7f --- /dev/null +++ b/2017/CVE-2017-12611.json @@ -0,0 +1,25 @@ +[ + { + "id": 102809812, + "name": "S2-053-CVE-2017-12611", + "full_name": "brianwrf\/S2-053-CVE-2017-12611", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf" + }, + "html_url": "https:\/\/github.com\/brianwrf\/S2-053-CVE-2017-12611", + "description": "A simple script for exploit RCE for Struts 2 S2-053(CVE-2017-12611)", + "fork": false, + "created_at": "2017-09-08T02:50:37Z", + "updated_at": "2020-12-14T01:19:43Z", + "pushed_at": "2017-09-08T11:59:20Z", + "stargazers_count": 38, + "watchers_count": 38, + "forks_count": 23, + "forks": 23, + "watchers": 38, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12615.json b/2017/CVE-2017-12615.json index 465e43ef68..e28ed10ac3 100644 --- a/2017/CVE-2017-12615.json +++ b/2017/CVE-2017-12615.json @@ -22,6 +22,121 @@ "watchers": 74, "score": 0 }, + { + "id": 104743685, + "name": "cve-2017-12615", + "full_name": "mefulton\/cve-2017-12615", + "owner": { + "login": "mefulton", + "id": 27797094, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/27797094?v=4", + "html_url": "https:\/\/github.com\/mefulton" + }, + "html_url": "https:\/\/github.com\/mefulton\/cve-2017-12615", + "description": "just a python script for cve-2017-12615", + "fork": false, + "created_at": "2017-09-25T11:53:02Z", + "updated_at": "2019-04-28T08:33:21Z", + "pushed_at": "2017-10-01T08:13:44Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 5, + "forks": 5, + "watchers": 9, + "score": 0 + }, + { + "id": 106053959, + "name": "POC-CVE-2017-12615-or-CVE-2017-12717", + "full_name": "zi0Black\/POC-CVE-2017-12615-or-CVE-2017-12717", + "owner": { + "login": "zi0Black", + "id": 13380579, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/13380579?v=4", + "html_url": "https:\/\/github.com\/zi0Black" + }, + "html_url": "https:\/\/github.com\/zi0Black\/POC-CVE-2017-12615-or-CVE-2017-12717", + "description": "CVE-2017-12617 and CVE-2017-12615 for tomcat server", + "fork": false, + "created_at": "2017-10-06T22:04:23Z", + "updated_at": "2019-03-06T16:07:08Z", + "pushed_at": "2017-10-10T14:23:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 109152824, + "name": "cve-2017-12615", + "full_name": "wsg00d\/cve-2017-12615", + "owner": { + "login": "wsg00d", + "id": 20575929, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/20575929?v=4", + "html_url": "https:\/\/github.com\/wsg00d" + }, + "html_url": "https:\/\/github.com\/wsg00d\/cve-2017-12615", + "description": "tomcat-put-cve-2017-12615", + "fork": false, + "created_at": "2017-11-01T16:05:32Z", + "updated_at": "2018-04-30T18:16:21Z", + "pushed_at": "2017-11-01T16:12:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 112277075, + "name": "CVE-2017-12615", + "full_name": "BeyondCy\/CVE-2017-12615", + "owner": { + "login": "BeyondCy", + "id": 4694785, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4694785?v=4", + "html_url": "https:\/\/github.com\/BeyondCy" + }, + "html_url": "https:\/\/github.com\/BeyondCy\/CVE-2017-12615", + "description": "Tomcat 远程代码执行漏洞 Exploit", + "fork": false, + "created_at": "2017-11-28T02:51:16Z", + "updated_at": "2020-11-28T11:13:12Z", + "pushed_at": "2017-10-18T13:15:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 115383252, + "name": "CVE-2017-12615", + "full_name": "1337g\/CVE-2017-12615", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-12615", + "description": "CVE-2017-12615 Tomcat RCE (TESTED)", + "fork": false, + "created_at": "2017-12-26T03:48:14Z", + "updated_at": "2018-04-30T18:15:17Z", + "pushed_at": "2017-12-26T12:38:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, { "id": 127641351, "name": "CVE-2017-12615", diff --git a/2017/CVE-2017-12617.json b/2017/CVE-2017-12617.json index 9ce67fe9a5..afcefa2ebb 100644 --- a/2017/CVE-2017-12617.json +++ b/2017/CVE-2017-12617.json @@ -1,4 +1,50 @@ [ + { + "id": 105951164, + "name": "CVE-2017-12617", + "full_name": "cyberheartmi9\/CVE-2017-12617", + "owner": { + "login": "cyberheartmi9", + "id": 12415756, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12415756?v=4", + "html_url": "https:\/\/github.com\/cyberheartmi9" + }, + "html_url": "https:\/\/github.com\/cyberheartmi9\/CVE-2017-12617", + "description": "Apache Tomcat < 9.0.1 (Beta) \/ < 8.5.23 \/ < 8.0.47 \/ < 7.0.8 - JSP Upload Bypass \/ Remote Code Execution ", + "fork": false, + "created_at": "2017-10-05T23:41:52Z", + "updated_at": "2020-12-16T08:00:31Z", + "pushed_at": "2017-10-11T07:43:50Z", + "stargazers_count": 352, + "watchers_count": 352, + "forks_count": 131, + "forks": 131, + "watchers": 352, + "score": 0 + }, + { + "id": 120838002, + "name": "CVE-2017-12617", + "full_name": "devcoinfet\/CVE-2017-12617", + "owner": { + "login": "devcoinfet", + "id": 34756993, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/34756993?v=4", + "html_url": "https:\/\/github.com\/devcoinfet" + }, + "html_url": "https:\/\/github.com\/devcoinfet\/CVE-2017-12617", + "description": "Code put together from a few peoples ideas credit given don't use maliciously please", + "fork": false, + "created_at": "2018-02-09T01:02:32Z", + "updated_at": "2018-02-09T01:04:38Z", + "pushed_at": "2018-02-09T01:04:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 162421259, "name": "CVE-2017-12617", diff --git a/2017/CVE-2017-12792.json b/2017/CVE-2017-12792.json new file mode 100644 index 0000000000..bedd237b02 --- /dev/null +++ b/2017/CVE-2017-12792.json @@ -0,0 +1,25 @@ +[ + { + "id": 107090388, + "name": "cve-2017-12792", + "full_name": "ZZS2017\/cve-2017-12792", + "owner": { + "login": "ZZS2017", + "id": 30464951, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/30464951?v=4", + "html_url": "https:\/\/github.com\/ZZS2017" + }, + "html_url": "https:\/\/github.com\/ZZS2017\/cve-2017-12792", + "description": "NexusPHP CSRF+XSS", + "fork": false, + "created_at": "2017-10-16T07:06:19Z", + "updated_at": "2019-11-21T10:28:20Z", + "pushed_at": "2017-08-21T09:38:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12852.json b/2017/CVE-2017-12852.json new file mode 100644 index 0000000000..47fb6203cb --- /dev/null +++ b/2017/CVE-2017-12852.json @@ -0,0 +1,25 @@ +[ + { + "id": 105343958, + "name": "numpy-1.13.1", + "full_name": "BT123\/numpy-1.13.1", + "owner": { + "login": "BT123", + "id": 9165608, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/9165608?v=4", + "html_url": "https:\/\/github.com\/BT123" + }, + "html_url": "https:\/\/github.com\/BT123\/numpy-1.13.1", + "description": "test the CVE-2017-12852 in numpy v1.13.1 and v1.13.3 has fixed the bug ", + "fork": false, + "created_at": "2017-09-30T05:21:48Z", + "updated_at": "2017-11-03T06:18:22Z", + "pushed_at": "2017-10-20T03:34:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12943.json b/2017/CVE-2017-12943.json new file mode 100644 index 0000000000..f3c193eb45 --- /dev/null +++ b/2017/CVE-2017-12943.json @@ -0,0 +1,25 @@ +[ + { + "id": 105268887, + "name": "D-Link", + "full_name": "aymankhalfatni\/D-Link", + "owner": { + "login": "aymankhalfatni", + "id": 19715320, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/19715320?v=4", + "html_url": "https:\/\/github.com\/aymankhalfatni" + }, + "html_url": "https:\/\/github.com\/aymankhalfatni\/D-Link", + "description": "CVE-2017-12943", + "fork": false, + "created_at": "2017-09-29T12:18:40Z", + "updated_at": "2017-09-29T12:18:40Z", + "pushed_at": "2017-09-29T12:22:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13089.json b/2017/CVE-2017-13089.json new file mode 100644 index 0000000000..7a1a40b82a --- /dev/null +++ b/2017/CVE-2017-13089.json @@ -0,0 +1,48 @@ +[ + { + "id": 108590896, + "name": "CVE-2017-13089", + "full_name": "r1b\/CVE-2017-13089", + "owner": { + "login": "r1b", + "id": 5550520, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5550520?v=4", + "html_url": "https:\/\/github.com\/r1b" + }, + "html_url": "https:\/\/github.com\/r1b\/CVE-2017-13089", + "description": "PoC for wget v1.19.1", + "fork": false, + "created_at": "2017-10-27T20:06:11Z", + "updated_at": "2020-12-26T09:31:18Z", + "pushed_at": "2018-02-02T11:30:04Z", + "stargazers_count": 52, + "watchers_count": 52, + "forks_count": 21, + "forks": 21, + "watchers": 52, + "score": 0 + }, + { + "id": 110805304, + "name": "CVE-2017-13089", + "full_name": "mzeyong\/CVE-2017-13089", + "owner": { + "login": "mzeyong", + "id": 20426501, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/20426501?v=4", + "html_url": "https:\/\/github.com\/mzeyong" + }, + "html_url": "https:\/\/github.com\/mzeyong\/CVE-2017-13089", + "description": "CVE-2017-13089", + "fork": false, + "created_at": "2017-11-15T08:22:58Z", + "updated_at": "2019-05-21T04:08:55Z", + "pushed_at": "2017-11-15T08:36:12Z", + "stargazers_count": 56, + "watchers_count": 56, + "forks_count": 17, + "forks": 17, + "watchers": 56, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13156.json b/2017/CVE-2017-13156.json index ac8cf165cd..52a4eae0d9 100644 --- a/2017/CVE-2017-13156.json +++ b/2017/CVE-2017-13156.json @@ -1,4 +1,27 @@ [ + { + "id": 115697431, + "name": "Janus-CVE-2017-13156", + "full_name": "xyzAsian\/Janus-CVE-2017-13156", + "owner": { + "login": "xyzAsian", + "id": 34933799, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/34933799?v=4", + "html_url": "https:\/\/github.com\/xyzAsian" + }, + "html_url": "https:\/\/github.com\/xyzAsian\/Janus-CVE-2017-13156", + "description": null, + "fork": false, + "created_at": "2017-12-29T07:11:42Z", + "updated_at": "2019-11-26T05:42:27Z", + "pushed_at": "2017-12-29T08:01:10Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 3, + "forks": 3, + "watchers": 11, + "score": 0 + }, { "id": 188905732, "name": "CVE-2017-13156", diff --git a/2017/CVE-2017-13672.json b/2017/CVE-2017-13672.json new file mode 100644 index 0000000000..69d245be41 --- /dev/null +++ b/2017/CVE-2017-13672.json @@ -0,0 +1,25 @@ +[ + { + "id": 115146971, + "name": "CVE-2017-13672", + "full_name": "DavidBuchanan314\/CVE-2017-13672", + "owner": { + "login": "DavidBuchanan314", + "id": 13520633, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13520633?v=4", + "html_url": "https:\/\/github.com\/DavidBuchanan314" + }, + "html_url": "https:\/\/github.com\/DavidBuchanan314\/CVE-2017-13672", + "description": "POCs for CVE-2017-13672 (OOB read in VGA Cirrus QEMU driver, causing DoS)", + "fork": false, + "created_at": "2017-12-22T20:08:33Z", + "updated_at": "2018-01-29T04:34:02Z", + "pushed_at": "2017-12-22T22:52:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 4, + "forks": 4, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13868.json b/2017/CVE-2017-13868.json new file mode 100644 index 0000000000..9ad1131ed5 --- /dev/null +++ b/2017/CVE-2017-13868.json @@ -0,0 +1,25 @@ +[ + { + "id": 106086726, + "name": "ctl_ctloutput-leak", + "full_name": "bazad\/ctl_ctloutput-leak", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/ctl_ctloutput-leak", + "description": "CVE-2017-13868: Information leak of uninitialized kernel heap data in XNU.", + "fork": false, + "created_at": "2017-10-07T09:42:05Z", + "updated_at": "2019-11-05T03:14:33Z", + "pushed_at": "2017-12-07T01:04:52Z", + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 5, + "forks": 5, + "watchers": 26, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13872.json b/2017/CVE-2017-13872.json new file mode 100644 index 0000000000..5bc679fe87 --- /dev/null +++ b/2017/CVE-2017-13872.json @@ -0,0 +1,25 @@ +[ + { + "id": 112584924, + "name": "CVE-2017-13872-Patch", + "full_name": "giovannidispoto\/CVE-2017-13872-Patch", + "owner": { + "login": "giovannidispoto", + "id": 7195434, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/7195434?v=4", + "html_url": "https:\/\/github.com\/giovannidispoto" + }, + "html_url": "https:\/\/github.com\/giovannidispoto\/CVE-2017-13872-Patch", + "description": null, + "fork": false, + "created_at": "2017-11-30T08:22:00Z", + "updated_at": "2017-11-30T08:23:41Z", + "pushed_at": "2017-11-30T15:26:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14105.json b/2017/CVE-2017-14105.json new file mode 100644 index 0000000000..0e2361cc15 --- /dev/null +++ b/2017/CVE-2017-14105.json @@ -0,0 +1,25 @@ +[ + { + "id": 102123441, + "name": "CVE-2017-14105", + "full_name": "theguly\/CVE-2017-14105", + "owner": { + "login": "theguly", + "id": 1745802, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1745802?v=4", + "html_url": "https:\/\/github.com\/theguly" + }, + "html_url": "https:\/\/github.com\/theguly\/CVE-2017-14105", + "description": null, + "fork": false, + "created_at": "2017-09-01T14:51:31Z", + "updated_at": "2019-01-08T00:25:52Z", + "pushed_at": "2017-09-14T13:14:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14262.json b/2017/CVE-2017-14262.json new file mode 100644 index 0000000000..1677fda4ee --- /dev/null +++ b/2017/CVE-2017-14262.json @@ -0,0 +1,25 @@ +[ + { + "id": 102810621, + "name": "CVE-2017-14262", + "full_name": "zzz66686\/CVE-2017-14262", + "owner": { + "login": "zzz66686", + "id": 14144972, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/14144972?v=4", + "html_url": "https:\/\/github.com\/zzz66686" + }, + "html_url": "https:\/\/github.com\/zzz66686\/CVE-2017-14262", + "description": null, + "fork": false, + "created_at": "2017-09-08T02:59:21Z", + "updated_at": "2020-12-02T19:55:31Z", + "pushed_at": "2017-09-13T14:39:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 4, + "forks": 4, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14263.json b/2017/CVE-2017-14263.json new file mode 100644 index 0000000000..ae4e441fe2 --- /dev/null +++ b/2017/CVE-2017-14263.json @@ -0,0 +1,25 @@ +[ + { + "id": 102832029, + "name": "CVE-2017-14263", + "full_name": "zzz66686\/CVE-2017-14263", + "owner": { + "login": "zzz66686", + "id": 14144972, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/14144972?v=4", + "html_url": "https:\/\/github.com\/zzz66686" + }, + "html_url": "https:\/\/github.com\/zzz66686\/CVE-2017-14263", + "description": null, + "fork": false, + "created_at": "2017-09-08T07:27:13Z", + "updated_at": "2020-05-18T10:42:14Z", + "pushed_at": "2017-09-13T14:40:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 6, + "forks": 6, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14491.json b/2017/CVE-2017-14491.json new file mode 100644 index 0000000000..ce57f37911 --- /dev/null +++ b/2017/CVE-2017-14491.json @@ -0,0 +1,25 @@ +[ + { + "id": 108858920, + "name": "dnsmasq-2.4.1-fix-CVE-2017-14491", + "full_name": "skyformat99\/dnsmasq-2.4.1-fix-CVE-2017-14491", + "owner": { + "login": "skyformat99", + "id": 10938976, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10938976?v=4", + "html_url": "https:\/\/github.com\/skyformat99" + }, + "html_url": "https:\/\/github.com\/skyformat99\/dnsmasq-2.4.1-fix-CVE-2017-14491", + "description": null, + "fork": false, + "created_at": "2017-10-30T14:02:52Z", + "updated_at": "2020-07-25T01:12:06Z", + "pushed_at": "2017-10-30T01:43:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15361.json b/2017/CVE-2017-15361.json index a9f88dd495..4c84d2730c 100644 --- a/2017/CVE-2017-15361.json +++ b/2017/CVE-2017-15361.json @@ -1,4 +1,73 @@ [ + { + "id": 107277248, + "name": "Infineon-CVE-2017-15361", + "full_name": "lva\/Infineon-CVE-2017-15361", + "owner": { + "login": "lva", + "id": 1962037, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1962037?v=4", + "html_url": "https:\/\/github.com\/lva" + }, + "html_url": "https:\/\/github.com\/lva\/Infineon-CVE-2017-15361", + "description": "Simple PowerShell script to check whether a computer is using an Infineon TPM chip that is vulnerable to CVE-2017-15361.", + "fork": false, + "created_at": "2017-10-17T14:07:45Z", + "updated_at": "2017-10-23T02:23:23Z", + "pushed_at": "2017-10-19T11:24:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 107299810, + "name": "rocacheck", + "full_name": "titanous\/rocacheck", + "owner": { + "login": "titanous", + "id": 13026, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/13026?v=4", + "html_url": "https:\/\/github.com\/titanous" + }, + "html_url": "https:\/\/github.com\/titanous\/rocacheck", + "description": "Go package that checks if RSA keys are vulnerable to ROCA \/ CVE-2017-15361", + "fork": false, + "created_at": "2017-10-17T17:08:22Z", + "updated_at": "2020-10-13T11:26:22Z", + "pushed_at": "2017-10-23T19:39:21Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 5, + "forks": 5, + "watchers": 10, + "score": 0 + }, + { + "id": 107551756, + "name": "RocaCmTest", + "full_name": "jnpuskar\/RocaCmTest", + "owner": { + "login": "jnpuskar", + "id": 8107471, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8107471?v=4", + "html_url": "https:\/\/github.com\/jnpuskar" + }, + "html_url": "https:\/\/github.com\/jnpuskar\/RocaCmTest", + "description": "Windows tool that analyzes your computer for Infineon TPM weak RSA keys (CVE-2017-15361) ", + "fork": false, + "created_at": "2017-10-19T13:42:52Z", + "updated_at": "2017-10-19T17:24:19Z", + "pushed_at": "2017-10-20T12:09:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 107592667, "name": "Detect-CVE-2017-15361-TPM", @@ -45,6 +114,29 @@ "watchers": 3, "score": 0 }, + { + "id": 108287639, + "name": "roca", + "full_name": "0xxon\/roca", + "owner": { + "login": "0xxon", + "id": 1538460, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1538460?v=4", + "html_url": "https:\/\/github.com\/0xxon" + }, + "html_url": "https:\/\/github.com\/0xxon\/roca", + "description": "Reimplementation of CVE-2017-15361 checker in C", + "fork": false, + "created_at": "2017-10-25T15:16:11Z", + "updated_at": "2017-10-25T15:16:43Z", + "pushed_at": "2017-10-25T15:16:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 309390412, "name": "Attacco-ROCA-sulla-vulnerabilita-CVE-2017-15361", diff --git a/2017/CVE-2017-15394.json b/2017/CVE-2017-15394.json new file mode 100644 index 0000000000..a42810eee9 --- /dev/null +++ b/2017/CVE-2017-15394.json @@ -0,0 +1,25 @@ +[ + { + "id": 112094225, + "name": "CVE-2017-15394", + "full_name": "sudosammy\/CVE-2017-15394", + "owner": { + "login": "sudosammy", + "id": 18524051, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18524051?v=4", + "html_url": "https:\/\/github.com\/sudosammy" + }, + "html_url": "https:\/\/github.com\/sudosammy\/CVE-2017-15394", + "description": null, + "fork": false, + "created_at": "2017-11-26T15:32:04Z", + "updated_at": "2017-11-26T15:32:04Z", + "pushed_at": "2017-11-26T15:32:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15708.json b/2017/CVE-2017-15708.json new file mode 100644 index 0000000000..691b9de53f --- /dev/null +++ b/2017/CVE-2017-15708.json @@ -0,0 +1,25 @@ +[ + { + "id": 114627582, + "name": "CVE-2017-15708", + "full_name": "HuSoul\/CVE-2017-15708", + "owner": { + "login": "HuSoul", + "id": 17831277, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/17831277?v=4", + "html_url": "https:\/\/github.com\/HuSoul" + }, + "html_url": "https:\/\/github.com\/HuSoul\/CVE-2017-15708", + "description": "Apache synapse 反序列化 CVE–2017–15708", + "fork": false, + "created_at": "2017-12-18T10:27:58Z", + "updated_at": "2020-09-24T10:42:20Z", + "pushed_at": "2017-12-18T07:16:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15944.json b/2017/CVE-2017-15944.json index 226f164d5e..5a5e7345d4 100644 --- a/2017/CVE-2017-15944.json +++ b/2017/CVE-2017-15944.json @@ -1,4 +1,27 @@ [ + { + "id": 114719978, + "name": "CVE-2017-15944-POC", + "full_name": "xxnbyy\/CVE-2017-15944-POC", + "owner": { + "login": "xxnbyy", + "id": 20261647, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/20261647?v=4", + "html_url": "https:\/\/github.com\/xxnbyy" + }, + "html_url": "https:\/\/github.com\/xxnbyy\/CVE-2017-15944-POC", + "description": "CVE-2017-15944 Palo Alto Networks firewalls remote root code execution POC", + "fork": false, + "created_at": "2017-12-19T04:43:24Z", + "updated_at": "2019-08-27T03:14:33Z", + "pushed_at": "2017-12-15T02:57:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 5, + "forks": 5, + "watchers": 0, + "score": 0 + }, { "id": 134778333, "name": "PaloAltoRceDetectionAndExploit", diff --git a/2017/CVE-2017-1635.json b/2017/CVE-2017-1635.json new file mode 100644 index 0000000000..9c57fbdc05 --- /dev/null +++ b/2017/CVE-2017-1635.json @@ -0,0 +1,25 @@ +[ + { + "id": 120433534, + "name": "tivoli-poc", + "full_name": "emcalv\/tivoli-poc", + "owner": { + "login": "emcalv", + "id": 36189787, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/36189787?v=4", + "html_url": "https:\/\/github.com\/emcalv" + }, + "html_url": "https:\/\/github.com\/emcalv\/tivoli-poc", + "description": "CVE-2017-1635 PoC code", + "fork": false, + "created_at": "2018-02-06T09:43:28Z", + "updated_at": "2019-05-15T02:02:47Z", + "pushed_at": "2018-02-06T12:14:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16524.json b/2017/CVE-2017-16524.json new file mode 100644 index 0000000000..4ed073b4bf --- /dev/null +++ b/2017/CVE-2017-16524.json @@ -0,0 +1,25 @@ +[ + { + "id": 109582148, + "name": "CVE-2017-16524", + "full_name": "realistic-security\/CVE-2017-16524", + "owner": { + "login": "realistic-security", + "id": 33375077, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/33375077?v=4", + "html_url": "https:\/\/github.com\/realistic-security" + }, + "html_url": "https:\/\/github.com\/realistic-security\/CVE-2017-16524", + "description": "Unrestricted file upload vulnerability - Web Viewer 1.0.0.193 on Samsung SRN-1670D", + "fork": false, + "created_at": "2017-11-05T13:32:43Z", + "updated_at": "2019-11-18T19:42:37Z", + "pushed_at": "2017-11-05T23:17:44Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16806.json b/2017/CVE-2017-16806.json new file mode 100644 index 0000000000..6264dfea8c --- /dev/null +++ b/2017/CVE-2017-16806.json @@ -0,0 +1,25 @@ +[ + { + "id": 110611562, + "name": "ulteriusExploit", + "full_name": "rickoooooo\/ulteriusExploit", + "owner": { + "login": "rickoooooo", + "id": 33641230, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/33641230?v=4", + "html_url": "https:\/\/github.com\/rickoooooo" + }, + "html_url": "https:\/\/github.com\/rickoooooo\/ulteriusExploit", + "description": "Python exploit for CVE-2017-16806", + "fork": false, + "created_at": "2017-11-13T22:48:46Z", + "updated_at": "2017-11-13T22:52:09Z", + "pushed_at": "2017-11-13T23:04:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16997.json b/2017/CVE-2017-16997.json new file mode 100644 index 0000000000..0096c8b3d9 --- /dev/null +++ b/2017/CVE-2017-16997.json @@ -0,0 +1,25 @@ +[ + { + "id": 116118639, + "name": "CVE-2017-16997-poc", + "full_name": "Xiami2012\/CVE-2017-16997-poc", + "owner": { + "login": "Xiami2012", + "id": 1927254, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1927254?v=4", + "html_url": "https:\/\/github.com\/Xiami2012" + }, + "html_url": "https:\/\/github.com\/Xiami2012\/CVE-2017-16997-poc", + "description": "A proof-of-concept for CVE-2017-16997", + "fork": false, + "created_at": "2018-01-03T09:31:55Z", + "updated_at": "2018-01-03T09:33:01Z", + "pushed_at": "2018-01-03T10:39:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17215.json b/2017/CVE-2017-17215.json index bcc69e5d07..c25911bb3e 100644 --- a/2017/CVE-2017-17215.json +++ b/2017/CVE-2017-17215.json @@ -1,4 +1,27 @@ [ + { + "id": 115311315, + "name": "CVE-2017-17215", + "full_name": "1337g\/CVE-2017-17215", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-17215", + "description": "CVE-2017-17215 HuaWei Router RCE (NOT TESTED)", + "fork": false, + "created_at": "2017-12-25T06:11:24Z", + "updated_at": "2020-06-23T07:42:36Z", + "pushed_at": "2018-01-04T02:31:57Z", + "stargazers_count": 24, + "watchers_count": 24, + "forks_count": 17, + "forks": 17, + "watchers": 24, + "score": 0 + }, { "id": 313596733, "name": "HG532d-RCE-Exploit", diff --git a/2017/CVE-2017-17485.json b/2017/CVE-2017-17485.json index 56bc6b1d75..7c83a93387 100644 --- a/2017/CVE-2017-17485.json +++ b/2017/CVE-2017-17485.json @@ -1,4 +1,27 @@ [ + { + "id": 123458951, + "name": "Jackson-CVE-2017-17485", + "full_name": "maxbitcoin\/Jackson-CVE-2017-17485", + "owner": { + "login": "maxbitcoin", + "id": 5998127, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5998127?v=4", + "html_url": "https:\/\/github.com\/maxbitcoin" + }, + "html_url": "https:\/\/github.com\/maxbitcoin\/Jackson-CVE-2017-17485", + "description": "Jackson 反序列化", + "fork": false, + "created_at": "2018-03-01T16:09:20Z", + "updated_at": "2020-11-28T11:13:43Z", + "pushed_at": "2018-01-24T03:03:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 158195318, "name": "CVE-2017-17485", diff --git a/2017/CVE-2017-17562.json b/2017/CVE-2017-17562.json index 348c277181..28d5b5b414 100644 --- a/2017/CVE-2017-17562.json +++ b/2017/CVE-2017-17562.json @@ -1,4 +1,27 @@ [ + { + "id": 115486127, + "name": "CVE-2017-17562", + "full_name": "1337g\/CVE-2017-17562", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-17562", + "description": "CVE-2017-17562 GOAHEAD RCE (Author: Daniel Hodson)", + "fork": false, + "created_at": "2017-12-27T05:46:50Z", + "updated_at": "2018-11-30T02:36:05Z", + "pushed_at": "2017-12-27T05:51:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, { "id": 215594323, "name": "CVE-2017-17562", diff --git a/2017/CVE-2017-17692.json b/2017/CVE-2017-17692.json new file mode 100644 index 0000000000..acf96aace3 --- /dev/null +++ b/2017/CVE-2017-17692.json @@ -0,0 +1,25 @@ +[ + { + "id": 116019676, + "name": "CVE-2017-17692", + "full_name": "lr3800\/CVE-2017-17692", + "owner": { + "login": "lr3800", + "id": 22863274, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22863274?v=4", + "html_url": "https:\/\/github.com\/lr3800" + }, + "html_url": "https:\/\/github.com\/lr3800\/CVE-2017-17692", + "description": null, + "fork": false, + "created_at": "2018-01-02T13:47:36Z", + "updated_at": "2018-10-30T16:01:07Z", + "pushed_at": "2018-01-02T13:58:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-18486.json b/2017/CVE-2017-18486.json new file mode 100644 index 0000000000..ffe3fea7ed --- /dev/null +++ b/2017/CVE-2017-18486.json @@ -0,0 +1,25 @@ +[ + { + "id": 104919233, + "name": "JitBit_Helpdesk_Auth_Bypass", + "full_name": "Kc57\/JitBit_Helpdesk_Auth_Bypass", + "owner": { + "login": "Kc57", + "id": 16500627, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/16500627?v=4", + "html_url": "https:\/\/github.com\/Kc57" + }, + "html_url": "https:\/\/github.com\/Kc57\/JitBit_Helpdesk_Auth_Bypass", + "description": "Utility to derive the shared secret on a JitBit Helpdesk install which can be used for authentication bypass (CVE-2017-18486)", + "fork": false, + "created_at": "2017-09-26T17:51:01Z", + "updated_at": "2019-08-09T18:35:26Z", + "pushed_at": "2017-09-26T17:56:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2368.json b/2017/CVE-2017-2368.json new file mode 100644 index 0000000000..c926bbdf8e --- /dev/null +++ b/2017/CVE-2017-2368.json @@ -0,0 +1,25 @@ +[ + { + "id": 100696664, + "name": "CVE-2017-2368", + "full_name": "vincedes3\/CVE-2017-2368", + "owner": { + "login": "vincedes3", + "id": 26314689, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/26314689?v=4", + "html_url": "https:\/\/github.com\/vincedes3" + }, + "html_url": "https:\/\/github.com\/vincedes3\/CVE-2017-2368", + "description": "CVE-2017-2368 VCF Message App Crash Bug", + "fork": false, + "created_at": "2017-08-18T09:33:57Z", + "updated_at": "2017-08-18T09:33:57Z", + "pushed_at": "2017-08-18T09:36:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2370.json b/2017/CVE-2017-2370.json index 2792fc01bd..62ba0b77cb 100644 --- a/2017/CVE-2017-2370.json +++ b/2017/CVE-2017-2370.json @@ -1,4 +1,73 @@ [ + { + "id": 80148945, + "name": "extra_recipe", + "full_name": "maximehip\/extra_recipe", + "owner": { + "login": "maximehip", + "id": 6273425, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6273425?v=4", + "html_url": "https:\/\/github.com\/maximehip" + }, + "html_url": "https:\/\/github.com\/maximehip\/extra_recipe", + "description": "Ian Beer's exploit for CVE-2017-2370 (kernel memory r\/w on iOS 10.2) https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=1004", + "fork": false, + "created_at": "2017-01-26T19:47:43Z", + "updated_at": "2017-01-26T19:48:19Z", + "pushed_at": "2017-01-26T19:48:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 80717942, + "name": "extra_recipe", + "full_name": "JackBro\/extra_recipe", + "owner": { + "login": "JackBro", + "id": 21210712, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/21210712?v=4", + "html_url": "https:\/\/github.com\/JackBro" + }, + "html_url": "https:\/\/github.com\/JackBro\/extra_recipe", + "description": "Ian Beer's exploit for CVE-2017-2370 (kernel memory r\/w on iOS 10.2)", + "fork": false, + "created_at": "2017-02-02T11:16:38Z", + "updated_at": "2017-10-14T08:34:32Z", + "pushed_at": "2017-01-27T17:44:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 81874110, + "name": "extra_recipe-iOS-10.2", + "full_name": "Rootkitsmm\/extra_recipe-iOS-10.2", + "owner": { + "login": "Rootkitsmm", + "id": 5567904, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/5567904?v=4", + "html_url": "https:\/\/github.com\/Rootkitsmm" + }, + "html_url": "https:\/\/github.com\/Rootkitsmm\/extra_recipe-iOS-10.2", + "description": "CVE-2017-2370", + "fork": false, + "created_at": "2017-02-13T21:32:40Z", + "updated_at": "2019-01-03T05:45:15Z", + "pushed_at": "2017-02-01T11:36:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 4, + "forks": 4, + "watchers": 1, + "score": 0 + }, { "id": 142854846, "name": "CVE-2017-2370", diff --git a/2017/CVE-2017-2388.json b/2017/CVE-2017-2388.json new file mode 100644 index 0000000000..71e8fee1de --- /dev/null +++ b/2017/CVE-2017-2388.json @@ -0,0 +1,25 @@ +[ + { + "id": 99374230, + "name": "IOFireWireFamily-null-deref", + "full_name": "bazad\/IOFireWireFamily-null-deref", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/IOFireWireFamily-null-deref", + "description": "CVE-2017-2388: Null-pointer dereference in IOFireWireFamily.", + "fork": false, + "created_at": "2017-08-04T19:35:20Z", + "updated_at": "2018-09-24T18:54:13Z", + "pushed_at": "2017-08-16T20:16:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2636.json b/2017/CVE-2017-2636.json new file mode 100644 index 0000000000..7e6d3e1bd5 --- /dev/null +++ b/2017/CVE-2017-2636.json @@ -0,0 +1,25 @@ +[ + { + "id": 84497885, + "name": "cve-2017-2636-el", + "full_name": "alexzorin\/cve-2017-2636-el", + "owner": { + "login": "alexzorin", + "id": 311534, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/311534?v=4", + "html_url": "https:\/\/github.com\/alexzorin" + }, + "html_url": "https:\/\/github.com\/alexzorin\/cve-2017-2636-el", + "description": "Ansible role for workaround for CVE-2017-2636 (Red Hat) - https:\/\/access.redhat.com\/security\/cve\/CVE-2017-2636", + "fork": false, + "created_at": "2017-03-09T23:20:42Z", + "updated_at": "2017-03-18T16:23:19Z", + "pushed_at": "2017-03-09T23:21:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2671.json b/2017/CVE-2017-2671.json new file mode 100644 index 0000000000..2a9a0d5781 --- /dev/null +++ b/2017/CVE-2017-2671.json @@ -0,0 +1,25 @@ +[ + { + "id": 93707325, + "name": "CVE-2017-2671", + "full_name": "homjxi0e\/CVE-2017-2671", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-2671", + "description": null, + "fork": false, + "created_at": "2017-06-08T04:28:31Z", + "updated_at": "2017-06-08T04:46:23Z", + "pushed_at": "2017-06-08T04:46:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2793.json b/2017/CVE-2017-2793.json new file mode 100644 index 0000000000..90ee5b2e38 --- /dev/null +++ b/2017/CVE-2017-2793.json @@ -0,0 +1,25 @@ +[ + { + "id": 95873037, + "name": "Detection-for-CVE-2017-2793", + "full_name": "sUbc0ol\/Detection-for-CVE-2017-2793", + "owner": { + "login": "sUbc0ol", + "id": 24601456, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/24601456?v=4", + "html_url": "https:\/\/github.com\/sUbc0ol" + }, + "html_url": "https:\/\/github.com\/sUbc0ol\/Detection-for-CVE-2017-2793", + "description": null, + "fork": false, + "created_at": "2017-06-30T09:32:42Z", + "updated_at": "2020-03-26T07:50:50Z", + "pushed_at": "2017-06-30T09:35:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3078.json b/2017/CVE-2017-3078.json new file mode 100644 index 0000000000..c0d7f512c8 --- /dev/null +++ b/2017/CVE-2017-3078.json @@ -0,0 +1,25 @@ +[ + { + "id": 95431299, + "name": "CVE-2017-3078", + "full_name": "homjxi0e\/CVE-2017-3078", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-3078", + "description": null, + "fork": false, + "created_at": "2017-06-26T09:34:59Z", + "updated_at": "2017-06-26T09:34:59Z", + "pushed_at": "2017-06-26T09:49:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3241.json b/2017/CVE-2017-3241.json new file mode 100644 index 0000000000..525d494dbe --- /dev/null +++ b/2017/CVE-2017-3241.json @@ -0,0 +1,25 @@ +[ + { + "id": 96219146, + "name": "CVE-2017-3241-POC", + "full_name": "xfei3\/CVE-2017-3241-POC", + "owner": { + "login": "xfei3", + "id": 29874084, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/29874084?v=4", + "html_url": "https:\/\/github.com\/xfei3" + }, + "html_url": "https:\/\/github.com\/xfei3\/CVE-2017-3241-POC", + "description": "POC for java RMI deserialization vulnerability", + "fork": false, + "created_at": "2017-07-04T13:05:46Z", + "updated_at": "2020-03-29T07:05:46Z", + "pushed_at": "2017-07-19T23:55:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3599.json b/2017/CVE-2017-3599.json new file mode 100644 index 0000000000..cbb1878864 --- /dev/null +++ b/2017/CVE-2017-3599.json @@ -0,0 +1,25 @@ +[ + { + "id": 88650555, + "name": "CVE-2017-3599", + "full_name": "SECFORCE\/CVE-2017-3599", + "owner": { + "login": "SECFORCE", + "id": 8157384, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8157384?v=4", + "html_url": "https:\/\/github.com\/SECFORCE" + }, + "html_url": "https:\/\/github.com\/SECFORCE\/CVE-2017-3599", + "description": "Proof of concept exploit for CVE-2017-3599", + "fork": false, + "created_at": "2017-04-18T17:08:39Z", + "updated_at": "2020-08-03T19:51:16Z", + "pushed_at": "2017-04-18T17:10:18Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 18, + "forks": 18, + "watchers": 17, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3730.json b/2017/CVE-2017-3730.json new file mode 100644 index 0000000000..d160053a9d --- /dev/null +++ b/2017/CVE-2017-3730.json @@ -0,0 +1,48 @@ +[ + { + "id": 79682713, + "name": "CVE-2017-3730", + "full_name": "guidovranken\/CVE-2017-3730", + "owner": { + "login": "guidovranken", + "id": 6846644, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6846644?v=4", + "html_url": "https:\/\/github.com\/guidovranken" + }, + "html_url": "https:\/\/github.com\/guidovranken\/CVE-2017-3730", + "description": "OpenSSL CVE-2017-3730 proof-of-concept", + "fork": false, + "created_at": "2017-01-22T00:40:34Z", + "updated_at": "2018-12-04T20:01:55Z", + "pushed_at": "2017-01-26T01:30:54Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 5, + "forks": 5, + "watchers": 11, + "score": 0 + }, + { + "id": 97466064, + "name": "OpenSSL-CVE-2017-3730", + "full_name": "ymmah\/OpenSSL-CVE-2017-3730", + "owner": { + "login": "ymmah", + "id": 22575313, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22575313?v=4", + "html_url": "https:\/\/github.com\/ymmah" + }, + "html_url": "https:\/\/github.com\/ymmah\/OpenSSL-CVE-2017-3730", + "description": "挑戰 (U+8101): OpenSSL CVE-2017-3730 proof-of-concept", + "fork": false, + "created_at": "2017-07-17T10:51:09Z", + "updated_at": "2017-07-17T11:09:15Z", + "pushed_at": "2017-07-17T10:51:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3881.json b/2017/CVE-2017-3881.json new file mode 100644 index 0000000000..c992361928 --- /dev/null +++ b/2017/CVE-2017-3881.json @@ -0,0 +1,117 @@ +[ + { + "id": 87763747, + "name": "cisco-rce", + "full_name": "artkond\/cisco-rce", + "owner": { + "login": "artkond", + "id": 4436674, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4436674?v=4", + "html_url": "https:\/\/github.com\/artkond" + }, + "html_url": "https:\/\/github.com\/artkond\/cisco-rce", + "description": "CVE-2017-3881 Cisco Catalyst Remote Code Execution PoC", + "fork": false, + "created_at": "2017-04-10T03:44:04Z", + "updated_at": "2020-12-10T07:44:34Z", + "pushed_at": "2017-04-12T09:17:27Z", + "stargazers_count": 172, + "watchers_count": 172, + "forks_count": 81, + "forks": 81, + "watchers": 172, + "score": 0 + }, + { + "id": 88804675, + "name": "CVE-2017-3881-exploit-cisco-", + "full_name": "homjxi0e\/CVE-2017-3881-exploit-cisco-", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-3881-exploit-cisco-", + "description": null, + "fork": false, + "created_at": "2017-04-20T00:52:10Z", + "updated_at": "2020-04-07T06:31:35Z", + "pushed_at": "2017-04-20T00:52:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 4, + "forks": 4, + "watchers": 2, + "score": 0 + }, + { + "id": 90087111, + "name": "CVE-2017-3881-Cisco", + "full_name": "homjxi0e\/CVE-2017-3881-Cisco", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-3881-Cisco", + "description": null, + "fork": false, + "created_at": "2017-05-02T23:21:53Z", + "updated_at": "2017-05-02T23:28:05Z", + "pushed_at": "2017-05-02T23:28:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 90975256, + "name": "PoC-CVE-2017-3881", + "full_name": "zakybstrd21215\/PoC-CVE-2017-3881", + "owner": { + "login": "zakybstrd21215", + "id": 22362343, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22362343?v=4", + "html_url": "https:\/\/github.com\/zakybstrd21215" + }, + "html_url": "https:\/\/github.com\/zakybstrd21215\/PoC-CVE-2017-3881", + "description": "Cisco Catalyst Remote Code Execution PoC", + "fork": false, + "created_at": "2017-05-11T12:11:51Z", + "updated_at": "2017-05-11T12:16:43Z", + "pushed_at": "2017-05-11T13:52:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 115962692, + "name": "CVE-2017-3881", + "full_name": "1337g\/CVE-2017-3881", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-3881", + "description": "credit to artkond", + "fork": false, + "created_at": "2018-01-02T01:45:15Z", + "updated_at": "2018-01-10T18:55:16Z", + "pushed_at": "2018-01-02T01:46:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-4490.json b/2017/CVE-2017-4490.json new file mode 100644 index 0000000000..d6a6a82653 --- /dev/null +++ b/2017/CVE-2017-4490.json @@ -0,0 +1,48 @@ +[ + { + "id": 89991237, + "name": "CVE-2017-4490-", + "full_name": "homjxi0e\/CVE-2017-4490-", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-4490-", + "description": null, + "fork": false, + "created_at": "2017-05-02T04:21:46Z", + "updated_at": "2017-08-23T09:25:02Z", + "pushed_at": "2017-07-10T23:37:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 96573883, + "name": "CVE-2017-4490-install-Script-Python-in-Terminal-", + "full_name": "homjxi0e\/CVE-2017-4490-install-Script-Python-in-Terminal-", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-4490-install-Script-Python-in-Terminal-", + "description": null, + "fork": false, + "created_at": "2017-07-07T20:21:51Z", + "updated_at": "2017-08-23T09:24:55Z", + "pushed_at": "2017-07-11T15:36:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-4878.json b/2017/CVE-2017-4878.json new file mode 100644 index 0000000000..21b7492c0f --- /dev/null +++ b/2017/CVE-2017-4878.json @@ -0,0 +1,25 @@ +[ + { + "id": 120257153, + "name": "CVE-2017-4878-Samples", + "full_name": "brianwrf\/CVE-2017-4878-Samples", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf" + }, + "html_url": "https:\/\/github.com\/brianwrf\/CVE-2017-4878-Samples", + "description": "CVE-2017-4878 Samples - http:\/\/blog.talosintelligence.com\/2018\/02\/group-123-goes-wild.html", + "fork": false, + "created_at": "2018-02-05T05:01:40Z", + "updated_at": "2020-07-17T00:46:48Z", + "pushed_at": "2018-02-05T05:17:41Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 9, + "forks": 9, + "watchers": 18, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5005.json b/2017/CVE-2017-5005.json new file mode 100644 index 0000000000..cb2c0a3e09 --- /dev/null +++ b/2017/CVE-2017-5005.json @@ -0,0 +1,25 @@ +[ + { + "id": 77828551, + "name": "QuickHeal", + "full_name": "payatu\/QuickHeal", + "owner": { + "login": "payatu", + "id": 16715624, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16715624?v=4", + "html_url": "https:\/\/github.com\/payatu" + }, + "html_url": "https:\/\/github.com\/payatu\/QuickHeal", + "description": "CVE-2017-5005 for Quick Heal Antivirus", + "fork": false, + "created_at": "2017-01-02T11:21:00Z", + "updated_at": "2020-03-27T02:45:54Z", + "pushed_at": "2017-03-31T14:49:28Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 8, + "forks": 8, + "watchers": 16, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5123.json b/2017/CVE-2017-5123.json index 3d8bb0b656..82ebd97857 100644 --- a/2017/CVE-2017-5123.json +++ b/2017/CVE-2017-5123.json @@ -1,4 +1,50 @@ [ + { + "id": 108940978, + "name": "CVE-2017-5123", + "full_name": "FloatingGuy\/CVE-2017-5123", + "owner": { + "login": "FloatingGuy", + "id": 6472909, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/6472909?v=4", + "html_url": "https:\/\/github.com\/FloatingGuy" + }, + "html_url": "https:\/\/github.com\/FloatingGuy\/CVE-2017-5123", + "description": "linux kernel exploit ", + "fork": false, + "created_at": "2017-10-31T03:35:31Z", + "updated_at": "2017-12-31T09:13:28Z", + "pushed_at": "2017-10-31T03:39:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 4, + "forks": 4, + "watchers": 1, + "score": 0 + }, + { + "id": 109344615, + "name": "CVE-2017-5123", + "full_name": "0x5068656e6f6c\/CVE-2017-5123", + "owner": { + "login": "0x5068656e6f6c", + "id": 22329435, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22329435?v=4", + "html_url": "https:\/\/github.com\/0x5068656e6f6c" + }, + "html_url": "https:\/\/github.com\/0x5068656e6f6c\/CVE-2017-5123", + "description": "Exploit for the linux kernel vulnerability CVE-2017-5123", + "fork": false, + "created_at": "2017-11-03T02:52:26Z", + "updated_at": "2018-10-20T20:12:24Z", + "pushed_at": "2017-11-03T02:58:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 5, + "forks": 5, + "watchers": 5, + "score": 0 + }, { "id": 123423508, "name": "exploiting-cve-2017-5123", diff --git a/2017/CVE-2017-5124.json b/2017/CVE-2017-5124.json new file mode 100644 index 0000000000..bbc4202805 --- /dev/null +++ b/2017/CVE-2017-5124.json @@ -0,0 +1,25 @@ +[ + { + "id": 110604918, + "name": "CVE-2017-5124", + "full_name": "Bo0oM\/CVE-2017-5124", + "owner": { + "login": "Bo0oM", + "id": 3492361, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3492361?v=4", + "html_url": "https:\/\/github.com\/Bo0oM" + }, + "html_url": "https:\/\/github.com\/Bo0oM\/CVE-2017-5124", + "description": "Chrome < 62 uxss exploit (CVE-2017-5124)", + "fork": false, + "created_at": "2017-11-13T21:33:55Z", + "updated_at": "2020-12-18T03:59:38Z", + "pushed_at": "2017-11-14T10:26:28Z", + "stargazers_count": 157, + "watchers_count": 157, + "forks_count": 36, + "forks": 36, + "watchers": 157, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5415.json b/2017/CVE-2017-5415.json new file mode 100644 index 0000000000..3de681def6 --- /dev/null +++ b/2017/CVE-2017-5415.json @@ -0,0 +1,25 @@ +[ + { + "id": 88234209, + "name": "CVE-2017-5415", + "full_name": "649\/CVE-2017-5415", + "owner": { + "login": "649", + "id": 23534047, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/23534047?v=4", + "html_url": "https:\/\/github.com\/649" + }, + "html_url": "https:\/\/github.com\/649\/CVE-2017-5415", + "description": "Addressbar spoofing through blob URL (Firefox browser). An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by blob: as the protocol, leading to user confusion and further spoofing attacks.", + "fork": false, + "created_at": "2017-04-14T04:55:41Z", + "updated_at": "2020-07-12T20:54:15Z", + "pushed_at": "2017-04-14T04:55:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 7, + "forks": 7, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5487.json b/2017/CVE-2017-5487.json index 272249f93d..2656dd735e 100644 --- a/2017/CVE-2017-5487.json +++ b/2017/CVE-2017-5487.json @@ -1,4 +1,27 @@ [ + { + "id": 107852472, + "name": "wpUsersScan", + "full_name": "teambugsbunny\/wpUsersScan", + "owner": { + "login": "teambugsbunny", + "id": 32997799, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/32997799?v=4", + "html_url": "https:\/\/github.com\/teambugsbunny" + }, + "html_url": "https:\/\/github.com\/teambugsbunny\/wpUsersScan", + "description": "Wordpress Username Enumeration \/CVE-2017-5487,WordPress < 4.7.1 - ", + "fork": false, + "created_at": "2017-10-22T09:22:28Z", + "updated_at": "2020-04-06T12:23:41Z", + "pushed_at": "2017-06-11T16:47:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 4, + "forks": 4, + "watchers": 1, + "score": 0 + }, { "id": 121831599, "name": "wpUsersScan", diff --git a/2017/CVE-2017-5633.json b/2017/CVE-2017-5633.json new file mode 100644 index 0000000000..4a6aec60c0 --- /dev/null +++ b/2017/CVE-2017-5633.json @@ -0,0 +1,25 @@ +[ + { + "id": 88568725, + "name": "Exploit-CVE-2017-5633", + "full_name": "cardangi\/Exploit-CVE-2017-5633", + "owner": { + "login": "cardangi", + "id": 22066466, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22066466?v=4", + "html_url": "https:\/\/github.com\/cardangi" + }, + "html_url": "https:\/\/github.com\/cardangi\/Exploit-CVE-2017-5633", + "description": "Exploit developed by me for CVE-2017-5633.", + "fork": false, + "created_at": "2017-04-18T01:44:33Z", + "updated_at": "2020-04-07T06:34:50Z", + "pushed_at": "2017-04-18T02:54:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5638.json b/2017/CVE-2017-5638.json index bfbf9f751f..10f2f4feac 100644 --- a/2017/CVE-2017-5638.json +++ b/2017/CVE-2017-5638.json @@ -1,4 +1,303 @@ [ + { + "id": 84158718, + "name": "S2-045", + "full_name": "PolarisLab\/S2-045", + "owner": { + "login": "PolarisLab", + "id": 25890110, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25890110?v=4", + "html_url": "https:\/\/github.com\/PolarisLab" + }, + "html_url": "https:\/\/github.com\/PolarisLab\/S2-045", + "description": "Struts2 S2-045(CVE-2017-5638)Vulnerability environment - http:\/\/www.mottoin.com\/97954.html", + "fork": false, + "created_at": "2017-03-07T05:30:30Z", + "updated_at": "2020-09-22T06:33:06Z", + "pushed_at": "2017-03-07T05:37:55Z", + "stargazers_count": 23, + "watchers_count": 23, + "forks_count": 12, + "forks": 12, + "watchers": 23, + "score": 0 + }, + { + "id": 84186490, + "name": "Struts2-045-Exp", + "full_name": "Flyteas\/Struts2-045-Exp", + "owner": { + "login": "Flyteas", + "id": 15673913, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/15673913?v=4", + "html_url": "https:\/\/github.com\/Flyteas" + }, + "html_url": "https:\/\/github.com\/Flyteas\/Struts2-045-Exp", + "description": "Struts2 S2-045(CVE-2017-5638)Exp with GUI", + "fork": false, + "created_at": "2017-03-07T10:30:20Z", + "updated_at": "2020-09-11T23:13:21Z", + "pushed_at": "2017-03-13T06:30:41Z", + "stargazers_count": 60, + "watchers_count": 60, + "forks_count": 29, + "forks": 29, + "watchers": 60, + "score": 0 + }, + { + "id": 84277596, + "name": "cve-2017-5638", + "full_name": "bongbongco\/cve-2017-5638", + "owner": { + "login": "bongbongco", + "id": 3170006, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3170006?v=4", + "html_url": "https:\/\/github.com\/bongbongco" + }, + "html_url": "https:\/\/github.com\/bongbongco\/cve-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-03-08T04:17:33Z", + "updated_at": "2017-03-08T04:31:28Z", + "pushed_at": "2017-03-08T04:31:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 84481525, + "name": "S2-045-EXP-POC-TOOLS", + "full_name": "jas502n\/S2-045-EXP-POC-TOOLS", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/S2-045-EXP-POC-TOOLS", + "description": "S2-045 漏洞 POC-TOOLS CVE-2017-5638", + "fork": false, + "created_at": "2017-03-09T19:40:47Z", + "updated_at": "2020-10-24T13:59:45Z", + "pushed_at": "2017-03-09T19:50:50Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 21, + "forks": 21, + "watchers": 21, + "score": 0 + }, + { + "id": 84518902, + "name": "strutszeiro", + "full_name": "mthbernardes\/strutszeiro", + "owner": { + "login": "mthbernardes", + "id": 12648924, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/12648924?v=4", + "html_url": "https:\/\/github.com\/mthbernardes" + }, + "html_url": "https:\/\/github.com\/mthbernardes\/strutszeiro", + "description": "Telegram Bot to manage botnets created with struts vulnerability(CVE-2017-5638)", + "fork": false, + "created_at": "2017-03-10T04:23:41Z", + "updated_at": "2020-05-11T01:31:47Z", + "pushed_at": "2020-12-15T17:20:02Z", + "stargazers_count": 38, + "watchers_count": 38, + "forks_count": 27, + "forks": 27, + "watchers": 38, + "score": 0 + }, + { + "id": 84581800, + "name": "cve-2017-5638", + "full_name": "xsscx\/cve-2017-5638", + "owner": { + "login": "xsscx", + "id": 10790582, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/10790582?v=4", + "html_url": "https:\/\/github.com\/xsscx" + }, + "html_url": "https:\/\/github.com\/xsscx\/cve-2017-5638", + "description": "Example PoC Code for CVE-2017-5638 | Apache Struts Exploit ", + "fork": false, + "created_at": "2017-03-10T16:56:14Z", + "updated_at": "2020-12-25T10:03:50Z", + "pushed_at": "2017-03-12T15:43:27Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 21, + "forks": 21, + "watchers": 13, + "score": 0 + }, + { + "id": 84602394, + "name": "apache-struts2-CVE-2017-5638", + "full_name": "immunio\/apache-struts2-CVE-2017-5638", + "owner": { + "login": "immunio", + "id": 6700387, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/6700387?v=4", + "html_url": "https:\/\/github.com\/immunio" + }, + "html_url": "https:\/\/github.com\/immunio\/apache-struts2-CVE-2017-5638", + "description": "Demo Application and Exploit", + "fork": false, + "created_at": "2017-03-10T21:33:25Z", + "updated_at": "2020-11-24T15:40:19Z", + "pushed_at": "2017-03-13T15:03:32Z", + "stargazers_count": 36, + "watchers_count": 36, + "forks_count": 36, + "forks": 36, + "watchers": 36, + "score": 0 + }, + { + "id": 84620334, + "name": "OgnlContentTypeRejectorValve", + "full_name": "Masahiro-Yamada\/OgnlContentTypeRejectorValve", + "owner": { + "login": "Masahiro-Yamada", + "id": 479387, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/479387?v=4", + "html_url": "https:\/\/github.com\/Masahiro-Yamada" + }, + "html_url": "https:\/\/github.com\/Masahiro-Yamada\/OgnlContentTypeRejectorValve", + "description": "This is Valve for Tomcat7 to block Struts 2 Remote Code Execution vulnerability (CVE-2017-5638)", + "fork": false, + "created_at": "2017-03-11T03:18:12Z", + "updated_at": "2017-04-11T00:06:36Z", + "pushed_at": "2017-03-13T14:49:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 84639178, + "name": "CVE-2017-5638-Apache-Struts2", + "full_name": "aljazceru\/CVE-2017-5638-Apache-Struts2", + "owner": { + "login": "aljazceru", + "id": 4439523, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4439523?v=4", + "html_url": "https:\/\/github.com\/aljazceru" + }, + "html_url": "https:\/\/github.com\/aljazceru\/CVE-2017-5638-Apache-Struts2", + "description": "Tweaking original PoC (https:\/\/github.com\/rapid7\/metasploit-framework\/issues\/8064) to work on self-signed certificates ", + "fork": false, + "created_at": "2017-03-11T09:39:09Z", + "updated_at": "2019-07-15T22:02:37Z", + "pushed_at": "2017-03-11T09:41:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 84640546, + "name": "test_struts2_vulnerability_CVE-2017-5638", + "full_name": "sjitech\/test_struts2_vulnerability_CVE-2017-5638", + "owner": { + "login": "sjitech", + "id": 5180638, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5180638?v=4", + "html_url": "https:\/\/github.com\/sjitech" + }, + "html_url": "https:\/\/github.com\/sjitech\/test_struts2_vulnerability_CVE-2017-5638", + "description": "test struts2 vulnerability CVE-2017-5638 in Mac OS X", + "fork": false, + "created_at": "2017-03-11T10:03:54Z", + "updated_at": "2017-03-13T11:14:00Z", + "pushed_at": "2017-03-13T07:38:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 84642680, + "name": "CVE-2017-5638", + "full_name": "jrrombaldo\/CVE-2017-5638", + "owner": { + "login": "jrrombaldo", + "id": 121948, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/121948?v=4", + "html_url": "https:\/\/github.com\/jrrombaldo" + }, + "html_url": "https:\/\/github.com\/jrrombaldo\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-03-11T10:43:16Z", + "updated_at": "2017-03-11T13:07:57Z", + "pushed_at": "2017-03-24T19:12:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 84644857, + "name": "CVE-2017-5638", + "full_name": "random-robbie\/CVE-2017-5638", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie" + }, + "html_url": "https:\/\/github.com\/random-robbie\/CVE-2017-5638", + "description": "CVE: 2017-5638 in different formats", + "fork": false, + "created_at": "2017-03-11T11:22:44Z", + "updated_at": "2017-03-11T11:28:58Z", + "pushed_at": "2017-03-16T11:26:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 84655941, + "name": "CVE-2017-5638_struts", + "full_name": "initconf\/CVE-2017-5638_struts", + "owner": { + "login": "initconf", + "id": 4044729, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4044729?v=4", + "html_url": "https:\/\/github.com\/initconf" + }, + "html_url": "https:\/\/github.com\/initconf\/CVE-2017-5638_struts", + "description": "detection for Apache Struts recon and compromise ", + "fork": false, + "created_at": "2017-03-11T14:30:02Z", + "updated_at": "2020-04-13T02:20:20Z", + "pushed_at": "2017-09-15T22:34:00Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 1, + "forks": 1, + "watchers": 8, + "score": 0 + }, { "id": 84693026, "name": "struts-pwn", @@ -22,6 +321,167 @@ "watchers": 380, "score": 0 }, + { + "id": 84705148, + "name": "Struts-Apache-ExploitPack", + "full_name": "ret2jazzy\/Struts-Apache-ExploitPack", + "owner": { + "login": "ret2jazzy", + "id": 20831187, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/20831187?v=4", + "html_url": "https:\/\/github.com\/ret2jazzy" + }, + "html_url": "https:\/\/github.com\/ret2jazzy\/Struts-Apache-ExploitPack", + "description": "These are just some script which you can use to detect and exploit the Apache Struts Vulnerability (CVE-2017-5638)", + "fork": false, + "created_at": "2017-03-12T06:28:51Z", + "updated_at": "2020-12-09T00:15:03Z", + "pushed_at": "2017-03-12T07:26:03Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 13, + "forks": 13, + "watchers": 15, + "score": 0 + }, + { + "id": 84725982, + "name": "ExpStruts", + "full_name": "lolwaleet\/ExpStruts", + "owner": { + "login": "lolwaleet", + "id": 20018319, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20018319?v=4", + "html_url": "https:\/\/github.com\/lolwaleet" + }, + "html_url": "https:\/\/github.com\/lolwaleet\/ExpStruts", + "description": "A php based exploiter for CVE-2017-5638.", + "fork": false, + "created_at": "2017-03-12T13:03:52Z", + "updated_at": "2020-03-15T16:58:21Z", + "pushed_at": "2017-03-12T13:04:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 84819853, + "name": "CVE-2017-5638-Apache-Struts2", + "full_name": "oktavianto\/CVE-2017-5638-Apache-Struts2", + "owner": { + "login": "oktavianto", + "id": 8210275, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8210275?v=4", + "html_url": "https:\/\/github.com\/oktavianto" + }, + "html_url": "https:\/\/github.com\/oktavianto\/CVE-2017-5638-Apache-Struts2", + "description": "Example PHP Exploiter for CVE-2017-5638", + "fork": false, + "created_at": "2017-03-13T11:39:55Z", + "updated_at": "2020-04-07T06:38:46Z", + "pushed_at": "2017-03-20T19:40:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 4, + "forks": 4, + "watchers": 2, + "score": 0 + }, + { + "id": 85010282, + "name": "cve-2017-5638", + "full_name": "jrrdev\/cve-2017-5638", + "owner": { + "login": "jrrdev", + "id": 17674081, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17674081?v=4", + "html_url": "https:\/\/github.com\/jrrdev" + }, + "html_url": "https:\/\/github.com\/jrrdev\/cve-2017-5638", + "description": "cve-2017-5638 Vulnerable site sample", + "fork": false, + "created_at": "2017-03-15T00:19:33Z", + "updated_at": "2020-05-19T19:36:03Z", + "pushed_at": "2017-04-04T19:57:38Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 9, + "forks": 9, + "watchers": 11, + "score": 0 + }, + { + "id": 85145901, + "name": "Strutshock", + "full_name": "opt9\/Strutshock", + "owner": { + "login": "opt9", + "id": 192655, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/192655?v=4", + "html_url": "https:\/\/github.com\/opt9" + }, + "html_url": "https:\/\/github.com\/opt9\/Strutshock", + "description": "Struts2 RCE CVE-2017-5638 non-intrusive check shell script", + "fork": false, + "created_at": "2017-03-16T02:59:22Z", + "updated_at": "2017-05-04T20:58:47Z", + "pushed_at": "2017-03-16T04:02:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 85341283, + "name": "StrutsShell", + "full_name": "falcon-lnhg\/StrutsShell", + "owner": { + "login": "falcon-lnhg", + "id": 5199658, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5199658?v=4", + "html_url": "https:\/\/github.com\/falcon-lnhg" + }, + "html_url": "https:\/\/github.com\/falcon-lnhg\/StrutsShell", + "description": "Apache Struts (CVE-2017-5638) Shell", + "fork": false, + "created_at": "2017-03-17T18:05:55Z", + "updated_at": "2017-08-31T21:27:12Z", + "pushed_at": "2017-04-04T16:11:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 85390529, + "name": "CVE-2017-5638", + "full_name": "bhagdave\/CVE-2017-5638", + "owner": { + "login": "bhagdave", + "id": 3230037, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3230037?v=4", + "html_url": "https:\/\/github.com\/bhagdave" + }, + "html_url": "https:\/\/github.com\/bhagdave\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-03-18T09:39:59Z", + "updated_at": "2017-03-19T01:25:24Z", + "pushed_at": "2017-03-21T21:53:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 85664016, "name": "st2-046-poc", @@ -45,6 +505,98 @@ "watchers": 21, "score": 0 }, + { + "id": 85733752, + "name": "S2-046_S2-045_POC", + "full_name": "KarzsGHR\/S2-046_S2-045_POC", + "owner": { + "login": "KarzsGHR", + "id": 12841587, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12841587?v=4", + "html_url": "https:\/\/github.com\/KarzsGHR" + }, + "html_url": "https:\/\/github.com\/KarzsGHR\/S2-046_S2-045_POC", + "description": "S2-046|S2-045: Struts 2 Remote Code Execution vulnerability(CVE-2017-5638)", + "fork": false, + "created_at": "2017-03-21T17:36:40Z", + "updated_at": "2019-11-20T02:42:35Z", + "pushed_at": "2017-04-26T09:12:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 85926594, + "name": "S2-Reaper", + "full_name": "gsfish\/S2-Reaper", + "owner": { + "login": "gsfish", + "id": 15968154, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/15968154?v=4", + "html_url": "https:\/\/github.com\/gsfish" + }, + "html_url": "https:\/\/github.com\/gsfish\/S2-Reaper", + "description": "CVE-2017-5638", + "fork": false, + "created_at": "2017-03-23T08:44:10Z", + "updated_at": "2017-03-30T09:51:23Z", + "pushed_at": "2017-03-30T10:06:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 86200933, + "name": "cve-2017-5638", + "full_name": "mcassano\/cve-2017-5638", + "owner": { + "login": "mcassano", + "id": 2073030, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2073030?v=4", + "html_url": "https:\/\/github.com\/mcassano" + }, + "html_url": "https:\/\/github.com\/mcassano\/cve-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-03-26T01:58:52Z", + "updated_at": "2017-03-26T02:00:58Z", + "pushed_at": "2017-04-01T04:20:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 86415022, + "name": "Strutscli", + "full_name": "opt9\/Strutscli", + "owner": { + "login": "opt9", + "id": 192655, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/192655?v=4", + "html_url": "https:\/\/github.com\/opt9" + }, + "html_url": "https:\/\/github.com\/opt9\/Strutscli", + "description": "Struts2 RCE CVE-2017-5638 CLI shell", + "fork": false, + "created_at": "2017-03-28T04:31:44Z", + "updated_at": "2017-04-14T08:03:48Z", + "pushed_at": "2017-03-28T04:36:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, { "id": 87695524, "name": "strutsy", @@ -68,6 +620,328 @@ "watchers": 11, "score": 0 }, + { + "id": 90377429, + "name": "CVE-2017-5638", + "full_name": "payatu\/CVE-2017-5638", + "owner": { + "login": "payatu", + "id": 16715624, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16715624?v=4", + "html_url": "https:\/\/github.com\/payatu" + }, + "html_url": "https:\/\/github.com\/payatu\/CVE-2017-5638", + "description": "Apache Struts 2.0 RCE vulnerability - Allows an attacker to inject OS commands into a web application through the content-type header ", + "fork": false, + "created_at": "2017-05-05T13:17:37Z", + "updated_at": "2020-03-27T02:45:32Z", + "pushed_at": "2017-05-05T13:55:53Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 4, + "forks": 4, + "watchers": 7, + "score": 0 + }, + { + "id": 92562840, + "name": "Struts2-045-Exp", + "full_name": "Aasron\/Struts2-045-Exp", + "owner": { + "login": "Aasron", + "id": 17878407, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/17878407?v=4", + "html_url": "https:\/\/github.com\/Aasron" + }, + "html_url": "https:\/\/github.com\/Aasron\/Struts2-045-Exp", + "description": "CVE-2017-5638", + "fork": false, + "created_at": "2017-05-27T02:03:28Z", + "updated_at": "2017-05-27T02:33:31Z", + "pushed_at": "2017-06-01T09:53:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 92638419, + "name": "Stutsfi", + "full_name": "SpiderMate\/Stutsfi", + "owner": { + "login": "SpiderMate", + "id": 26036081, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26036081?v=4", + "html_url": "https:\/\/github.com\/SpiderMate" + }, + "html_url": "https:\/\/github.com\/SpiderMate\/Stutsfi", + "description": "An exploit for CVE-2017-5638 Remote Code Execution (RCE) Vulnerability in Apache Struts 2", + "fork": false, + "created_at": "2017-05-28T03:48:10Z", + "updated_at": "2020-08-10T00:48:43Z", + "pushed_at": "2018-01-13T04:19:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 92644725, + "name": "Struts2Shell", + "full_name": "jpacora\/Struts2Shell", + "owner": { + "login": "jpacora", + "id": 2137673, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2137673?v=4", + "html_url": "https:\/\/github.com\/jpacora" + }, + "html_url": "https:\/\/github.com\/jpacora\/Struts2Shell", + "description": "An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.", + "fork": false, + "created_at": "2017-05-28T06:44:13Z", + "updated_at": "2017-05-28T06:44:27Z", + "pushed_at": "2017-06-03T06:33:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 93442387, + "name": "CVE-2017-5638", + "full_name": "AndreasKl\/CVE-2017-5638", + "owner": { + "login": "AndreasKl", + "id": 1105899, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1105899?v=4", + "html_url": "https:\/\/github.com\/AndreasKl" + }, + "html_url": "https:\/\/github.com\/AndreasKl\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-06-05T20:11:06Z", + "updated_at": "2020-10-14T14:40:32Z", + "pushed_at": "2017-06-05T21:43:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 93710291, + "name": "struts-rce-cve-2017-5638", + "full_name": "riyazwalikar\/struts-rce-cve-2017-5638", + "owner": { + "login": "riyazwalikar", + "id": 1900486, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1900486?v=4", + "html_url": "https:\/\/github.com\/riyazwalikar" + }, + "html_url": "https:\/\/github.com\/riyazwalikar\/struts-rce-cve-2017-5638", + "description": "Struts-RCE CVE-2017-5638", + "fork": false, + "created_at": "2017-06-08T05:22:31Z", + "updated_at": "2017-06-08T08:18:51Z", + "pushed_at": "2017-06-08T05:25:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 93794473, + "name": "CVE-2017-5638", + "full_name": "homjxi0e\/CVE-2017-5638", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-06-08T21:47:11Z", + "updated_at": "2017-06-08T21:47:11Z", + "pushed_at": "2017-06-08T21:48:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 94180453, + "name": "CVE-2017-5638", + "full_name": "eeehit\/CVE-2017-5638", + "owner": { + "login": "eeehit", + "id": 22052276, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22052276?v=4", + "html_url": "https:\/\/github.com\/eeehit" + }, + "html_url": "https:\/\/github.com\/eeehit\/CVE-2017-5638", + "description": "CVE-2017-5638 Test environment", + "fork": false, + "created_at": "2017-06-13T06:59:15Z", + "updated_at": "2017-06-13T07:07:06Z", + "pushed_at": "2017-06-13T07:00:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 95873695, + "name": "Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "full_name": "sUbc0ol\/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "owner": { + "login": "sUbc0ol", + "id": 24601456, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/24601456?v=4", + "html_url": "https:\/\/github.com\/sUbc0ol" + }, + "html_url": "https:\/\/github.com\/sUbc0ol\/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "description": null, + "fork": false, + "created_at": "2017-06-30T09:40:31Z", + "updated_at": "2020-03-26T07:50:37Z", + "pushed_at": "2017-06-30T09:41:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 95874930, + "name": "Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638", + "full_name": "sUbc0ol\/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638", + "owner": { + "login": "sUbc0ol", + "id": 24601456, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/24601456?v=4", + "html_url": "https:\/\/github.com\/sUbc0ol" + }, + "html_url": "https:\/\/github.com\/sUbc0ol\/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-06-30T09:55:41Z", + "updated_at": "2020-03-26T07:49:41Z", + "pushed_at": "2017-06-30T09:57:01Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 8, + "forks": 8, + "watchers": 14, + "score": 0 + }, + { + "id": 98150795, + "name": "Apache-Struts-2-CVE-2017-5638-Exploit-", + "full_name": "R4v3nBl4ck\/Apache-Struts-2-CVE-2017-5638-Exploit-", + "owner": { + "login": "R4v3nBl4ck", + "id": 30399308, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/30399308?v=4", + "html_url": "https:\/\/github.com\/R4v3nBl4ck" + }, + "html_url": "https:\/\/github.com\/R4v3nBl4ck\/Apache-Struts-2-CVE-2017-5638-Exploit-", + "description": "Exploit created by: R4v3nBl4ck end Pacman", + "fork": false, + "created_at": "2017-07-24T05:05:28Z", + "updated_at": "2020-07-12T14:06:08Z", + "pushed_at": "2017-07-24T23:55:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 6, + "forks": 6, + "watchers": 4, + "score": 0 + }, + { + "id": 100141854, + "name": "CVE-2017-5638", + "full_name": "Xhendos\/CVE-2017-5638", + "owner": { + "login": "Xhendos", + "id": 16403693, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16403693?v=4", + "html_url": "https:\/\/github.com\/Xhendos" + }, + "html_url": "https:\/\/github.com\/Xhendos\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-08-12T23:00:14Z", + "updated_at": "2017-08-12T23:04:13Z", + "pushed_at": "2017-08-26T17:32:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 101267457, + "name": "Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "full_name": "TamiiLambrado\/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "owner": { + "login": "TamiiLambrado", + "id": 23249848, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23249848?v=4", + "html_url": "https:\/\/github.com\/TamiiLambrado" + }, + "html_url": "https:\/\/github.com\/TamiiLambrado\/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "description": null, + "fork": false, + "created_at": "2017-08-24T07:36:14Z", + "updated_at": "2017-08-24T07:36:14Z", + "pushed_at": "2017-08-24T07:36:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 104686879, + "name": "strutser", + "full_name": "invisiblethreat\/strutser", + "owner": { + "login": "invisiblethreat", + "id": 2525006, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/2525006?v=4", + "html_url": "https:\/\/github.com\/invisiblethreat" + }, + "html_url": "https:\/\/github.com\/invisiblethreat\/strutser", + "description": "Check for Struts Vulnerability CVE-2017-5638", + "fork": false, + "created_at": "2017-09-25T00:40:57Z", + "updated_at": "2019-06-11T14:15:40Z", + "pushed_at": "2017-09-28T21:10:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 3, + "forks": 3, + "watchers": 0, + "score": 0 + }, { "id": 105124155, "name": "CVE-2017-5638", @@ -91,6 +965,52 @@ "watchers": 0, "score": 0 }, + { + "id": 107489354, + "name": "Apache-Struts", + "full_name": "c002\/Apache-Struts", + "owner": { + "login": "c002", + "id": 26592580, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/26592580?v=4", + "html_url": "https:\/\/github.com\/c002" + }, + "html_url": "https:\/\/github.com\/c002\/Apache-Struts", + "description": " An exploit for Apache Struts CVE-2017-5638", + "fork": false, + "created_at": "2017-10-19T02:40:45Z", + "updated_at": "2020-05-17T04:32:06Z", + "pushed_at": "2017-05-28T14:03:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 108805305, + "name": "Common-Vulnerability-and-Exploit", + "full_name": "donaldashdown\/Common-Vulnerability-and-Exploit", + "owner": { + "login": "donaldashdown", + "id": 24925373, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/24925373?v=4", + "html_url": "https:\/\/github.com\/donaldashdown" + }, + "html_url": "https:\/\/github.com\/donaldashdown\/Common-Vulnerability-and-Exploit", + "description": "This is the Apache Struts CVE-2017-5638 struts 2 vulnerability. The same CVE that resulted in the equifax database breach.", + "fork": false, + "created_at": "2017-10-30T05:21:53Z", + "updated_at": "2017-10-30T05:21:53Z", + "pushed_at": "2017-11-11T23:32:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 117999664, "name": "cybersecurity-struts2", @@ -114,6 +1034,52 @@ "watchers": 1, "score": 0 }, + { + "id": 119230111, + "name": "apache-struts-v2-CVE-2017-5638", + "full_name": "cafnet\/apache-struts-v2-CVE-2017-5638", + "owner": { + "login": "cafnet", + "id": 12993208, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/12993208?v=4", + "html_url": "https:\/\/github.com\/cafnet" + }, + "html_url": "https:\/\/github.com\/cafnet\/apache-struts-v2-CVE-2017-5638", + "description": "Working POC for CVE 2017-5638", + "fork": false, + "created_at": "2018-01-28T05:17:04Z", + "updated_at": "2018-01-28T05:55:11Z", + "pushed_at": "2018-01-28T05:55:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 121659152, + "name": "CVE-2017-5638", + "full_name": "0x00-0x00\/CVE-2017-5638", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2017-5638", + "description": "Struts02 s2-045 exploit program", + "fork": false, + "created_at": "2018-02-15T17:31:07Z", + "updated_at": "2020-12-22T19:32:04Z", + "pushed_at": "2018-02-15T17:36:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, { "id": 123348547, "name": "struts2_cve-2017-5638", diff --git a/2017/CVE-2017-5689.json b/2017/CVE-2017-5689.json index b9031450fa..fc56e02fd9 100644 --- a/2017/CVE-2017-5689.json +++ b/2017/CVE-2017-5689.json @@ -1,4 +1,27 @@ [ + { + "id": 90210170, + "name": "CVE-2017-5689", + "full_name": "CerberusSecurity\/CVE-2017-5689", + "owner": { + "login": "CerberusSecurity", + "id": 21088337, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/21088337?v=4", + "html_url": "https:\/\/github.com\/CerberusSecurity" + }, + "html_url": "https:\/\/github.com\/CerberusSecurity\/CVE-2017-5689", + "description": null, + "fork": false, + "created_at": "2017-05-04T01:51:26Z", + "updated_at": "2020-01-01T00:38:18Z", + "pushed_at": "2017-05-04T03:06:32Z", + "stargazers_count": 39, + "watchers_count": 39, + "forks_count": 10, + "forks": 10, + "watchers": 39, + "score": 0 + }, { "id": 90472957, "name": "amthoneypot", @@ -21,5 +44,51 @@ "forks": 5, "watchers": 13, "score": 0 + }, + { + "id": 90724328, + "name": "intel_amt_bypass", + "full_name": "Bijaye\/intel_amt_bypass", + "owner": { + "login": "Bijaye", + "id": 4318412, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4318412?v=4", + "html_url": "https:\/\/github.com\/Bijaye" + }, + "html_url": "https:\/\/github.com\/Bijaye\/intel_amt_bypass", + "description": "simple python poc for CVE-2017-5689", + "fork": false, + "created_at": "2017-05-09T08:55:39Z", + "updated_at": "2020-07-05T02:24:05Z", + "pushed_at": "2017-05-09T00:42:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 7, + "forks": 7, + "watchers": 3, + "score": 0 + }, + { + "id": 98579784, + "name": "amt_auth_bypass_poc", + "full_name": "embedi\/amt_auth_bypass_poc", + "owner": { + "login": "embedi", + "id": 24190344, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/24190344?v=4", + "html_url": "https:\/\/github.com\/embedi" + }, + "html_url": "https:\/\/github.com\/embedi\/amt_auth_bypass_poc", + "description": "CVE-2017-5689 Proof-of-Concept exploit", + "fork": false, + "created_at": "2017-07-27T21:06:08Z", + "updated_at": "2020-05-17T13:44:14Z", + "pushed_at": "2017-07-27T21:08:49Z", + "stargazers_count": 50, + "watchers_count": 50, + "forks_count": 16, + "forks": 16, + "watchers": 50, + "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-5715.json b/2017/CVE-2017-5715.json index bc0b117bcc..b77eefc6fd 100644 --- a/2017/CVE-2017-5715.json +++ b/2017/CVE-2017-5715.json @@ -1,4 +1,27 @@ [ + { + "id": 116768537, + "name": "exploit-cve-2017-5715", + "full_name": "opsxcq\/exploit-cve-2017-5715", + "owner": { + "login": "opsxcq", + "id": 16995025, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16995025?v=4", + "html_url": "https:\/\/github.com\/opsxcq" + }, + "html_url": "https:\/\/github.com\/opsxcq\/exploit-cve-2017-5715", + "description": "Spectre exploit", + "fork": false, + "created_at": "2018-01-09T05:06:12Z", + "updated_at": "2020-12-29T20:01:04Z", + "pushed_at": "2018-01-09T22:27:25Z", + "stargazers_count": 50, + "watchers_count": 50, + "forks_count": 18, + "forks": 18, + "watchers": 50, + "score": 0 + }, { "id": 117425769, "name": "meltdown-spectre-bios-list", @@ -44,5 +67,28 @@ "forks": 1, "watchers": 0, "score": 0 + }, + { + "id": 117944815, + "name": "retpoline-audit", + "full_name": "dmo2118\/retpoline-audit", + "owner": { + "login": "dmo2118", + "id": 11342823, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/11342823?v=4", + "html_url": "https:\/\/github.com\/dmo2118" + }, + "html_url": "https:\/\/github.com\/dmo2118\/retpoline-audit", + "description": "A quick-and-dirty tool to verify that userspace executables are immune to Spectre variant 2 (CVE-2017-5715).", + "fork": false, + "created_at": "2018-01-18T06:55:53Z", + "updated_at": "2018-01-20T08:00:58Z", + "pushed_at": "2018-02-01T07:40:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-5721.json b/2017/CVE-2017-5721.json new file mode 100644 index 0000000000..fb20fb02bf --- /dev/null +++ b/2017/CVE-2017-5721.json @@ -0,0 +1,25 @@ +[ + { + "id": 107970036, + "name": "smm_usbrt_poc", + "full_name": "embedi\/smm_usbrt_poc", + "owner": { + "login": "embedi", + "id": 24190344, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/24190344?v=4", + "html_url": "https:\/\/github.com\/embedi" + }, + "html_url": "https:\/\/github.com\/embedi\/smm_usbrt_poc", + "description": "CVE-2017-5721 Proof-of-Concept", + "fork": false, + "created_at": "2017-10-23T11:00:18Z", + "updated_at": "2020-10-05T13:22:55Z", + "pushed_at": "2017-10-23T12:41:22Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 11, + "forks": 11, + "watchers": 14, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5753.json b/2017/CVE-2017-5753.json index 430bf2b31f..a8b14d1f29 100644 --- a/2017/CVE-2017-5753.json +++ b/2017/CVE-2017-5753.json @@ -1,4 +1,142 @@ [ + { + "id": 116195445, + "name": "spectre-attack", + "full_name": "Eugnis\/spectre-attack", + "owner": { + "login": "Eugnis", + "id": 2463830, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/2463830?v=4", + "html_url": "https:\/\/github.com\/Eugnis" + }, + "html_url": "https:\/\/github.com\/Eugnis\/spectre-attack", + "description": "Example of using revealed \"Spectre\" exploit (CVE-2017-5753 and CVE-2017-5715)", + "fork": false, + "created_at": "2018-01-04T00:28:50Z", + "updated_at": "2020-12-24T00:42:22Z", + "pushed_at": "2018-01-10T01:14:44Z", + "stargazers_count": 685, + "watchers_count": 685, + "forks_count": 184, + "forks": 184, + "watchers": 685, + "score": 0 + }, + { + "id": 116268310, + "name": "Spectre-PoC", + "full_name": "EdwardOwusuAdjei\/Spectre-PoC", + "owner": { + "login": "EdwardOwusuAdjei", + "id": 16462560, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16462560?v=4", + "html_url": "https:\/\/github.com\/EdwardOwusuAdjei" + }, + "html_url": "https:\/\/github.com\/EdwardOwusuAdjei\/Spectre-PoC", + "description": "Spectre (CVE-2017-5753) (CVE-2017-5715). Not By Me. Collected from Book.", + "fork": false, + "created_at": "2018-01-04T14:20:13Z", + "updated_at": "2020-03-29T03:06:24Z", + "pushed_at": "2018-01-04T14:27:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 + }, + { + "id": 116347505, + "name": "spectre-attack-example", + "full_name": "poilynx\/spectre-attack-example", + "owner": { + "login": "poilynx", + "id": 8926090, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8926090?v=4", + "html_url": "https:\/\/github.com\/poilynx" + }, + "html_url": "https:\/\/github.com\/poilynx\/spectre-attack-example", + "description": "2018年1月2日 (CVE-2017-5753 和 CVE-2017-5715) \"幽灵\" Spectre 漏洞利用例子", + "fork": false, + "created_at": "2018-01-05T05:51:34Z", + "updated_at": "2020-07-18T14:08:00Z", + "pushed_at": "2018-01-05T05:56:02Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 7, + "forks": 7, + "watchers": 11, + "score": 0 + }, + { + "id": 116402577, + "name": "cve-2017-5753", + "full_name": "xsscx\/cve-2017-5753", + "owner": { + "login": "xsscx", + "id": 10790582, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/10790582?v=4", + "html_url": "https:\/\/github.com\/xsscx" + }, + "html_url": "https:\/\/github.com\/xsscx\/cve-2017-5753", + "description": "OSX 10.13.2, CVE-2017-5753, Spectre, PoC, C, ASM for OSX, MAC, Intel Arch, Proof of Concept, Hopper.App Output", + "fork": false, + "created_at": "2018-01-05T16:05:05Z", + "updated_at": "2019-12-01T20:12:59Z", + "pushed_at": "2018-01-06T13:06:25Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 2, + "forks": 2, + "watchers": 12, + "score": 0 + }, + { + "id": 116442461, + "name": "spectre-attack-demo", + "full_name": "pedrolucasoliva\/spectre-attack-demo", + "owner": { + "login": "pedrolucasoliva", + "id": 10757421, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10757421?v=4", + "html_url": "https:\/\/github.com\/pedrolucasoliva" + }, + "html_url": "https:\/\/github.com\/pedrolucasoliva\/spectre-attack-demo", + "description": "Example of using revealed \"Spectre\" exploit (CVE-2017-5753 and CVE-2017-5715)", + "fork": false, + "created_at": "2018-01-06T01:08:15Z", + "updated_at": "2018-01-15T06:12:51Z", + "pushed_at": "2018-01-06T01:09:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 116505944, + "name": "spectreScope", + "full_name": "ixtal23\/spectreScope", + "owner": { + "login": "ixtal23", + "id": 11915559, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11915559?v=4", + "html_url": "https:\/\/github.com\/ixtal23" + }, + "html_url": "https:\/\/github.com\/ixtal23\/spectreScope", + "description": "The demo of the speculative execution attack Spectre (CVE-2017-5753, CVE-2017-5715).", + "fork": false, + "created_at": "2018-01-06T18:27:03Z", + "updated_at": "2020-08-31T06:58:31Z", + "pushed_at": "2018-01-21T22:48:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 1, + "forks": 1, + "watchers": 7, + "score": 0 + }, { "id": 263311084, "name": "Spectre-Vulnerability-CVE-2017-5753-", diff --git a/2017/CVE-2017-5754.json b/2017/CVE-2017-5754.json index fac374aba3..5cdc3739be 100644 --- a/2017/CVE-2017-5754.json +++ b/2017/CVE-2017-5754.json @@ -67,5 +67,74 @@ "forks": 43, "watchers": 86, "score": 0 + }, + { + "id": 116449314, + "name": "Am-I-affected-by-Meltdown", + "full_name": "speecyy\/Am-I-affected-by-Meltdown", + "owner": { + "login": "speecyy", + "id": 35145287, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/35145287?v=4", + "html_url": "https:\/\/github.com\/speecyy" + }, + "html_url": "https:\/\/github.com\/speecyy\/Am-I-affected-by-Meltdown", + "description": "Proof-of-concept \/ Exploit \/ checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a ", + "fork": false, + "created_at": "2018-01-06T03:16:33Z", + "updated_at": "2020-02-27T19:31:43Z", + "pushed_at": "2018-01-06T03:17:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 118008705, + "name": "Meltdown", + "full_name": "zzado\/Meltdown", + "owner": { + "login": "zzado", + "id": 17024462, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/17024462?v=4", + "html_url": "https:\/\/github.com\/zzado" + }, + "html_url": "https:\/\/github.com\/zzado\/Meltdown", + "description": "PoC for Meltdown in linux (CVE-2017-5754)", + "fork": false, + "created_at": "2018-01-18T16:32:50Z", + "updated_at": "2019-01-07T02:00:09Z", + "pushed_at": "2018-02-07T07:33:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 119104266, + "name": "meltdown-aws-scanner", + "full_name": "jdmulloy\/meltdown-aws-scanner", + "owner": { + "login": "jdmulloy", + "id": 3395292, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/3395292?v=4", + "html_url": "https:\/\/github.com\/jdmulloy" + }, + "html_url": "https:\/\/github.com\/jdmulloy\/meltdown-aws-scanner", + "description": "Naive shell script to verify Meltdown (CVE-2017-5754) patch status of EC2 instances", + "fork": false, + "created_at": "2018-01-26T21:18:13Z", + "updated_at": "2019-02-27T18:46:20Z", + "pushed_at": "2018-01-26T21:25:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-6370.json b/2017/CVE-2017-6370.json new file mode 100644 index 0000000000..0f21368824 --- /dev/null +++ b/2017/CVE-2017-6370.json @@ -0,0 +1,25 @@ +[ + { + "id": 85539985, + "name": "TYPO3-v7.6.15-Unencrypted-Login-Request", + "full_name": "faizzaidi\/TYPO3-v7.6.15-Unencrypted-Login-Request", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/TYPO3-v7.6.15-Unencrypted-Login-Request", + "description": "TYPO3 v7.6.15 Unencrypted Login Request Assigned CVE Number: CVE-2017-6370", + "fork": false, + "created_at": "2017-03-20T05:51:07Z", + "updated_at": "2020-07-17T05:22:53Z", + "pushed_at": "2017-03-20T05:51:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6736.json b/2017/CVE-2017-6736.json index 43e56ee5ef..6d16353895 100644 --- a/2017/CVE-2017-6736.json +++ b/2017/CVE-2017-6736.json @@ -1,4 +1,27 @@ [ + { + "id": 117869057, + "name": "CiscoSpectreTakeover", + "full_name": "GarnetSunset\/CiscoSpectreTakeover", + "owner": { + "login": "GarnetSunset", + "id": 13430434, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/13430434?v=4", + "html_url": "https:\/\/github.com\/GarnetSunset" + }, + "html_url": "https:\/\/github.com\/GarnetSunset\/CiscoSpectreTakeover", + "description": "A POC chain exploit using the recent Cisco SMP exploit (CVE-2017-6736) to chain into Spectre (CVE-2017-5753 and CVE-2017-5715)", + "fork": false, + "created_at": "2018-01-17T17:26:14Z", + "updated_at": "2019-01-03T02:21:40Z", + "pushed_at": "2018-01-23T19:54:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + }, { "id": 118516301, "name": "CiscoIOSSNMPToolkit", diff --git a/2017/CVE-2017-6971.json b/2017/CVE-2017-6971.json index cb167b413c..ff56645865 100644 --- a/2017/CVE-2017-6971.json +++ b/2017/CVE-2017-6971.json @@ -1,4 +1,27 @@ [ + { + "id": 87749039, + "name": "nfsen-exploit", + "full_name": "patrickfreed\/nfsen-exploit", + "owner": { + "login": "patrickfreed", + "id": 936020, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/936020?v=4", + "html_url": "https:\/\/github.com\/patrickfreed" + }, + "html_url": "https:\/\/github.com\/patrickfreed\/nfsen-exploit", + "description": "Exploit for CVE-2017-6971 remote command execution in nfsen 1.3.7.", + "fork": false, + "created_at": "2017-04-10T00:13:24Z", + "updated_at": "2020-04-07T06:36:25Z", + "pushed_at": "2017-04-10T16:06:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 8, + "forks": 8, + "watchers": 4, + "score": 0 + }, { "id": 183134145, "name": "nfsen_1.3.7_CVE-2017-6971", diff --git a/2017/CVE-2017-7038.json b/2017/CVE-2017-7038.json new file mode 100644 index 0000000000..bac2c982ff --- /dev/null +++ b/2017/CVE-2017-7038.json @@ -0,0 +1,25 @@ +[ + { + "id": 113333614, + "name": "CVE-2017-7038", + "full_name": "ansjdnakjdnajkd\/CVE-2017-7038", + "owner": { + "login": "ansjdnakjdnajkd", + "id": 1408055, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1408055?v=4", + "html_url": "https:\/\/github.com\/ansjdnakjdnajkd" + }, + "html_url": "https:\/\/github.com\/ansjdnakjdnajkd\/CVE-2017-7038", + "description": "Safari XSS (CVE-2017-7038) https:\/\/support.apple.com\/en-us\/HT207923", + "fork": false, + "created_at": "2017-12-06T15:31:08Z", + "updated_at": "2020-05-08T13:12:10Z", + "pushed_at": "2017-12-06T15:41:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7047.json b/2017/CVE-2017-7047.json new file mode 100644 index 0000000000..7c3be601fa --- /dev/null +++ b/2017/CVE-2017-7047.json @@ -0,0 +1,48 @@ +[ + { + "id": 99396176, + "name": "Triple_Fetch-Kernel-Creds", + "full_name": "JosephShenton\/Triple_Fetch-Kernel-Creds", + "owner": { + "login": "JosephShenton", + "id": 12966231, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/12966231?v=4", + "html_url": "https:\/\/github.com\/JosephShenton" + }, + "html_url": "https:\/\/github.com\/JosephShenton\/Triple_Fetch-Kernel-Creds", + "description": "Attempt to steal kernelcredentials from launchd + task_t pointer (Based on: CVE-2017-7047)", + "fork": false, + "created_at": "2017-08-05T03:23:13Z", + "updated_at": "2020-08-25T15:10:04Z", + "pushed_at": "2017-08-05T09:21:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 5, + "forks": 5, + "watchers": 4, + "score": 0 + }, + { + "id": 99915573, + "name": "Triple_fetch", + "full_name": "q1f3\/Triple_fetch", + "owner": { + "login": "q1f3", + "id": 9603950, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/9603950?v=4", + "html_url": "https:\/\/github.com\/q1f3" + }, + "html_url": "https:\/\/github.com\/q1f3\/Triple_fetch", + "description": "This is an exploit for CVE-2017-7047, Works on 10.3.2 and below.", + "fork": false, + "created_at": "2017-08-10T11:24:47Z", + "updated_at": "2020-04-07T05:58:43Z", + "pushed_at": "2017-08-03T23:47:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7061.json b/2017/CVE-2017-7061.json new file mode 100644 index 0000000000..bd8db0f348 --- /dev/null +++ b/2017/CVE-2017-7061.json @@ -0,0 +1,25 @@ +[ + { + "id": 118516190, + "name": "jailbreakme103", + "full_name": "TheLoneHaxor\/jailbreakme103", + "owner": { + "login": "TheLoneHaxor", + "id": 25874459, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25874459?v=4", + "html_url": "https:\/\/github.com\/TheLoneHaxor" + }, + "html_url": "https:\/\/github.com\/TheLoneHaxor\/jailbreakme103", + "description": "Javascript Web-Kit exploit. CVE-2017-7061. By Lokihardt from Google Project Zero", + "fork": false, + "created_at": "2018-01-22T21:14:30Z", + "updated_at": "2020-07-14T10:02:28Z", + "pushed_at": "2018-01-22T21:29:22Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7089.json b/2017/CVE-2017-7089.json new file mode 100644 index 0000000000..8b567d2fe3 --- /dev/null +++ b/2017/CVE-2017-7089.json @@ -0,0 +1,48 @@ +[ + { + "id": 105647741, + "name": "CVE-2017-7089", + "full_name": "Bo0oM\/CVE-2017-7089", + "owner": { + "login": "Bo0oM", + "id": 3492361, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3492361?v=4", + "html_url": "https:\/\/github.com\/Bo0oM" + }, + "html_url": "https:\/\/github.com\/Bo0oM\/CVE-2017-7089", + "description": "Webkit uxss exploit (CVE-2017-7089)", + "fork": false, + "created_at": "2017-10-03T12:13:43Z", + "updated_at": "2020-09-30T09:13:04Z", + "pushed_at": "2017-10-03T12:23:43Z", + "stargazers_count": 59, + "watchers_count": 59, + "forks_count": 18, + "forks": 18, + "watchers": 59, + "score": 0 + }, + { + "id": 106570313, + "name": "Safari_Mac", + "full_name": "aymankhalfatni\/Safari_Mac", + "owner": { + "login": "aymankhalfatni", + "id": 19715320, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/19715320?v=4", + "html_url": "https:\/\/github.com\/aymankhalfatni" + }, + "html_url": "https:\/\/github.com\/aymankhalfatni\/Safari_Mac", + "description": "Exploit Safari CVE-2017-7089", + "fork": false, + "created_at": "2017-10-11T15:09:45Z", + "updated_at": "2020-04-07T05:36:45Z", + "pushed_at": "2017-10-11T15:10:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7173.json b/2017/CVE-2017-7173.json new file mode 100644 index 0000000000..47bc23f041 --- /dev/null +++ b/2017/CVE-2017-7173.json @@ -0,0 +1,25 @@ +[ + { + "id": 104429992, + "name": "sysctl_coalition_get_pid_list-dos", + "full_name": "bazad\/sysctl_coalition_get_pid_list-dos", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad" + }, + "html_url": "https:\/\/github.com\/bazad\/sysctl_coalition_get_pid_list-dos", + "description": "CVE-2017-7173: Local denial of service for iOS requiring root privileges.", + "fork": false, + "created_at": "2017-09-22T04:04:05Z", + "updated_at": "2020-07-23T21:29:45Z", + "pushed_at": "2018-01-17T19:19:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7184.json b/2017/CVE-2017-7184.json new file mode 100644 index 0000000000..5f84807d60 --- /dev/null +++ b/2017/CVE-2017-7184.json @@ -0,0 +1,48 @@ +[ + { + "id": 118847628, + "name": "cve-2017-7184", + "full_name": "rockl\/cve-2017-7184", + "owner": { + "login": "rockl", + "id": 2081161, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2081161?v=4", + "html_url": "https:\/\/github.com\/rockl" + }, + "html_url": "https:\/\/github.com\/rockl\/cve-2017-7184", + "description": " the job is not yet finished", + "fork": false, + "created_at": "2018-01-25T01:55:47Z", + "updated_at": "2018-01-25T01:55:47Z", + "pushed_at": "2018-01-25T01:55:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 118849076, + "name": "cve-2017-7184-bak", + "full_name": "rockl\/cve-2017-7184-bak", + "owner": { + "login": "rockl", + "id": 2081161, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2081161?v=4", + "html_url": "https:\/\/github.com\/rockl" + }, + "html_url": "https:\/\/github.com\/rockl\/cve-2017-7184-bak", + "description": "not yet fin", + "fork": false, + "created_at": "2018-01-25T02:10:45Z", + "updated_at": "2018-01-25T02:10:45Z", + "pushed_at": "2018-01-25T02:10:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7188.json b/2017/CVE-2017-7188.json new file mode 100644 index 0000000000..603aa6250f --- /dev/null +++ b/2017/CVE-2017-7188.json @@ -0,0 +1,25 @@ +[ + { + "id": 87800336, + "name": "Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC", + "full_name": "faizzaidi\/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC", + "description": "Zurmo-Stable-3.1.1 Cross Site Scripting (XSS) Assigned CVE Number: CVE-2017-7188", + "fork": false, + "created_at": "2017-04-10T10:52:13Z", + "updated_at": "2020-07-17T05:22:49Z", + "pushed_at": "2017-04-10T10:52:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7269.json b/2017/CVE-2017-7269.json index d51c9fbd0d..229e04b9fa 100644 --- a/2017/CVE-2017-7269.json +++ b/2017/CVE-2017-7269.json @@ -1,4 +1,27 @@ [ + { + "id": 86543900, + "name": "webdav_exploit", + "full_name": "eliuha\/webdav_exploit", + "owner": { + "login": "eliuha", + "id": 2240516, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2240516?v=4", + "html_url": "https:\/\/github.com\/eliuha" + }, + "html_url": "https:\/\/github.com\/eliuha\/webdav_exploit", + "description": "An exploit for Microsoft IIS 6.0 CVE-2017-7269", + "fork": false, + "created_at": "2017-03-29T05:59:30Z", + "updated_at": "2020-07-12T14:05:27Z", + "pushed_at": "2017-03-29T07:26:41Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 16, + "forks": 16, + "watchers": 16, + "score": 0 + }, { "id": 86573461, "name": "CVE-2017-7269-Echo-PoC", @@ -22,6 +45,259 @@ "watchers": 84, "score": 0 }, + { + "id": 86581754, + "name": "CVE-2017-7269-exploit", + "full_name": "caicai1355\/CVE-2017-7269-exploit", + "owner": { + "login": "caicai1355", + "id": 24385053, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/24385053?v=4", + "html_url": "https:\/\/github.com\/caicai1355" + }, + "html_url": "https:\/\/github.com\/caicai1355\/CVE-2017-7269-exploit", + "description": "exec 8 bytes command", + "fork": false, + "created_at": "2017-03-29T12:52:54Z", + "updated_at": "2020-04-07T06:37:12Z", + "pushed_at": "2017-03-29T13:08:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 7, + "forks": 7, + "watchers": 2, + "score": 0 + }, + { + "id": 86659284, + "name": "CVE-2017-7269", + "full_name": "M1a0rz\/CVE-2017-7269", + "owner": { + "login": "M1a0rz", + "id": 25101765, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/25101765?v=4", + "html_url": "https:\/\/github.com\/M1a0rz" + }, + "html_url": "https:\/\/github.com\/M1a0rz\/CVE-2017-7269", + "description": "Poc for iis6.0", + "fork": false, + "created_at": "2017-03-30T04:35:13Z", + "updated_at": "2017-03-30T04:35:13Z", + "pushed_at": "2017-03-30T04:35:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 86697845, + "name": "cve-2017-7269picture", + "full_name": "whiteHat001\/cve-2017-7269picture", + "owner": { + "login": "whiteHat001", + "id": 18191034, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18191034?v=4", + "html_url": "https:\/\/github.com\/whiteHat001" + }, + "html_url": "https:\/\/github.com\/whiteHat001\/cve-2017-7269picture", + "description": null, + "fork": false, + "created_at": "2017-03-30T12:03:05Z", + "updated_at": "2017-03-30T12:03:05Z", + "pushed_at": "2017-03-30T12:11:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 86754251, + "name": "cve-2017-7269", + "full_name": "zcgonvh\/cve-2017-7269", + "owner": { + "login": "zcgonvh", + "id": 25787677, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25787677?v=4", + "html_url": "https:\/\/github.com\/zcgonvh" + }, + "html_url": "https:\/\/github.com\/zcgonvh\/cve-2017-7269", + "description": "fixed msf module for cve-2017-7269", + "fork": false, + "created_at": "2017-03-30T22:20:36Z", + "updated_at": "2020-11-20T13:23:42Z", + "pushed_at": "2017-03-30T22:20:51Z", + "stargazers_count": 110, + "watchers_count": 110, + "forks_count": 61, + "forks": 61, + "watchers": 110, + "score": 0 + }, + { + "id": 87165305, + "name": "CVE-2017-7269", + "full_name": "jrrombaldo\/CVE-2017-7269", + "owner": { + "login": "jrrombaldo", + "id": 121948, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/121948?v=4", + "html_url": "https:\/\/github.com\/jrrombaldo" + }, + "html_url": "https:\/\/github.com\/jrrombaldo\/CVE-2017-7269", + "description": null, + "fork": false, + "created_at": "2017-04-04T08:47:22Z", + "updated_at": "2018-01-08T16:52:30Z", + "pushed_at": "2017-04-04T17:20:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 87365181, + "name": "iis6-exploit-2017-CVE-2017-7269", + "full_name": "g0rx\/iis6-exploit-2017-CVE-2017-7269", + "owner": { + "login": "g0rx", + "id": 10961397, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10961397?v=4", + "html_url": "https:\/\/github.com\/g0rx" + }, + "html_url": "https:\/\/github.com\/g0rx\/iis6-exploit-2017-CVE-2017-7269", + "description": "iis6 exploit 2017 CVE-2017-7269", + "fork": false, + "created_at": "2017-04-05T23:21:12Z", + "updated_at": "2020-11-11T11:19:06Z", + "pushed_at": "2017-04-05T23:29:03Z", + "stargazers_count": 30, + "watchers_count": 30, + "forks_count": 28, + "forks": 28, + "watchers": 30, + "score": 0 + }, + { + "id": 87432387, + "name": "IIS_6.0_WebDAV_Ruby", + "full_name": "slimpagey\/IIS_6.0_WebDAV_Ruby", + "owner": { + "login": "slimpagey", + "id": 10183644, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10183644?v=4", + "html_url": "https:\/\/github.com\/slimpagey" + }, + "html_url": "https:\/\/github.com\/slimpagey\/IIS_6.0_WebDAV_Ruby", + "description": "Ruby Exploit for IIS 6.0 Buffer Overflow (CVE-2017-7269)", + "fork": false, + "created_at": "2017-04-06T13:27:20Z", + "updated_at": "2019-02-27T06:05:06Z", + "pushed_at": "2017-04-06T13:47:49Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 2, + "forks": 2, + "watchers": 6, + "score": 0 + }, + { + "id": 88148249, + "name": "cve-2017-7269", + "full_name": "homjxi0e\/cve-2017-7269", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/cve-2017-7269", + "description": null, + "fork": false, + "created_at": "2017-04-13T09:27:01Z", + "updated_at": "2017-04-13T09:27:01Z", + "pushed_at": "2017-04-13T12:33:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 89217126, + "name": "CVE-2017-7269", + "full_name": "xiaovpn\/CVE-2017-7269", + "owner": { + "login": "xiaovpn", + "id": 22736797, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/22736797?v=4", + "html_url": "https:\/\/github.com\/xiaovpn" + }, + "html_url": "https:\/\/github.com\/xiaovpn\/CVE-2017-7269", + "description": "CVE-2017-7269", + "fork": false, + "created_at": "2017-04-24T08:42:59Z", + "updated_at": "2017-04-24T08:42:59Z", + "pushed_at": "2017-04-24T08:43:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 91493002, + "name": "cve-2017-7269-tool", + "full_name": "zcgonvh\/cve-2017-7269-tool", + "owner": { + "login": "zcgonvh", + "id": 25787677, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/25787677?v=4", + "html_url": "https:\/\/github.com\/zcgonvh" + }, + "html_url": "https:\/\/github.com\/zcgonvh\/cve-2017-7269-tool", + "description": "CVE-2017-7269 to webshell or shellcode loader", + "fork": false, + "created_at": "2017-05-16T18:47:45Z", + "updated_at": "2020-09-14T21:00:11Z", + "pushed_at": "2017-05-16T18:48:15Z", + "stargazers_count": 84, + "watchers_count": 84, + "forks_count": 32, + "forks": 32, + "watchers": 84, + "score": 0 + }, + { + "id": 118708741, + "name": "CVE-2017-7269", + "full_name": "mirrorblack\/CVE-2017-7269", + "owner": { + "login": "mirrorblack", + "id": 33338951, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33338951?v=4", + "html_url": "https:\/\/github.com\/mirrorblack" + }, + "html_url": "https:\/\/github.com\/mirrorblack\/CVE-2017-7269", + "description": "CVE-2017-7269利用代码(rb文件)", + "fork": false, + "created_at": "2018-01-24T03:51:58Z", + "updated_at": "2018-01-24T03:51:58Z", + "pushed_at": "2018-01-24T03:51:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 131371800, "name": "CVE-2017-7269", diff --git a/2017/CVE-2017-7472.json b/2017/CVE-2017-7472.json new file mode 100644 index 0000000000..99f8345fb7 --- /dev/null +++ b/2017/CVE-2017-7472.json @@ -0,0 +1,25 @@ +[ + { + "id": 93704978, + "name": "CVE-2017-7472", + "full_name": "homjxi0e\/CVE-2017-7472", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-7472", + "description": null, + "fork": false, + "created_at": "2017-06-08T03:47:57Z", + "updated_at": "2017-06-08T03:52:03Z", + "pushed_at": "2017-06-08T03:52:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7494.json b/2017/CVE-2017-7494.json index d08a82eaea..62cb6df66d 100644 --- a/2017/CVE-2017-7494.json +++ b/2017/CVE-2017-7494.json @@ -1,4 +1,142 @@ [ + { + "id": 92405414, + "name": "cve-2017-7494", + "full_name": "betab0t\/cve-2017-7494", + "owner": { + "login": "betab0t", + "id": 40000473, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/40000473?v=4", + "html_url": "https:\/\/github.com\/betab0t" + }, + "html_url": "https:\/\/github.com\/betab0t\/cve-2017-7494", + "description": "Proof-of-Concept exploit for CVE-2017-7494(Samba RCE from a writable share)", + "fork": false, + "created_at": "2017-05-25T13:20:56Z", + "updated_at": "2020-12-15T10:23:56Z", + "pushed_at": "2017-07-26T13:07:51Z", + "stargazers_count": 175, + "watchers_count": 175, + "forks_count": 61, + "forks": 61, + "watchers": 175, + "score": 0 + }, + { + "id": 92410132, + "name": "CVE-2017-7494", + "full_name": "homjxi0e\/CVE-2017-7494", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-7494", + "description": null, + "fork": false, + "created_at": "2017-05-25T14:13:10Z", + "updated_at": "2017-05-26T08:46:45Z", + "pushed_at": "2017-05-26T08:46:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 92457464, + "name": "exploit-CVE-2017-7494", + "full_name": "opsxcq\/exploit-CVE-2017-7494", + "owner": { + "login": "opsxcq", + "id": 16995025, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16995025?v=4", + "html_url": "https:\/\/github.com\/opsxcq" + }, + "html_url": "https:\/\/github.com\/opsxcq\/exploit-CVE-2017-7494", + "description": "SambaCry exploit and vulnerable container (CVE-2017-7494)", + "fork": false, + "created_at": "2017-05-26T00:58:25Z", + "updated_at": "2020-12-29T20:01:00Z", + "pushed_at": "2017-10-31T16:20:29Z", + "stargazers_count": 260, + "watchers_count": 260, + "forks_count": 92, + "forks": 92, + "watchers": 260, + "score": 0 + }, + { + "id": 92484269, + "name": "SambaCry", + "full_name": "Waffles-2\/SambaCry", + "owner": { + "login": "Waffles-2", + "id": 21175535, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/21175535?v=4", + "html_url": "https:\/\/github.com\/Waffles-2" + }, + "html_url": "https:\/\/github.com\/Waffles-2\/SambaCry", + "description": "CVE-2017-7494 - Detection Scripts", + "fork": false, + "created_at": "2017-05-26T07:28:26Z", + "updated_at": "2020-08-27T17:36:56Z", + "pushed_at": "2017-05-26T07:43:02Z", + "stargazers_count": 61, + "watchers_count": 61, + "forks_count": 24, + "forks": 24, + "watchers": 61, + "score": 0 + }, + { + "id": 92845566, + "name": "SambaHunter", + "full_name": "brianwrf\/SambaHunter", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf" + }, + "html_url": "https:\/\/github.com\/brianwrf\/SambaHunter", + "description": "It is a simple script to exploit RCE for Samba (CVE-2017-7494 ).", + "fork": false, + "created_at": "2017-05-30T15:08:32Z", + "updated_at": "2020-12-06T04:30:39Z", + "pushed_at": "2017-05-30T16:13:24Z", + "stargazers_count": 39, + "watchers_count": 39, + "forks_count": 22, + "forks": 22, + "watchers": 39, + "score": 0 + }, + { + "id": 93424064, + "name": "CVE-2017-7494", + "full_name": "joxeankoret\/CVE-2017-7494", + "owner": { + "login": "joxeankoret", + "id": 2945834, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2945834?v=4", + "html_url": "https:\/\/github.com\/joxeankoret" + }, + "html_url": "https:\/\/github.com\/joxeankoret\/CVE-2017-7494", + "description": "Remote root exploit for the SAMBA CVE-2017-7494 vulnerability", + "fork": false, + "created_at": "2017-06-05T16:25:57Z", + "updated_at": "2020-12-16T19:53:37Z", + "pushed_at": "2017-11-27T16:28:14Z", + "stargazers_count": 214, + "watchers_count": 214, + "forks_count": 71, + "forks": 71, + "watchers": 214, + "score": 0 + }, { "id": 98615757, "name": "Samba-CVE-2017-7494", diff --git a/2017/CVE-2017-7525.json b/2017/CVE-2017-7525.json index 2da4d2c14d..eb246aa89f 100644 --- a/2017/CVE-2017-7525.json +++ b/2017/CVE-2017-7525.json @@ -1,4 +1,50 @@ [ + { + "id": 113026595, + "name": "study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095", + "full_name": "SecureSkyTechnology\/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095", + "owner": { + "login": "SecureSkyTechnology", + "id": 9350349, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/9350349?v=4", + "html_url": "https:\/\/github.com\/SecureSkyTechnology" + }, + "html_url": "https:\/\/github.com\/SecureSkyTechnology\/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095", + "description": "Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告", + "fork": false, + "created_at": "2017-12-04T10:07:28Z", + "updated_at": "2020-11-03T01:57:37Z", + "pushed_at": "2017-12-13T03:34:56Z", + "stargazers_count": 108, + "watchers_count": 108, + "forks_count": 27, + "forks": 27, + "watchers": 108, + "score": 0 + }, + { + "id": 114703214, + "name": "S2-055", + "full_name": "Nazicc\/S2-055", + "owner": { + "login": "Nazicc", + "id": 12894927, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12894927?v=4", + "html_url": "https:\/\/github.com\/Nazicc" + }, + "html_url": "https:\/\/github.com\/Nazicc\/S2-055", + "description": "CVE-2017-7525 S2-055 Exploit", + "fork": false, + "created_at": "2017-12-19T01:02:04Z", + "updated_at": "2020-11-28T11:14:21Z", + "pushed_at": "2017-12-18T10:26:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 167006781, "name": "Demo-Exploit-Jackson-RCE", diff --git a/2017/CVE-2017-7529.json b/2017/CVE-2017-7529.json index 797518417d..2019cb9583 100644 --- a/2017/CVE-2017-7529.json +++ b/2017/CVE-2017-7529.json @@ -1,4 +1,27 @@ [ + { + "id": 97701175, + "name": "CVE-2017-7529", + "full_name": "liusec\/CVE-2017-7529", + "owner": { + "login": "liusec", + "id": 13982415, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/13982415?v=4", + "html_url": "https:\/\/github.com\/liusec" + }, + "html_url": "https:\/\/github.com\/liusec\/CVE-2017-7529", + "description": null, + "fork": false, + "created_at": "2017-07-19T09:55:42Z", + "updated_at": "2020-07-30T16:07:30Z", + "pushed_at": "2017-07-21T06:29:35Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 7, + "forks": 7, + "watchers": 10, + "score": 0 + }, { "id": 138050203, "name": "CVE-2017-7529_PoC", diff --git a/2017/CVE-2017-7648.json b/2017/CVE-2017-7648.json new file mode 100644 index 0000000000..71083acee3 --- /dev/null +++ b/2017/CVE-2017-7648.json @@ -0,0 +1,25 @@ +[ + { + "id": 87845394, + "name": "CVE-2017-7648.", + "full_name": "notmot\/CVE-2017-7648.", + "owner": { + "login": "notmot", + "id": 4649277, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4649277?v=4", + "html_url": "https:\/\/github.com\/notmot" + }, + "html_url": "https:\/\/github.com\/notmot\/CVE-2017-7648.", + "description": "A writeup of CVE-2017-7648", + "fork": false, + "created_at": "2017-04-10T18:41:59Z", + "updated_at": "2017-04-10T18:47:31Z", + "pushed_at": "2017-04-10T18:42:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7679.json b/2017/CVE-2017-7679.json new file mode 100644 index 0000000000..011d0e0422 --- /dev/null +++ b/2017/CVE-2017-7679.json @@ -0,0 +1,25 @@ +[ + { + "id": 120799852, + "name": "CVE-2017-7679-in-python", + "full_name": "snknritr\/CVE-2017-7679-in-python", + "owner": { + "login": "snknritr", + "id": 36276619, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36276619?v=4", + "html_url": "https:\/\/github.com\/snknritr" + }, + "html_url": "https:\/\/github.com\/snknritr\/CVE-2017-7679-in-python", + "description": "At this project, we made a python exploit using buffer overflow at the CVE-2017-7679", + "fork": false, + "created_at": "2018-02-08T18:21:18Z", + "updated_at": "2020-06-17T00:24:51Z", + "pushed_at": "2018-02-08T18:21:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7912.json b/2017/CVE-2017-7912.json new file mode 100644 index 0000000000..570037bbfb --- /dev/null +++ b/2017/CVE-2017-7912.json @@ -0,0 +1,25 @@ +[ + { + "id": 103750394, + "name": "CVE-2017-7912_Sneak", + "full_name": "homjxi0e\/CVE-2017-7912_Sneak", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-7912_Sneak", + "description": null, + "fork": false, + "created_at": "2017-09-16T12:27:48Z", + "updated_at": "2017-09-16T12:27:48Z", + "pushed_at": "2017-09-16T12:27:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7998.json b/2017/CVE-2017-7998.json new file mode 100644 index 0000000000..4d5e2ecfe2 --- /dev/null +++ b/2017/CVE-2017-7998.json @@ -0,0 +1,25 @@ +[ + { + "id": 101155833, + "name": "CVE-2017-7998", + "full_name": "homjxi0e\/CVE-2017-7998", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-7998", + "description": " Denial of service by Exit in Terminal !! ", + "fork": false, + "created_at": "2017-08-23T08:17:10Z", + "updated_at": "2017-10-03T14:38:32Z", + "pushed_at": "2017-10-11T16:52:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8046.json b/2017/CVE-2017-8046.json index ff8c432344..0c234c4b35 100644 --- a/2017/CVE-2017-8046.json +++ b/2017/CVE-2017-8046.json @@ -1,4 +1,27 @@ [ + { + "id": 105420015, + "name": "CVE-2017-8046-DEMO", + "full_name": "Soontao\/CVE-2017-8046-DEMO", + "owner": { + "login": "Soontao", + "id": 10473459, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10473459?v=4", + "html_url": "https:\/\/github.com\/Soontao" + }, + "html_url": "https:\/\/github.com\/Soontao\/CVE-2017-8046-DEMO", + "description": "SPRING DATA REST CVE-2017-8046 DEMO", + "fork": false, + "created_at": "2017-10-01T04:52:24Z", + "updated_at": "2017-10-09T09:05:05Z", + "pushed_at": "2017-10-01T10:54:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 110002512, "name": "spring-data-rest-CVE-2017-8046", diff --git a/2017/CVE-2017-8295.json b/2017/CVE-2017-8295.json index f3f688e548..108735b47c 100644 --- a/2017/CVE-2017-8295.json +++ b/2017/CVE-2017-8295.json @@ -1,4 +1,50 @@ [ + { + "id": 90299927, + "name": "CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset", + "full_name": "homjxi0e\/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset", + "description": null, + "fork": false, + "created_at": "2017-05-04T19:05:12Z", + "updated_at": "2017-05-04T19:05:12Z", + "pushed_at": "2017-05-04T19:13:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 90396412, + "name": "wp-allowed-hosts", + "full_name": "alash3al\/wp-allowed-hosts", + "owner": { + "login": "alash3al", + "id": 3078292, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/3078292?v=4", + "html_url": "https:\/\/github.com\/alash3al" + }, + "html_url": "https:\/\/github.com\/alash3al\/wp-allowed-hosts", + "description": "a plugin that protects your wp site from the CVE-2017-8295 vulnerability", + "fork": false, + "created_at": "2017-05-05T16:34:17Z", + "updated_at": "2017-05-06T06:41:07Z", + "pushed_at": "2017-05-05T17:05:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, { "id": 90453472, "name": "CVE-2017-8295", diff --git a/2017/CVE-2017-8382.json b/2017/CVE-2017-8382.json new file mode 100644 index 0000000000..8ca1b2683c --- /dev/null +++ b/2017/CVE-2017-8382.json @@ -0,0 +1,25 @@ +[ + { + "id": 91959764, + "name": "Admidio-3.2.8-CSRF-POC-by-Provensec-llc", + "full_name": "faizzaidi\/Admidio-3.2.8-CSRF-POC-by-Provensec-llc", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Admidio-3.2.8-CSRF-POC-by-Provensec-llc", + "description": "Admidio 3.2.8 Cross-Site Request Forgery Assigned CVE Number: CVE-2017-8382", + "fork": false, + "created_at": "2017-05-21T13:36:51Z", + "updated_at": "2020-07-17T05:22:45Z", + "pushed_at": "2017-05-21T13:38:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8464.json b/2017/CVE-2017-8464.json index 207c3b4221..1c0b92c1a3 100644 --- a/2017/CVE-2017-8464.json +++ b/2017/CVE-2017-8464.json @@ -1,4 +1,73 @@ [ + { + "id": 52461595, + "name": "CVE-2017-8464", + "full_name": "Elm0D\/CVE-2017-8464", + "owner": { + "login": "Elm0D", + "id": 11469105, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11469105?v=4", + "html_url": "https:\/\/github.com\/Elm0D" + }, + "html_url": "https:\/\/github.com\/Elm0D\/CVE-2017-8464", + "description": null, + "fork": false, + "created_at": "2016-02-24T17:36:29Z", + "updated_at": "2020-09-27T13:06:39Z", + "pushed_at": "2017-09-20T23:50:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, + { + "id": 99062024, + "name": "CVE-2017-8464-EXP", + "full_name": "3gstudent\/CVE-2017-8464-EXP", + "owner": { + "login": "3gstudent", + "id": 15814408, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/15814408?v=4", + "html_url": "https:\/\/github.com\/3gstudent" + }, + "html_url": "https:\/\/github.com\/3gstudent\/CVE-2017-8464-EXP", + "description": "Support x86 and x64", + "fork": false, + "created_at": "2017-08-02T02:14:37Z", + "updated_at": "2020-11-09T07:48:21Z", + "pushed_at": "2017-10-09T01:01:20Z", + "stargazers_count": 66, + "watchers_count": 66, + "forks_count": 31, + "forks": 31, + "watchers": 66, + "score": 0 + }, + { + "id": 99573027, + "name": "CVE-2017-8464-exp-generator", + "full_name": "Securitykid\/CVE-2017-8464-exp-generator", + "owner": { + "login": "Securitykid", + "id": 30798606, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/30798606?v=4", + "html_url": "https:\/\/github.com\/Securitykid" + }, + "html_url": "https:\/\/github.com\/Securitykid\/CVE-2017-8464-exp-generator", + "description": "this tool can generate a exp for cve-2017-8486, it is developed by python", + "fork": false, + "created_at": "2017-08-07T11:56:11Z", + "updated_at": "2020-11-09T09:39:26Z", + "pushed_at": "2017-08-07T12:42:33Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 6, + "forks": 6, + "watchers": 7, + "score": 0 + }, { "id": 105686692, "name": "usbhijacking", diff --git a/2017/CVE-2017-8543.json b/2017/CVE-2017-8543.json new file mode 100644 index 0000000000..7c4ea901c4 --- /dev/null +++ b/2017/CVE-2017-8543.json @@ -0,0 +1,25 @@ +[ + { + "id": 94720681, + "name": "windows-security-cve-2017-8543", + "full_name": "americanhanko\/windows-security-cve-2017-8543", + "owner": { + "login": "americanhanko", + "id": 8458267, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8458267?v=4", + "html_url": "https:\/\/github.com\/americanhanko" + }, + "html_url": "https:\/\/github.com\/americanhanko\/windows-security-cve-2017-8543", + "description": "InSpec profile to verify a node is patched and compliant for CVE-2017-8543", + "fork": false, + "created_at": "2017-06-19T00:15:09Z", + "updated_at": "2017-06-19T00:16:02Z", + "pushed_at": "2017-06-19T02:07:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8570.json b/2017/CVE-2017-8570.json index 5a04b82932..e88511c7cc 100644 --- a/2017/CVE-2017-8570.json +++ b/2017/CVE-2017-8570.json @@ -22,6 +22,29 @@ "watchers": 67, "score": 0 }, + { + "id": 116858521, + "name": "CVE-2017-8570", + "full_name": "rxwx\/CVE-2017-8570", + "owner": { + "login": "rxwx", + "id": 2202542, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/2202542?v=4", + "html_url": "https:\/\/github.com\/rxwx" + }, + "html_url": "https:\/\/github.com\/rxwx\/CVE-2017-8570", + "description": "Proof of Concept exploit for CVE-2017-8570", + "fork": false, + "created_at": "2018-01-09T19:09:33Z", + "updated_at": "2020-10-26T07:42:41Z", + "pushed_at": "2018-01-09T19:23:43Z", + "stargazers_count": 173, + "watchers_count": 173, + "forks_count": 103, + "forks": 103, + "watchers": 173, + "score": 0 + }, { "id": 122914059, "name": "Office-CVE-2017-8570", diff --git a/2017/CVE-2017-8625.json b/2017/CVE-2017-8625.json new file mode 100644 index 0000000000..22fc5211d2 --- /dev/null +++ b/2017/CVE-2017-8625.json @@ -0,0 +1,25 @@ +[ + { + "id": 100988934, + "name": "CVE-2017-8625_Bypass_UMCI", + "full_name": "homjxi0e\/CVE-2017-8625_Bypass_UMCI", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-8625_Bypass_UMCI", + "description": "Bypass Feature UMCI in Internet Explorer", + "fork": false, + "created_at": "2017-08-21T20:14:07Z", + "updated_at": "2020-11-18T13:22:34Z", + "pushed_at": "2017-08-25T13:04:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8641.json b/2017/CVE-2017-8641.json new file mode 100644 index 0000000000..778c7b6262 --- /dev/null +++ b/2017/CVE-2017-8641.json @@ -0,0 +1,25 @@ +[ + { + "id": 100988677, + "name": "CVE-2017-8641_chakra_Js_GlobalObject", + "full_name": "homjxi0e\/CVE-2017-8641_chakra_Js_GlobalObject", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-8641_chakra_Js_GlobalObject", + "description": "There is a classic heap overflow when eval a string which large enough in Chakra! This issue can be reproduced steadly in uptodate Edge in Win10 WIP. An exception will occur immediatly when opening POC.html in Edge. ", + "fork": false, + "created_at": "2017-08-21T20:11:11Z", + "updated_at": "2017-08-23T09:18:42Z", + "pushed_at": "2017-08-23T09:09:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8759.json b/2017/CVE-2017-8759.json index ab8d05ccf3..f6a625d8ba 100644 --- a/2017/CVE-2017-8759.json +++ b/2017/CVE-2017-8759.json @@ -22,6 +22,121 @@ "watchers": 257, "score": 0 }, + { + "id": 103416775, + "name": "CVE-2017-8759", + "full_name": "nccgroup\/CVE-2017-8759", + "owner": { + "login": "nccgroup", + "id": 4067082, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4067082?v=4", + "html_url": "https:\/\/github.com\/nccgroup" + }, + "html_url": "https:\/\/github.com\/nccgroup\/CVE-2017-8759", + "description": "NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements", + "fork": false, + "created_at": "2017-09-13T15:24:10Z", + "updated_at": "2020-09-21T03:44:19Z", + "pushed_at": "2017-09-19T18:06:41Z", + "stargazers_count": 92, + "watchers_count": 92, + "forks_count": 48, + "forks": 48, + "watchers": 92, + "score": 0 + }, + { + "id": 103428172, + "name": "CVE-2017-8759", + "full_name": "vysecurity\/CVE-2017-8759", + "owner": { + "login": "vysecurity", + "id": 3596242, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3596242?v=4", + "html_url": "https:\/\/github.com\/vysecurity" + }, + "html_url": "https:\/\/github.com\/vysecurity\/CVE-2017-8759", + "description": "CVE-2017-8759 - A vulnerability in the SOAP WDSL parser.", + "fork": false, + "created_at": "2017-09-13T17:10:18Z", + "updated_at": "2020-11-20T09:09:06Z", + "pushed_at": "2017-09-14T10:18:40Z", + "stargazers_count": 173, + "watchers_count": 173, + "forks_count": 85, + "forks": 85, + "watchers": 173, + "score": 0 + }, + { + "id": 103447049, + "name": "CVE-2017-8759", + "full_name": "BasuCert\/CVE-2017-8759", + "owner": { + "login": "BasuCert", + "id": 29852431, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29852431?v=4", + "html_url": "https:\/\/github.com\/BasuCert" + }, + "html_url": "https:\/\/github.com\/BasuCert\/CVE-2017-8759", + "description": "CVE-2017-8759 Research", + "fork": false, + "created_at": "2017-09-13T20:27:29Z", + "updated_at": "2020-05-18T10:42:14Z", + "pushed_at": "2017-09-15T13:14:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 103447404, + "name": "CVE-2017-8759-Exploit-sample2", + "full_name": "tahisaad6\/CVE-2017-8759-Exploit-sample2", + "owner": { + "login": "tahisaad6", + "id": 21042116, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/21042116?v=4", + "html_url": "https:\/\/github.com\/tahisaad6" + }, + "html_url": "https:\/\/github.com\/tahisaad6\/CVE-2017-8759-Exploit-sample2", + "description": null, + "fork": false, + "created_at": "2017-09-13T20:31:43Z", + "updated_at": "2017-09-13T20:31:43Z", + "pushed_at": "2017-09-13T20:31:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 103493845, + "name": "CVE-2017-8759_-SOAP_WSDL", + "full_name": "homjxi0e\/CVE-2017-8759_-SOAP_WSDL", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-8759_-SOAP_WSDL", + "description": "CVE-2017-8759 Remote Code Execution Vulnerability On SOAP WDSL - Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 3.5", + "fork": false, + "created_at": "2017-09-14T06:20:28Z", + "updated_at": "2018-11-16T12:24:03Z", + "pushed_at": "2017-09-21T16:41:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 5, + "forks": 5, + "watchers": 1, + "score": 0 + }, { "id": 103517315, "name": "CVE-2017-8759", @@ -45,6 +160,121 @@ "watchers": 306, "score": 0 }, + { + "id": 103595749, + "name": "CVE-2017-8759", + "full_name": "Lz1y\/CVE-2017-8759", + "owner": { + "login": "Lz1y", + "id": 23468993, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23468993?v=4", + "html_url": "https:\/\/github.com\/Lz1y" + }, + "html_url": "https:\/\/github.com\/Lz1y\/CVE-2017-8759", + "description": "CVE-2017-8759", + "fork": false, + "created_at": "2017-09-15T00:36:17Z", + "updated_at": "2020-10-26T07:42:09Z", + "pushed_at": "2017-12-28T07:16:15Z", + "stargazers_count": 83, + "watchers_count": 83, + "forks_count": 49, + "forks": 49, + "watchers": 83, + "score": 0 + }, + { + "id": 103865283, + "name": "CVE-2017-8759", + "full_name": "JonasUliana\/CVE-2017-8759", + "owner": { + "login": "JonasUliana", + "id": 29503841, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/29503841?v=4", + "html_url": "https:\/\/github.com\/JonasUliana" + }, + "html_url": "https:\/\/github.com\/JonasUliana\/CVE-2017-8759", + "description": "Simple C# implementation of CVE-2017-8759", + "fork": false, + "created_at": "2017-09-17T22:05:56Z", + "updated_at": "2018-11-16T12:24:03Z", + "pushed_at": "2017-09-17T22:20:36Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 3, + "forks": 3, + "watchers": 7, + "score": 0 + }, + { + "id": 103896322, + "name": "CVE-2017-8759", + "full_name": "Securitykid\/CVE-2017-8759", + "owner": { + "login": "Securitykid", + "id": 30798606, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/30798606?v=4", + "html_url": "https:\/\/github.com\/Securitykid" + }, + "html_url": "https:\/\/github.com\/Securitykid\/CVE-2017-8759", + "description": "CVE-2017-8759", + "fork": false, + "created_at": "2017-09-18T05:35:57Z", + "updated_at": "2017-09-18T05:35:57Z", + "pushed_at": "2017-09-18T05:35:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 104033989, + "name": "CVE-2017-8759-exploits", + "full_name": "ashr\/CVE-2017-8759-exploits", + "owner": { + "login": "ashr", + "id": 171286, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/171286?v=4", + "html_url": "https:\/\/github.com\/ashr" + }, + "html_url": "https:\/\/github.com\/ashr\/CVE-2017-8759-exploits", + "description": "Two versions of CVE-2017-8759 exploits", + "fork": false, + "created_at": "2017-09-19T06:12:10Z", + "updated_at": "2020-04-07T05:43:28Z", + "pushed_at": "2017-09-19T06:19:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 4, + "forks": 4, + "watchers": 2, + "score": 0 + }, + { + "id": 104625403, + "name": "CVE-2017-8759", + "full_name": "l0n3rs\/CVE-2017-8759", + "owner": { + "login": "l0n3rs", + "id": 31120718, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/31120718?v=4", + "html_url": "https:\/\/github.com\/l0n3rs" + }, + "html_url": "https:\/\/github.com\/l0n3rs\/CVE-2017-8759", + "description": null, + "fork": false, + "created_at": "2017-09-24T06:58:55Z", + "updated_at": "2017-09-24T06:58:55Z", + "pushed_at": "2017-09-24T06:59:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 161397133, "name": "CVE-2017-8759", diff --git a/2017/CVE-2017-8779.json b/2017/CVE-2017-8779.json new file mode 100644 index 0000000000..c809294299 --- /dev/null +++ b/2017/CVE-2017-8779.json @@ -0,0 +1,25 @@ +[ + { + "id": 90798298, + "name": "GO-RPCBOMB", + "full_name": "drbothen\/GO-RPCBOMB", + "owner": { + "login": "drbothen", + "id": 6192325, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/6192325?v=4", + "html_url": "https:\/\/github.com\/drbothen" + }, + "html_url": "https:\/\/github.com\/drbothen\/GO-RPCBOMB", + "description": "CVE-2017-8779 aka RPCBomb", + "fork": false, + "created_at": "2017-05-09T22:43:10Z", + "updated_at": "2020-09-28T00:42:01Z", + "pushed_at": "2017-05-10T16:48:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8802.json b/2017/CVE-2017-8802.json new file mode 100644 index 0000000000..481335ac96 --- /dev/null +++ b/2017/CVE-2017-8802.json @@ -0,0 +1,25 @@ +[ + { + "id": 118624965, + "name": "Zimbra-CVE-2017-8802-Hotifx", + "full_name": "ozzi-\/Zimbra-CVE-2017-8802-Hotifx", + "owner": { + "login": "ozzi-", + "id": 7944573, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7944573?v=4", + "html_url": "https:\/\/github.com\/ozzi-" + }, + "html_url": "https:\/\/github.com\/ozzi-\/Zimbra-CVE-2017-8802-Hotifx", + "description": "Security hotfix for CVE-2017-8802 ", + "fork": false, + "created_at": "2018-01-23T14:56:18Z", + "updated_at": "2018-01-23T14:56:59Z", + "pushed_at": "2018-01-23T14:58:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8917.json b/2017/CVE-2017-8917.json index 1590341be6..3213f0b78f 100644 --- a/2017/CVE-2017-8917.json +++ b/2017/CVE-2017-8917.json @@ -1,4 +1,27 @@ [ + { + "id": 91819199, + "name": "Joomla3.7-SQLi-CVE-2017-8917", + "full_name": "brianwrf\/Joomla3.7-SQLi-CVE-2017-8917", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf" + }, + "html_url": "https:\/\/github.com\/brianwrf\/Joomla3.7-SQLi-CVE-2017-8917", + "description": "Joomla 3.7 SQL injection (CVE-2017-8917)", + "fork": false, + "created_at": "2017-05-19T15:21:46Z", + "updated_at": "2020-10-03T06:01:00Z", + "pushed_at": "2017-05-19T15:30:18Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "forks": 3, + "watchers": 8, + "score": 0 + }, { "id": 111313970, "name": "Exploit-Joomla", diff --git a/2017/CVE-2017-9097.json b/2017/CVE-2017-9097.json new file mode 100644 index 0000000000..82f9631118 --- /dev/null +++ b/2017/CVE-2017-9097.json @@ -0,0 +1,25 @@ +[ + { + "id": 116008243, + "name": "AntiWeb_testing-Suite", + "full_name": "MDudek-ICS\/AntiWeb_testing-Suite", + "owner": { + "login": "MDudek-ICS", + "id": 31083304, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/31083304?v=4", + "html_url": "https:\/\/github.com\/MDudek-ICS" + }, + "html_url": "https:\/\/github.com\/MDudek-ICS\/AntiWeb_testing-Suite", + "description": "Suite de herramientas que sacan partido del CVE-2017-9097 (+RCE)", + "fork": false, + "created_at": "2018-01-02T11:28:40Z", + "updated_at": "2020-06-27T13:14:05Z", + "pushed_at": "2017-11-21T20:19:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 10, + "forks": 10, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9417.json b/2017/CVE-2017-9417.json new file mode 100644 index 0000000000..5c54375926 --- /dev/null +++ b/2017/CVE-2017-9417.json @@ -0,0 +1,25 @@ +[ + { + "id": 98761662, + "name": "Broadpwn", + "full_name": "mailinneberg\/Broadpwn", + "owner": { + "login": "mailinneberg", + "id": 29992468, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29992468?v=4", + "html_url": "https:\/\/github.com\/mailinneberg" + }, + "html_url": "https:\/\/github.com\/mailinneberg\/Broadpwn", + "description": "Broadpwn bug (CVE-2017-9417)", + "fork": false, + "created_at": "2017-07-29T22:23:34Z", + "updated_at": "2020-09-11T14:53:55Z", + "pushed_at": "2017-09-22T12:14:25Z", + "stargazers_count": 42, + "watchers_count": 42, + "forks_count": 14, + "forks": 14, + "watchers": 42, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9430.json b/2017/CVE-2017-9430.json new file mode 100644 index 0000000000..da1ad4f932 --- /dev/null +++ b/2017/CVE-2017-9430.json @@ -0,0 +1,48 @@ +[ + { + "id": 93714446, + "name": "CVE-2017-9430", + "full_name": "homjxi0e\/CVE-2017-9430", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-9430", + "description": null, + "fork": false, + "created_at": "2017-06-08T06:22:37Z", + "updated_at": "2017-06-08T06:30:44Z", + "pushed_at": "2017-06-08T06:30:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 111662357, + "name": "Dnstracer-1.9-Fix", + "full_name": "j0lama\/Dnstracer-1.9-Fix", + "owner": { + "login": "j0lama", + "id": 17393029, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17393029?v=4", + "html_url": "https:\/\/github.com\/j0lama" + }, + "html_url": "https:\/\/github.com\/j0lama\/Dnstracer-1.9-Fix", + "description": "CVE-2017-9430 Fix", + "fork": false, + "created_at": "2017-11-22T09:19:53Z", + "updated_at": "2017-11-22T09:23:55Z", + "pushed_at": "2017-11-22T09:40:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9476.json b/2017/CVE-2017-9476.json new file mode 100644 index 0000000000..ee3228bf4c --- /dev/null +++ b/2017/CVE-2017-9476.json @@ -0,0 +1,25 @@ +[ + { + "id": 106408008, + "name": "CVE-2017-9476", + "full_name": "wiire-a\/CVE-2017-9476", + "owner": { + "login": "wiire-a", + "id": 11740772, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11740772?v=4", + "html_url": "https:\/\/github.com\/wiire-a" + }, + "html_url": "https:\/\/github.com\/wiire-a\/CVE-2017-9476", + "description": "Hidden AP with Deterministic Credentials", + "fork": false, + "created_at": "2017-10-10T11:25:36Z", + "updated_at": "2020-09-11T12:03:08Z", + "pushed_at": "2017-10-10T11:26:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 1, + "forks": 1, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9606.json b/2017/CVE-2017-9606.json new file mode 100644 index 0000000000..9776aed411 --- /dev/null +++ b/2017/CVE-2017-9606.json @@ -0,0 +1,25 @@ +[ + { + "id": 94288997, + "name": "CVE-2017-9606", + "full_name": "Houl777\/CVE-2017-9606", + "owner": { + "login": "Houl777", + "id": 29420363, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/29420363?v=4", + "html_url": "https:\/\/github.com\/Houl777" + }, + "html_url": "https:\/\/github.com\/Houl777\/CVE-2017-9606", + "description": null, + "fork": false, + "created_at": "2017-06-14T04:30:36Z", + "updated_at": "2017-06-14T04:30:36Z", + "pushed_at": "2017-06-14T08:15:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9609.json b/2017/CVE-2017-9609.json new file mode 100644 index 0000000000..1cc8637c24 --- /dev/null +++ b/2017/CVE-2017-9609.json @@ -0,0 +1,25 @@ +[ + { + "id": 94987347, + "name": "Blackcat-cms-v1.2-xss-POC-by-Provensec-llc", + "full_name": "faizzaidi\/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc", + "description": "BlackCat-CMS-Bundle-v1.2 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2017-9609", + "fork": false, + "created_at": "2017-06-21T09:30:58Z", + "updated_at": "2020-07-17T05:22:42Z", + "pushed_at": "2017-06-21T09:31:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9779.json b/2017/CVE-2017-9779.json new file mode 100644 index 0000000000..907a1f8e10 --- /dev/null +++ b/2017/CVE-2017-9779.json @@ -0,0 +1,25 @@ +[ + { + "id": 100739963, + "name": "CVE-2017-9779", + "full_name": "homjxi0e\/CVE-2017-9779", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-9779", + "description": "Automatic execution Payload From Windows By Path Users All Exploit Via File bashrc ", + "fork": false, + "created_at": "2017-08-18T18:30:42Z", + "updated_at": "2017-09-11T14:35:42Z", + "pushed_at": "2017-09-11T23:28:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9791.json b/2017/CVE-2017-9791.json index e53705b373..b056f9fadd 100644 --- a/2017/CVE-2017-9791.json +++ b/2017/CVE-2017-9791.json @@ -1,4 +1,50 @@ [ + { + "id": 96536969, + "name": "s2-048", + "full_name": "IanSmith123\/s2-048", + "owner": { + "login": "IanSmith123", + "id": 19611084, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/19611084?v=4", + "html_url": "https:\/\/github.com\/IanSmith123" + }, + "html_url": "https:\/\/github.com\/IanSmith123\/s2-048", + "description": "Apache struts struts 2 048, CVE-2017-9791.", + "fork": false, + "created_at": "2017-07-07T12:35:55Z", + "updated_at": "2017-07-07T14:05:07Z", + "pushed_at": "2017-07-07T17:10:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 96565902, + "name": "Struts2-048", + "full_name": "dragoneeg\/Struts2-048", + "owner": { + "login": "dragoneeg", + "id": 4232461, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4232461?v=4", + "html_url": "https:\/\/github.com\/dragoneeg" + }, + "html_url": "https:\/\/github.com\/dragoneeg\/Struts2-048", + "description": "CVE-2017-9791", + "fork": false, + "created_at": "2017-07-07T18:27:31Z", + "updated_at": "2020-10-21T14:13:27Z", + "pushed_at": "2017-07-08T02:08:36Z", + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 31, + "forks": 31, + "watchers": 26, + "score": 0 + }, { "id": 104592299, "name": "CVE-2017-9791", diff --git a/2017/CVE-2017-9798.json b/2017/CVE-2017-9798.json index 73e65c90a5..4f38729b58 100644 --- a/2017/CVE-2017-9798.json +++ b/2017/CVE-2017-9798.json @@ -1,4 +1,73 @@ [ + { + "id": 103955890, + "name": "CVE-2017-9798", + "full_name": "nitrado\/CVE-2017-9798", + "owner": { + "login": "nitrado", + "id": 3217095, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3217095?v=4", + "html_url": "https:\/\/github.com\/nitrado" + }, + "html_url": "https:\/\/github.com\/nitrado\/CVE-2017-9798", + "description": "Checks a shared hosting environment for CVE-2017-9798", + "fork": false, + "created_at": "2017-09-18T15:17:13Z", + "updated_at": "2020-11-02T21:51:36Z", + "pushed_at": "2017-09-18T15:38:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 104254696, + "name": "optionsbleed", + "full_name": "pabloec20\/optionsbleed", + "owner": { + "login": "pabloec20", + "id": 24191742, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24191742?v=4", + "html_url": "https:\/\/github.com\/pabloec20" + }, + "html_url": "https:\/\/github.com\/pabloec20\/optionsbleed", + "description": "CVE-2017-9798", + "fork": false, + "created_at": "2017-09-20T18:44:17Z", + "updated_at": "2020-11-23T17:31:10Z", + "pushed_at": "2017-09-20T18:45:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 104625015, + "name": "CVE-2017-9798", + "full_name": "l0n3rs\/CVE-2017-9798", + "owner": { + "login": "l0n3rs", + "id": 31120718, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/31120718?v=4", + "html_url": "https:\/\/github.com\/l0n3rs" + }, + "html_url": "https:\/\/github.com\/l0n3rs\/CVE-2017-9798", + "description": null, + "fork": false, + "created_at": "2017-09-24T06:51:32Z", + "updated_at": "2017-09-24T06:52:51Z", + "pushed_at": "2017-09-24T06:54:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 104967629, "name": "OptionsBleed-POC-Scanner", diff --git a/2017/CVE-2017-9805.json b/2017/CVE-2017-9805.json index 5dc78debae..2258e5dc79 100644 --- a/2017/CVE-2017-9805.json +++ b/2017/CVE-2017-9805.json @@ -22,6 +22,75 @@ "watchers": 54, "score": 0 }, + { + "id": 102714061, + "name": "struts2-rce-cve-2017-9805-ruby", + "full_name": "hahwul\/struts2-rce-cve-2017-9805-ruby", + "owner": { + "login": "hahwul", + "id": 13212227, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/13212227?v=4", + "html_url": "https:\/\/github.com\/hahwul" + }, + "html_url": "https:\/\/github.com\/hahwul\/struts2-rce-cve-2017-9805-ruby", + "description": "cve -2017-9805", + "fork": false, + "created_at": "2017-09-07T08:49:14Z", + "updated_at": "2020-11-22T14:11:43Z", + "pushed_at": "2017-09-07T08:55:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 4, + "forks": 4, + "watchers": 1, + "score": 0 + }, + { + "id": 102917821, + "name": "struts-pwn_CVE-2017-9805", + "full_name": "mazen160\/struts-pwn_CVE-2017-9805", + "owner": { + "login": "mazen160", + "id": 8996052, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/8996052?v=4", + "html_url": "https:\/\/github.com\/mazen160" + }, + "html_url": "https:\/\/github.com\/mazen160\/struts-pwn_CVE-2017-9805", + "description": "An exploit for Apache Struts CVE-2017-9805", + "fork": false, + "created_at": "2017-09-09T01:32:57Z", + "updated_at": "2020-12-21T18:12:47Z", + "pushed_at": "2017-11-07T19:24:00Z", + "stargazers_count": 237, + "watchers_count": 237, + "forks_count": 77, + "forks": 77, + "watchers": 237, + "score": 0 + }, + { + "id": 103005989, + "name": "apache-struts-pwn_CVE-2017-9805", + "full_name": "Lone-Ranger\/apache-struts-pwn_CVE-2017-9805", + "owner": { + "login": "Lone-Ranger", + "id": 15882470, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/15882470?v=4", + "html_url": "https:\/\/github.com\/Lone-Ranger" + }, + "html_url": "https:\/\/github.com\/Lone-Ranger\/apache-struts-pwn_CVE-2017-9805", + "description": "An exploit for Apache Struts CVE-2017-9805", + "fork": false, + "created_at": "2017-09-10T05:26:03Z", + "updated_at": "2020-11-24T23:21:26Z", + "pushed_at": "2017-09-10T05:28:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 9, + "forks": 9, + "watchers": 3, + "score": 0 + }, { "id": 111928630, "name": "-CVE-2017-9805", @@ -45,6 +114,52 @@ "watchers": 12, "score": 0 }, + { + "id": 112276528, + "name": "S2-052", + "full_name": "BeyondCy\/S2-052", + "owner": { + "login": "BeyondCy", + "id": 4694785, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4694785?v=4", + "html_url": "https:\/\/github.com\/BeyondCy" + }, + "html_url": "https:\/\/github.com\/BeyondCy\/S2-052", + "description": "CVE-2017-9805 - Exploit", + "fork": false, + "created_at": "2017-11-28T02:46:07Z", + "updated_at": "2020-11-24T14:16:12Z", + "pushed_at": "2017-10-20T21:04:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 113078841, + "name": "cve-2017-9805.py", + "full_name": "chrisjd20\/cve-2017-9805.py", + "owner": { + "login": "chrisjd20", + "id": 11812223, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11812223?v=4", + "html_url": "https:\/\/github.com\/chrisjd20" + }, + "html_url": "https:\/\/github.com\/chrisjd20\/cve-2017-9805.py", + "description": "Better Exploit Code For CVE 2017 9805 apache struts", + "fork": false, + "created_at": "2017-12-04T18:23:53Z", + "updated_at": "2020-11-25T21:45:43Z", + "pushed_at": "2017-12-23T14:07:59Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 8, + "forks": 8, + "watchers": 21, + "score": 0 + }, { "id": 205600969, "name": "struts_rest_rce_fuzz-CVE-2017-9805-", diff --git a/2017/CVE-2017-98505.json b/2017/CVE-2017-98505.json new file mode 100644 index 0000000000..f6ba62ba98 --- /dev/null +++ b/2017/CVE-2017-98505.json @@ -0,0 +1,25 @@ +[ + { + "id": 103377643, + "name": "Struts2Vuln", + "full_name": "mike-williams\/Struts2Vuln", + "owner": { + "login": "mike-williams", + "id": 3205476, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3205476?v=4", + "html_url": "https:\/\/github.com\/mike-williams" + }, + "html_url": "https:\/\/github.com\/mike-williams\/Struts2Vuln", + "description": "Struts 2 web app that is vulnerable to CVE-2017-98505 and CVE-2017-5638", + "fork": false, + "created_at": "2017-09-13T09:01:34Z", + "updated_at": "2018-08-05T19:22:28Z", + "pushed_at": "2017-09-15T14:39:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9999.json b/2017/CVE-2017-9999.json new file mode 100644 index 0000000000..3f497c0940 --- /dev/null +++ b/2017/CVE-2017-9999.json @@ -0,0 +1,25 @@ +[ + { + "id": 106589531, + "name": "CVE-2017-9999_bypassing_General_Firefox", + "full_name": "homjxi0e\/CVE-2017-9999_bypassing_General_Firefox", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-9999_bypassing_General_Firefox", + "description": null, + "fork": false, + "created_at": "2017-10-11T17:54:50Z", + "updated_at": "2017-10-11T17:54:50Z", + "pushed_at": "2017-10-11T17:54:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15473.json b/2018/CVE-2018-15473.json index 2b01222fd6..d4ea145185 100644 --- a/2018/CVE-2018-15473.json +++ b/2018/CVE-2018-15473.json @@ -59,13 +59,13 @@ "description": "Exploit written in Python for CVE-2018-15473 with threading and export formats", "fork": false, "created_at": "2018-08-21T00:09:56Z", - "updated_at": "2020-12-29T09:10:21Z", + "updated_at": "2021-01-01T11:31:42Z", "pushed_at": "2020-08-18T00:00:15Z", - "stargazers_count": 428, - "watchers_count": 428, + "stargazers_count": 427, + "watchers_count": 427, "forks_count": 142, "forks": 142, - "watchers": 428, + "watchers": 427, "score": 0 }, { diff --git a/2019/CVE-2019-0192.json b/2019/CVE-2019-0192.json index 3565146336..02d05ee825 100644 --- a/2019/CVE-2019-0192.json +++ b/2019/CVE-2019-0192.json @@ -1,4 +1,27 @@ [ + { + "id": 174814901, + "name": "CVE-2019-0192", + "full_name": "mpgn\/CVE-2019-0192", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-0192", + "description": "RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl", + "fork": false, + "created_at": "2019-03-10T11:35:26Z", + "updated_at": "2020-12-10T09:41:40Z", + "pushed_at": "2019-03-10T18:33:43Z", + "stargazers_count": 210, + "watchers_count": 210, + "forks_count": 61, + "forks": 61, + "watchers": 210, + "score": 0 + }, { "id": 218993619, "name": "Solr-RCE-CVE-2019-0192", diff --git a/2019/CVE-2019-0193.json b/2019/CVE-2019-0193.json index 2debf9eb4b..35eea6b62f 100644 --- a/2019/CVE-2019-0193.json +++ b/2019/CVE-2019-0193.json @@ -1,4 +1,27 @@ [ + { + "id": 176290079, + "name": "CVE-2019-0193", + "full_name": "xConsoIe\/CVE-2019-0193", + "owner": { + "login": "xConsoIe", + "id": 48456709, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/48456709?v=4", + "html_url": "https:\/\/github.com\/xConsoIe" + }, + "html_url": "https:\/\/github.com\/xConsoIe\/CVE-2019-0193", + "description": null, + "fork": false, + "created_at": "2019-03-18T13:18:01Z", + "updated_at": "2020-11-29T10:18:07Z", + "pushed_at": "2019-03-18T13:22:48Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 7, + "forks": 7, + "watchers": 8, + "score": 0 + }, { "id": 201405406, "name": "CVE-2019-0193", diff --git a/2019/CVE-2019-0211.json b/2019/CVE-2019-0211.json new file mode 100644 index 0000000000..89c36ad6f5 --- /dev/null +++ b/2019/CVE-2019-0211.json @@ -0,0 +1,25 @@ +[ + { + "id": 186238849, + "name": "Apache-Exploit-2019", + "full_name": "ozkanbilge\/Apache-Exploit-2019", + "owner": { + "login": "ozkanbilge", + "id": 39211596, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/39211596?v=4", + "html_url": "https:\/\/github.com\/ozkanbilge" + }, + "html_url": "https:\/\/github.com\/ozkanbilge\/Apache-Exploit-2019", + "description": "CVE-2019-0211-apache & CVE-2019-6977-imagecolormatch", + "fork": false, + "created_at": "2019-05-12T10:08:57Z", + "updated_at": "2020-10-28T12:43:15Z", + "pushed_at": "2019-05-12T10:09:35Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 7, + "forks": 7, + "watchers": 11, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0232.json b/2019/CVE-2019-0232.json index f0aa77f181..91c7258e9a 100644 --- a/2019/CVE-2019-0232.json +++ b/2019/CVE-2019-0232.json @@ -22,6 +22,52 @@ "watchers": 178, "score": 0 }, + { + "id": 181706868, + "name": "CVE-2019-0232", + "full_name": "jas502n\/CVE-2019-0232", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-0232", + "description": "Apache Tomcat Remote Code Execution on Windows - CGI-BIN", + "fork": false, + "created_at": "2019-04-16T14:32:03Z", + "updated_at": "2020-12-23T03:59:42Z", + "pushed_at": "2019-04-17T02:42:03Z", + "stargazers_count": 62, + "watchers_count": 62, + "forks_count": 25, + "forks": 25, + "watchers": 62, + "score": 0 + }, + { + "id": 188168912, + "name": "CVE-2019-0232-EXP", + "full_name": "CherishHair\/CVE-2019-0232-EXP", + "owner": { + "login": "CherishHair", + "id": 16273668, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/16273668?v=4", + "html_url": "https:\/\/github.com\/CherishHair" + }, + "html_url": "https:\/\/github.com\/CherishHair\/CVE-2019-0232-EXP", + "description": null, + "fork": false, + "created_at": "2019-05-23T05:44:29Z", + "updated_at": "2019-11-27T11:05:38Z", + "pushed_at": "2019-05-23T13:13:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, { "id": 223192188, "name": "CVE-2019-0232", diff --git a/2019/CVE-2019-0539.json b/2019/CVE-2019-0539.json new file mode 100644 index 0000000000..b51dcba859 --- /dev/null +++ b/2019/CVE-2019-0539.json @@ -0,0 +1,25 @@ +[ + { + "id": 196580913, + "name": "CVE-2019-0539", + "full_name": "0x43434343\/CVE-2019-0539", + "owner": { + "login": "0x43434343", + "id": 28482599, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/28482599?v=4", + "html_url": "https:\/\/github.com\/0x43434343" + }, + "html_url": "https:\/\/github.com\/0x43434343\/CVE-2019-0539", + "description": "R\/W ", + "fork": false, + "created_at": "2019-07-12T13:06:17Z", + "updated_at": "2020-06-15T12:29:01Z", + "pushed_at": "2019-07-12T13:18:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0604.json b/2019/CVE-2019-0604.json index 879fcae0f9..d8936f98f8 100644 --- a/2019/CVE-2019-0604.json +++ b/2019/CVE-2019-0604.json @@ -1,4 +1,50 @@ [ + { + "id": 177246255, + "name": "CVE-2019-0604", + "full_name": "linhlhq\/CVE-2019-0604", + "owner": { + "login": "linhlhq", + "id": 28854132, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/28854132?v=4", + "html_url": "https:\/\/github.com\/linhlhq" + }, + "html_url": "https:\/\/github.com\/linhlhq\/CVE-2019-0604", + "description": "CVE-2019-0604", + "fork": false, + "created_at": "2019-03-23T05:01:54Z", + "updated_at": "2020-11-27T05:27:48Z", + "pushed_at": "2019-03-22T05:45:44Z", + "stargazers_count": 129, + "watchers_count": 129, + "forks_count": 78, + "forks": 78, + "watchers": 129, + "score": 0 + }, + { + "id": 179413290, + "name": "CVE-2019-0604_sharepoint_CVE", + "full_name": "likescam\/CVE-2019-0604_sharepoint_CVE", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2019-0604_sharepoint_CVE", + "description": null, + "fork": false, + "created_at": "2019-04-04T03:17:30Z", + "updated_at": "2019-04-04T03:17:59Z", + "pushed_at": "2019-04-04T03:17:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 3, + "forks": 3, + "watchers": 0, + "score": 0 + }, { "id": 193926769, "name": "CVE-2019-0604", diff --git a/2019/CVE-2019-0678.json b/2019/CVE-2019-0678.json new file mode 100644 index 0000000000..177b3e8348 --- /dev/null +++ b/2019/CVE-2019-0678.json @@ -0,0 +1,25 @@ +[ + { + "id": 197764635, + "name": "CVE-2019-0678", + "full_name": "c0d3G33k\/CVE-2019-0678", + "owner": { + "login": "c0d3G33k", + "id": 16446505, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16446505?v=4", + "html_url": "https:\/\/github.com\/c0d3G33k" + }, + "html_url": "https:\/\/github.com\/c0d3G33k\/CVE-2019-0678", + "description": "Microsoft Edge Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2019-07-19T11:55:32Z", + "updated_at": "2019-07-19T12:15:21Z", + "pushed_at": "2019-07-19T12:15:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index 13101a31e7..d206165d4d 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -1,4 +1,50 @@ [ + { + "id": 186699764, + "name": "CVE-2019-0708-poc", + "full_name": "hook-s3c\/CVE-2019-0708-poc", + "owner": { + "login": "hook-s3c", + "id": 31825993, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/31825993?v=4", + "html_url": "https:\/\/github.com\/hook-s3c" + }, + "html_url": "https:\/\/github.com\/hook-s3c\/CVE-2019-0708-poc", + "description": "proof of concept exploit for Microsoft Windows 7 and Server 2008 RDP vulnerability", + "fork": false, + "created_at": "2019-05-14T21:00:50Z", + "updated_at": "2020-12-04T03:56:20Z", + "pushed_at": "2019-05-15T14:23:11Z", + "stargazers_count": 42, + "watchers_count": 42, + "forks_count": 9, + "forks": 9, + "watchers": 42, + "score": 0 + }, + { + "id": 186705259, + "name": "CVE-2019-0708", + "full_name": "SherlockSec\/CVE-2019-0708", + "owner": { + "login": "SherlockSec", + "id": 37545173, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37545173?v=4", + "html_url": "https:\/\/github.com\/SherlockSec" + }, + "html_url": "https:\/\/github.com\/SherlockSec\/CVE-2019-0708", + "description": "A Win7 RDP exploit", + "fork": false, + "created_at": "2019-05-14T21:47:33Z", + "updated_at": "2020-10-21T01:40:34Z", + "pushed_at": "2019-05-14T21:51:14Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 46, + "forks": 46, + "watchers": 12, + "score": 0 + }, { "id": 186731659, "name": "CVE-2019-0708-PoC", @@ -22,6 +68,167 @@ "watchers": 0, "score": 0 }, + { + "id": 186734186, + "name": "CVE-2019-0708-exploit", + "full_name": "p0p0p0\/CVE-2019-0708-exploit", + "owner": { + "login": "p0p0p0", + "id": 38487045, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/38487045?v=4", + "html_url": "https:\/\/github.com\/p0p0p0" + }, + "html_url": "https:\/\/github.com\/p0p0p0\/CVE-2019-0708-exploit", + "description": "CVE-2019-0708-exploit", + "fork": false, + "created_at": "2019-05-15T02:24:21Z", + "updated_at": "2020-12-10T03:22:14Z", + "pushed_at": "2019-05-15T02:26:46Z", + "stargazers_count": 116, + "watchers_count": 116, + "forks_count": 22, + "forks": 22, + "watchers": 116, + "score": 0 + }, + { + "id": 186738633, + "name": "CVE-2019-0708-Exploit", + "full_name": "rockmelodies\/CVE-2019-0708-Exploit", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/CVE-2019-0708-Exploit", + "description": "Using CVE-2019-0708 to Locally Promote Privileges in Windows 10 System", + "fork": false, + "created_at": "2019-05-15T02:58:04Z", + "updated_at": "2020-09-22T01:55:00Z", + "pushed_at": "2019-05-15T02:51:24Z", + "stargazers_count": 29, + "watchers_count": 29, + "forks_count": 35, + "forks": 35, + "watchers": 29, + "score": 0 + }, + { + "id": 186746847, + "name": "CVE-2019-0708", + "full_name": "matengfei000\/CVE-2019-0708", + "owner": { + "login": "matengfei000", + "id": 5724472, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5724472?v=4", + "html_url": "https:\/\/github.com\/matengfei000" + }, + "html_url": "https:\/\/github.com\/matengfei000\/CVE-2019-0708", + "description": "CVE-2019-0708 exp", + "fork": false, + "created_at": "2019-05-15T04:05:07Z", + "updated_at": "2019-07-09T21:55:13Z", + "pushed_at": "2019-05-15T08:29:38Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 1, + "forks": 1, + "watchers": 8, + "score": 0 + }, + { + "id": 186769422, + "name": "Dark-Network-CVE-2019-0708", + "full_name": "xiyangzuishuai\/Dark-Network-CVE-2019-0708", + "owner": { + "login": "xiyangzuishuai", + "id": 50652254, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50652254?v=4", + "html_url": "https:\/\/github.com\/xiyangzuishuai" + }, + "html_url": "https:\/\/github.com\/xiyangzuishuai\/Dark-Network-CVE-2019-0708", + "description": "Dark Net Sunset New Release CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T07:09:24Z", + "updated_at": "2019-05-15T07:09:24Z", + "pushed_at": "2019-05-15T07:09:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 186771926, + "name": "CVE-2019-0708", + "full_name": "temp-user-2014\/CVE-2019-0708", + "owner": { + "login": "temp-user-2014", + "id": 20980272, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20980272?v=4", + "html_url": "https:\/\/github.com\/temp-user-2014" + }, + "html_url": "https:\/\/github.com\/temp-user-2014\/CVE-2019-0708", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T07:24:34Z", + "updated_at": "2019-05-15T07:32:17Z", + "pushed_at": "2019-05-15T07:32:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 186793386, + "name": "CVE-2019-0708", + "full_name": "areusecure\/CVE-2019-0708", + "owner": { + "login": "areusecure", + "id": 6128864, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/6128864?v=4", + "html_url": "https:\/\/github.com\/areusecure" + }, + "html_url": "https:\/\/github.com\/areusecure\/CVE-2019-0708", + "description": "Proof of concept exploit for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T09:25:04Z", + "updated_at": "2019-07-02T14:34:05Z", + "pushed_at": "2019-05-15T09:25:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 186794712, + "name": "cve-2019-0708-2", + "full_name": "pry0cc\/cve-2019-0708-2", + "owner": { + "login": "pry0cc", + "id": 4334403, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4334403?v=4", + "html_url": "https:\/\/github.com\/pry0cc" + }, + "html_url": "https:\/\/github.com\/pry0cc\/cve-2019-0708-2", + "description": "Testing my new bot out", + "fork": false, + "created_at": "2019-05-15T09:32:28Z", + "updated_at": "2020-06-16T14:40:08Z", + "pushed_at": "2019-05-15T14:55:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + }, { "id": 186836054, "name": "CVE-2019-0708-EXPloit", @@ -45,6 +252,29 @@ "watchers": 1, "score": 0 }, + { + "id": 186838257, + "name": "CVE-2019-0708-EXPloit-3389", + "full_name": "sbkcbig\/CVE-2019-0708-EXPloit-3389", + "owner": { + "login": "sbkcbig", + "id": 50097122, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50097122?v=4", + "html_url": "https:\/\/github.com\/sbkcbig" + }, + "html_url": "https:\/\/github.com\/sbkcbig\/CVE-2019-0708-EXPloit-3389", + "description": "EXPloit-poc: https:\/\/pan.baidu.com\/s\/184gN1tJVIOYqOjaezM_VsA 提取码:e2k8", + "fork": false, + "created_at": "2019-05-15T14:00:38Z", + "updated_at": "2019-05-16T02:41:17Z", + "pushed_at": "2019-05-15T14:08:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 186840820, "name": "MS_T120", @@ -68,6 +298,29 @@ "watchers": 1, "score": 0 }, + { + "id": 186849775, + "name": "CVE-2019-0708", + "full_name": "k8gege\/CVE-2019-0708", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege" + }, + "html_url": "https:\/\/github.com\/k8gege\/CVE-2019-0708", + "description": "3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)", + "fork": false, + "created_at": "2019-05-15T15:01:38Z", + "updated_at": "2020-12-29T08:05:31Z", + "pushed_at": "2019-06-13T13:07:03Z", + "stargazers_count": 346, + "watchers_count": 346, + "forks_count": 191, + "forks": 191, + "watchers": 346, + "score": 0 + }, { "id": 186851202, "name": "RDS_CVE-2019-0708", @@ -91,6 +344,52 @@ "watchers": 0, "score": 0 }, + { + "id": 186854844, + "name": "CVE-2019-0708", + "full_name": "jiansiting\/CVE-2019-0708", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-0708", + "description": "RDP POC", + "fork": false, + "created_at": "2019-05-15T15:29:05Z", + "updated_at": "2020-02-10T11:52:30Z", + "pushed_at": "2019-06-01T04:12:19Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 14, + "forks": 14, + "watchers": 18, + "score": 0 + }, + { + "id": 186863422, + "name": "CVE-2019-0708", + "full_name": "NullByteSuiteDevs\/CVE-2019-0708", + "owner": { + "login": "NullByteSuiteDevs", + "id": 15307246, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15307246?v=4", + "html_url": "https:\/\/github.com\/NullByteSuiteDevs" + }, + "html_url": "https:\/\/github.com\/NullByteSuiteDevs\/CVE-2019-0708", + "description": "PoC exploit for BlueKeep (CVE-2019-0708)", + "fork": false, + "created_at": "2019-05-15T16:22:02Z", + "updated_at": "2020-05-15T03:25:45Z", + "pushed_at": "2019-05-15T16:24:12Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 3, + "forks": 3, + "watchers": 6, + "score": 0 + }, { "id": 186865180, "name": "CVE-2019-0708", @@ -137,6 +436,29 @@ "watchers": 0, "score": 0 }, + { + "id": 186877745, + "name": "CVE-2019-0708", + "full_name": "blacksunwen\/CVE-2019-0708", + "owner": { + "login": "blacksunwen", + "id": 26432151, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26432151?v=4", + "html_url": "https:\/\/github.com\/blacksunwen" + }, + "html_url": "https:\/\/github.com\/blacksunwen\/CVE-2019-0708", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T17:56:22Z", + "updated_at": "2020-05-15T03:25:41Z", + "pushed_at": "2019-05-29T10:17:16Z", + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 10, + "forks": 10, + "watchers": 21, + "score": 0 + }, { "id": 186887802, "name": "CVE-2019-0708", @@ -160,6 +482,52 @@ "watchers": 1, "score": 0 }, + { + "id": 186893561, + "name": "CVE-2019-0708", + "full_name": "n0auth\/CVE-2019-0708", + "owner": { + "login": "n0auth", + "id": 50678852, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50678852?v=4", + "html_url": "https:\/\/github.com\/n0auth" + }, + "html_url": "https:\/\/github.com\/n0auth\/CVE-2019-0708", + "description": "Totally legitimate", + "fork": false, + "created_at": "2019-05-15T19:53:34Z", + "updated_at": "2020-01-11T19:07:22Z", + "pushed_at": "2019-05-15T20:14:13Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 12, + "forks": 12, + "watchers": 11, + "score": 0 + }, + { + "id": 186895051, + "name": "CVE-2019-0708", + "full_name": "gildaaa\/CVE-2019-0708", + "owner": { + "login": "gildaaa", + "id": 46685831, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/46685831?v=4", + "html_url": "https:\/\/github.com\/gildaaa" + }, + "html_url": "https:\/\/github.com\/gildaaa\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-15T20:04:23Z", + "updated_at": "2019-05-16T06:13:19Z", + "pushed_at": "2019-05-15T20:05:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 186897948, "name": "CVE-2019-0708-Poc-exploit", @@ -183,6 +551,144 @@ "watchers": 0, "score": 0 }, + { + "id": 186908816, + "name": "CVE-2019-0708", + "full_name": "HackerJ0e\/CVE-2019-0708", + "owner": { + "login": "HackerJ0e", + "id": 19658269, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/19658269?v=4", + "html_url": "https:\/\/github.com\/HackerJ0e" + }, + "html_url": "https:\/\/github.com\/HackerJ0e\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-15T22:03:28Z", + "updated_at": "2019-05-15T22:09:37Z", + "pushed_at": "2019-05-15T22:09:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 186922161, + "name": "CVE-2019-0708", + "full_name": "syriusbughunt\/CVE-2019-0708", + "owner": { + "login": "syriusbughunt", + "id": 45476916, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/45476916?v=4", + "html_url": "https:\/\/github.com\/syriusbughunt" + }, + "html_url": "https:\/\/github.com\/syriusbughunt\/CVE-2019-0708", + "description": "PoC about CVE-2019-0708 (RDP; Windows 7, Windows Server 2003, Windows Server 2008) ", + "fork": false, + "created_at": "2019-05-16T00:34:23Z", + "updated_at": "2020-12-22T07:12:52Z", + "pushed_at": "2019-05-16T02:12:17Z", + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 11, + "forks": 11, + "watchers": 41, + "score": 0 + }, + { + "id": 186923282, + "name": "CVE-2019-0708", + "full_name": "Barry-McCockiner\/CVE-2019-0708", + "owner": { + "login": "Barry-McCockiner", + "id": 50684175, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/50684175?v=4", + "html_url": "https:\/\/github.com\/Barry-McCockiner" + }, + "html_url": "https:\/\/github.com\/Barry-McCockiner\/CVE-2019-0708", + "description": "A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.", + "fork": false, + "created_at": "2019-05-16T00:45:55Z", + "updated_at": "2019-05-16T00:52:52Z", + "pushed_at": "2019-05-16T00:52:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 186924355, + "name": "CVE-2019-0708", + "full_name": "ShadowBrokers-ExploitLeak\/CVE-2019-0708", + "owner": { + "login": "ShadowBrokers-ExploitLeak", + "id": 50684502, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/50684502?v=4", + "html_url": "https:\/\/github.com\/ShadowBrokers-ExploitLeak" + }, + "html_url": "https:\/\/github.com\/ShadowBrokers-ExploitLeak\/CVE-2019-0708", + "description": "A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.", + "fork": false, + "created_at": "2019-05-16T00:56:58Z", + "updated_at": "2019-06-03T05:04:19Z", + "pushed_at": "2019-05-16T01:00:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 187001080, + "name": "CVE-2019-0708", + "full_name": "safly\/CVE-2019-0708", + "owner": { + "login": "safly", + "id": 10373139, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10373139?v=4", + "html_url": "https:\/\/github.com\/safly" + }, + "html_url": "https:\/\/github.com\/safly\/CVE-2019-0708", + "description": "CVE-2019-0708 demo", + "fork": false, + "created_at": "2019-05-16T09:55:25Z", + "updated_at": "2019-05-22T06:17:03Z", + "pushed_at": "2019-05-16T04:25:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187032294, + "name": "cve-2019-0708-exp", + "full_name": "Jaky5155\/cve-2019-0708-exp", + "owner": { + "login": "Jaky5155", + "id": 47801640, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/47801640?v=4", + "html_url": "https:\/\/github.com\/Jaky5155" + }, + "html_url": "https:\/\/github.com\/Jaky5155\/cve-2019-0708-exp", + "description": null, + "fork": false, + "created_at": "2019-05-16T13:21:02Z", + "updated_at": "2020-04-05T08:55:16Z", + "pushed_at": "2019-05-22T04:24:58Z", + "stargazers_count": 30, + "watchers_count": 30, + "forks_count": 24, + "forks": 24, + "watchers": 30, + "score": 0 + }, { "id": 187057686, "name": "CVE-2019-0708-Check-Device-Patch-Status", @@ -206,6 +712,98 @@ "watchers": 19, "score": 0 }, + { + "id": 187063902, + "name": "CVE-2019-0708", + "full_name": "303sec\/CVE-2019-0708", + "owner": { + "login": "303sec", + "id": 39656643, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/39656643?v=4", + "html_url": "https:\/\/github.com\/303sec" + }, + "html_url": "https:\/\/github.com\/303sec\/CVE-2019-0708", + "description": "POC for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-16T16:26:30Z", + "updated_at": "2019-05-18T04:43:06Z", + "pushed_at": "2019-05-17T08:34:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187097173, + "name": "CVE-2019-0708-POC", + "full_name": "f8al\/CVE-2019-0708-POC", + "owner": { + "login": "f8al", + "id": 7221183, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/7221183?v=4", + "html_url": "https:\/\/github.com\/f8al" + }, + "html_url": "https:\/\/github.com\/f8al\/CVE-2019-0708-POC", + "description": "PoC for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-16T20:30:36Z", + "updated_at": "2020-03-25T06:15:05Z", + "pushed_at": "2019-05-28T22:20:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 187139993, + "name": "CVE-2019-0708", + "full_name": "blockchainguard\/CVE-2019-0708", + "owner": { + "login": "blockchainguard", + "id": 43979150, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/43979150?v=4", + "html_url": "https:\/\/github.com\/blockchainguard" + }, + "html_url": "https:\/\/github.com\/blockchainguard\/CVE-2019-0708", + "description": "CVE-2019-0708漏洞MSF批量巡检插件", + "fork": false, + "created_at": "2019-05-17T03:25:42Z", + "updated_at": "2019-08-09T02:10:48Z", + "pushed_at": "2019-05-23T04:21:09Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "forks": 2, + "watchers": 4, + "score": 0 + }, + { + "id": 187151227, + "name": "CVE-2019-0708", + "full_name": "haoge8090\/CVE-2019-0708", + "owner": { + "login": "haoge8090", + "id": 37906481, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/37906481?v=4", + "html_url": "https:\/\/github.com\/haoge8090" + }, + "html_url": "https:\/\/github.com\/haoge8090\/CVE-2019-0708", + "description": "CVE-2019-0708 Exploit", + "fork": false, + "created_at": "2019-05-17T05:19:32Z", + "updated_at": "2020-06-09T14:59:39Z", + "pushed_at": "2019-05-18T12:03:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, { "id": 187297714, "name": "CVE-2019-0708", @@ -229,6 +827,121 @@ "watchers": 0, "score": 0 }, + { + "id": 187538824, + "name": "CVE-2019-0708-PoC-Hitting-Path", + "full_name": "skyshell20082008\/CVE-2019-0708-PoC-Hitting-Path", + "owner": { + "login": "skyshell20082008", + "id": 32186292, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/32186292?v=4", + "html_url": "https:\/\/github.com\/skyshell20082008" + }, + "html_url": "https:\/\/github.com\/skyshell20082008\/CVE-2019-0708-PoC-Hitting-Path", + "description": "It's only hitting vulnerable path in termdd.sys!!! NOT DOS", + "fork": false, + "created_at": "2019-05-19T23:32:34Z", + "updated_at": "2020-04-01T13:37:05Z", + "pushed_at": "2019-05-19T17:47:28Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 109, + "forks": 109, + "watchers": 13, + "score": 0 + }, + { + "id": 187567229, + "name": "CVE-2019-0708-", + "full_name": "ttsite\/CVE-2019-0708-", + "owner": { + "login": "ttsite", + "id": 43260559, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43260559?v=4", + "html_url": "https:\/\/github.com\/ttsite" + }, + "html_url": "https:\/\/github.com\/ttsite\/CVE-2019-0708-", + "description": "Announces fraud", + "fork": false, + "created_at": "2019-05-20T04:23:58Z", + "updated_at": "2019-06-11T14:50:34Z", + "pushed_at": "2019-06-11T14:50:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 187758878, + "name": "CVE-2019-0708", + "full_name": "ttsite\/CVE-2019-0708", + "owner": { + "login": "ttsite", + "id": 43260559, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43260559?v=4", + "html_url": "https:\/\/github.com\/ttsite" + }, + "html_url": "https:\/\/github.com\/ttsite\/CVE-2019-0708", + "description": "Report fraud", + "fork": false, + "created_at": "2019-05-21T04:00:49Z", + "updated_at": "2019-07-04T09:25:15Z", + "pushed_at": "2019-07-04T09:25:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 187768807, + "name": "CVE-2019-0708-poc", + "full_name": "biggerwing\/CVE-2019-0708-poc", + "owner": { + "login": "biggerwing", + "id": 23331519, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/23331519?v=4", + "html_url": "https:\/\/github.com\/biggerwing" + }, + "html_url": "https:\/\/github.com\/biggerwing\/CVE-2019-0708-poc", + "description": "CVE-2019-0708 远程代码执行漏洞批量检测", + "fork": false, + "created_at": "2019-05-21T05:38:54Z", + "updated_at": "2020-12-07T02:20:01Z", + "pushed_at": "2019-05-30T02:43:06Z", + "stargazers_count": 78, + "watchers_count": 78, + "forks_count": 29, + "forks": 29, + "watchers": 78, + "score": 0 + }, + { + "id": 187779603, + "name": "CVE-2019-0708", + "full_name": "n1xbyte\/CVE-2019-0708", + "owner": { + "login": "n1xbyte", + "id": 18420902, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/18420902?v=4", + "html_url": "https:\/\/github.com\/n1xbyte" + }, + "html_url": "https:\/\/github.com\/n1xbyte\/CVE-2019-0708", + "description": "dump", + "fork": false, + "created_at": "2019-05-21T06:57:19Z", + "updated_at": "2020-12-29T06:51:10Z", + "pushed_at": "2019-06-01T05:15:11Z", + "stargazers_count": 467, + "watchers_count": 467, + "forks_count": 189, + "forks": 189, + "watchers": 467, + "score": 0 + }, { "id": 187788453, "name": "CVE-2019-0708", @@ -252,6 +965,52 @@ "watchers": 0, "score": 0 }, + { + "id": 187816400, + "name": "CVE-2019-0708-POC", + "full_name": "edvacco\/CVE-2019-0708-POC", + "owner": { + "login": "edvacco", + "id": 29772843, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/29772843?v=4", + "html_url": "https:\/\/github.com\/edvacco" + }, + "html_url": "https:\/\/github.com\/edvacco\/CVE-2019-0708-POC", + "description": "根据360的程序,整的CVE-2019-0708批量检测", + "fork": false, + "created_at": "2019-05-21T10:34:21Z", + "updated_at": "2019-06-12T12:53:47Z", + "pushed_at": "2019-05-21T07:51:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 8, + "forks": 8, + "watchers": 0, + "score": 0 + }, + { + "id": 187824958, + "name": "BlueKeepTracker", + "full_name": "pry0cc\/BlueKeepTracker", + "owner": { + "login": "pry0cc", + "id": 4334403, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/4334403?v=4", + "html_url": "https:\/\/github.com\/pry0cc" + }, + "html_url": "https:\/\/github.com\/pry0cc\/BlueKeepTracker", + "description": "My bot (badly written) to search and monitor cve-2019-0708 repositories ", + "fork": false, + "created_at": "2019-05-21T11:37:00Z", + "updated_at": "2020-06-16T14:40:00Z", + "pushed_at": "2019-05-21T11:38:10Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 2, + "forks": 2, + "watchers": 6, + "score": 0 + }, { "id": 187840993, "name": "CVE-2019-0708-win7", @@ -321,6 +1080,75 @@ "watchers": 1, "score": 0 }, + { + "id": 187967704, + "name": "rdp0708scanner", + "full_name": "l9c\/rdp0708scanner", + "owner": { + "login": "l9c", + "id": 16722567, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16722567?v=4", + "html_url": "https:\/\/github.com\/l9c" + }, + "html_url": "https:\/\/github.com\/l9c\/rdp0708scanner", + "description": "cve-2019-0708 vulnerablility scanner", + "fork": false, + "created_at": "2019-05-22T05:18:18Z", + "updated_at": "2020-01-19T23:34:36Z", + "pushed_at": "2019-05-22T06:06:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 187990368, + "name": "cve-2019-0708-scan", + "full_name": "major203\/cve-2019-0708-scan", + "owner": { + "login": "major203", + "id": 7425945, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/7425945?v=4", + "html_url": "https:\/\/github.com\/major203" + }, + "html_url": "https:\/\/github.com\/major203\/cve-2019-0708-scan", + "description": null, + "fork": false, + "created_at": "2019-05-22T07:53:50Z", + "updated_at": "2020-01-10T08:22:05Z", + "pushed_at": "2019-05-27T09:36:00Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 1, + "forks": 1, + "watchers": 5, + "score": 0 + }, + { + "id": 188186570, + "name": "Check-vuln-CVE-2019-0708", + "full_name": "SugiB3o\/Check-vuln-CVE-2019-0708", + "owner": { + "login": "SugiB3o", + "id": 24741216, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/24741216?v=4", + "html_url": "https:\/\/github.com\/SugiB3o" + }, + "html_url": "https:\/\/github.com\/SugiB3o\/Check-vuln-CVE-2019-0708", + "description": "Check vuln CVE 2019-0708", + "fork": false, + "created_at": "2019-05-23T07:47:29Z", + "updated_at": "2020-11-16T09:53:37Z", + "pushed_at": "2019-05-23T07:54:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, { "id": 188244264, "name": "CVE-2019-0708", @@ -344,6 +1172,121 @@ "watchers": 15, "score": 0 }, + { + "id": 188257373, + "name": "CVE-2019-0708-Tool", + "full_name": "adalenv\/CVE-2019-0708-Tool", + "owner": { + "login": "adalenv", + "id": 7238874, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/7238874?v=4", + "html_url": "https:\/\/github.com\/adalenv" + }, + "html_url": "https:\/\/github.com\/adalenv\/CVE-2019-0708-Tool", + "description": "A social experiment", + "fork": false, + "created_at": "2019-05-23T15:08:30Z", + "updated_at": "2020-10-21T22:16:59Z", + "pushed_at": "2019-05-29T17:12:33Z", + "stargazers_count": 87, + "watchers_count": 87, + "forks_count": 12, + "forks": 12, + "watchers": 87, + "score": 0 + }, + { + "id": 188274849, + "name": "CVE-2019-0708-POC", + "full_name": "smallFunction\/CVE-2019-0708-POC", + "owner": { + "login": "smallFunction", + "id": 50961833, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50961833?v=4", + "html_url": "https:\/\/github.com\/smallFunction" + }, + "html_url": "https:\/\/github.com\/smallFunction\/CVE-2019-0708-POC", + "description": "Working proof of concept for CVE-2019-0708, spawns remote shell.", + "fork": false, + "created_at": "2019-05-23T17:02:00Z", + "updated_at": "2019-08-17T15:27:52Z", + "pushed_at": "2019-05-23T17:02:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 22, + "forks": 22, + "watchers": 0, + "score": 0 + }, + { + "id": 188287755, + "name": "CVE-2019-0708-PoC-Exploit", + "full_name": "freeide\/CVE-2019-0708-PoC-Exploit", + "owner": { + "login": "freeide", + "id": 33774184, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/33774184?v=4", + "html_url": "https:\/\/github.com\/freeide" + }, + "html_url": "https:\/\/github.com\/freeide\/CVE-2019-0708-PoC-Exploit", + "description": "CVE-2019-0708 PoC Exploit", + "fork": false, + "created_at": "2019-05-23T18:37:27Z", + "updated_at": "2020-01-25T02:16:54Z", + "pushed_at": "2019-05-23T15:56:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 188316989, + "name": "rdpscan", + "full_name": "robertdavidgraham\/rdpscan", + "owner": { + "login": "robertdavidgraham", + "id": 3814757, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3814757?v=4", + "html_url": "https:\/\/github.com\/robertdavidgraham" + }, + "html_url": "https:\/\/github.com\/robertdavidgraham\/rdpscan", + "description": "A quick scanner for the CVE-2019-0708 \"BlueKeep\" vulnerability.", + "fork": false, + "created_at": "2019-05-23T22:50:12Z", + "updated_at": "2021-01-01T11:19:06Z", + "pushed_at": "2019-06-22T21:48:45Z", + "stargazers_count": 784, + "watchers_count": 784, + "forks_count": 192, + "forks": 192, + "watchers": 784, + "score": 0 + }, + { + "id": 188376138, + "name": "CVE-2019-0708-POC", + "full_name": "closethe\/CVE-2019-0708-POC", + "owner": { + "login": "closethe", + "id": 8065436, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8065436?v=4", + "html_url": "https:\/\/github.com\/closethe" + }, + "html_url": "https:\/\/github.com\/closethe\/CVE-2019-0708-POC", + "description": "cve-2019-0708 poc .", + "fork": false, + "created_at": "2019-05-24T07:40:05Z", + "updated_at": "2019-05-26T22:24:19Z", + "pushed_at": "2019-05-24T09:03:16Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 6, + "forks": 6, + "watchers": 12, + "score": 0 + }, { "id": 188781634, "name": "Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit", @@ -367,6 +1310,98 @@ "watchers": 0, "score": 0 }, + { + "id": 188842935, + "name": "bluekeepscan", + "full_name": "Rostelecom-CERT\/bluekeepscan", + "owner": { + "login": "Rostelecom-CERT", + "id": 36195291, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/36195291?v=4", + "html_url": "https:\/\/github.com\/Rostelecom-CERT" + }, + "html_url": "https:\/\/github.com\/Rostelecom-CERT\/bluekeepscan", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-27T12:52:11Z", + "updated_at": "2020-03-25T05:25:43Z", + "pushed_at": "2019-05-27T12:58:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + }, + { + "id": 188939031, + "name": "CVE-2019-0708", + "full_name": "Leoid\/CVE-2019-0708", + "owner": { + "login": "Leoid", + "id": 19527552, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/19527552?v=4", + "html_url": "https:\/\/github.com\/Leoid" + }, + "html_url": "https:\/\/github.com\/Leoid\/CVE-2019-0708", + "description": "Only Hitting PoC [Tested on Windows Server 2008 r2]", + "fork": false, + "created_at": "2019-05-28T02:25:21Z", + "updated_at": "2020-12-18T03:48:34Z", + "pushed_at": "2019-05-28T02:46:19Z", + "stargazers_count": 114, + "watchers_count": 114, + "forks_count": 39, + "forks": 39, + "watchers": 114, + "score": 0 + }, + { + "id": 189061944, + "name": "CVE-2019-0708Poc-BatchScanning", + "full_name": "ht0Ruial\/CVE-2019-0708Poc-BatchScanning", + "owner": { + "login": "ht0Ruial", + "id": 44924427, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/44924427?v=4", + "html_url": "https:\/\/github.com\/ht0Ruial" + }, + "html_url": "https:\/\/github.com\/ht0Ruial\/CVE-2019-0708Poc-BatchScanning", + "description": "基于360公开的无损检测工具的可直接在windows上运行的批量检测程序", + "fork": false, + "created_at": "2019-05-28T16:09:10Z", + "updated_at": "2019-10-20T18:29:55Z", + "pushed_at": "2019-05-28T17:16:24Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, + { + "id": 189126322, + "name": "BlueKeep", + "full_name": "oneoy\/BlueKeep", + "owner": { + "login": "oneoy", + "id": 38435398, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/38435398?v=4", + "html_url": "https:\/\/github.com\/oneoy" + }, + "html_url": "https:\/\/github.com\/oneoy\/BlueKeep", + "description": "CVE-2019-0708 bluekeep 漏洞检测", + "fork": false, + "created_at": "2019-05-29T01:08:55Z", + "updated_at": "2020-10-21T22:17:00Z", + "pushed_at": "2019-05-29T01:09:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, { "id": 189158834, "name": "CVE-2019-0708", @@ -436,6 +1471,52 @@ "watchers": 1053, "score": 0 }, + { + "id": 189380582, + "name": "CVE-2019-0708", + "full_name": "UraSecTeam\/CVE-2019-0708", + "owner": { + "login": "UraSecTeam", + "id": 23280827, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/23280827?v=4", + "html_url": "https:\/\/github.com\/UraSecTeam" + }, + "html_url": "https:\/\/github.com\/UraSecTeam\/CVE-2019-0708", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-30T08:59:49Z", + "updated_at": "2019-05-30T18:05:14Z", + "pushed_at": "2019-05-30T18:05:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 189422199, + "name": "rdpscan-BlueKeep", + "full_name": "Gh0st0ne\/rdpscan-BlueKeep", + "owner": { + "login": "Gh0st0ne", + "id": 47971115, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/47971115?v=4", + "html_url": "https:\/\/github.com\/Gh0st0ne" + }, + "html_url": "https:\/\/github.com\/Gh0st0ne\/rdpscan-BlueKeep", + "description": "A quick scanner for the CVE-2019-0708 \"BlueKeep\" vulnerability. ", + "fork": false, + "created_at": "2019-05-30T13:50:32Z", + "updated_at": "2020-03-25T05:24:18Z", + "pushed_at": "2019-05-30T13:51:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, { "id": 189498490, "name": "bluekeep_CVE-2019-0708_poc_to_exploit", @@ -482,6 +1563,144 @@ "watchers": 0, "score": 0 }, + { + "id": 189549701, + "name": "CVE-2019-0708", + "full_name": "shun-gg\/CVE-2019-0708", + "owner": { + "login": "shun-gg", + "id": 50439612, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/50439612?v=4", + "html_url": "https:\/\/github.com\/shun-gg" + }, + "html_url": "https:\/\/github.com\/shun-gg\/CVE-2019-0708", + "description": "蓝屏poc", + "fork": false, + "created_at": "2019-05-31T07:35:26Z", + "updated_at": "2020-06-05T14:26:10Z", + "pushed_at": "2019-05-31T08:02:54Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + }, + { + "id": 189571928, + "name": "CVE-2019-0708", + "full_name": "AdministratorGithub\/CVE-2019-0708", + "owner": { + "login": "AdministratorGithub", + "id": 19834937, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19834937?v=4", + "html_url": "https:\/\/github.com\/AdministratorGithub" + }, + "html_url": "https:\/\/github.com\/AdministratorGithub\/CVE-2019-0708", + "description": "CVE-2019-0708批量蓝屏恶搞", + "fork": false, + "created_at": "2019-05-31T09:59:30Z", + "updated_at": "2019-07-09T09:33:49Z", + "pushed_at": "2019-07-09T09:33:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 189634467, + "name": "CVE-2019-0708", + "full_name": "umarfarook882\/CVE-2019-0708", + "owner": { + "login": "umarfarook882", + "id": 22318677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22318677?v=4", + "html_url": "https:\/\/github.com\/umarfarook882" + }, + "html_url": "https:\/\/github.com\/umarfarook882\/CVE-2019-0708", + "description": "CVE-2019-0708 - BlueKeep (RDP)", + "fork": false, + "created_at": "2019-05-31T17:37:26Z", + "updated_at": "2020-05-15T03:25:13Z", + "pushed_at": "2020-06-14T18:43:51Z", + "stargazers_count": 39, + "watchers_count": 39, + "forks_count": 12, + "forks": 12, + "watchers": 39, + "score": 0 + }, + { + "id": 189959275, + "name": "detect_bluekeep.py", + "full_name": "HynekPetrak\/detect_bluekeep.py", + "owner": { + "login": "HynekPetrak", + "id": 8593983, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8593983?v=4", + "html_url": "https:\/\/github.com\/HynekPetrak" + }, + "html_url": "https:\/\/github.com\/HynekPetrak\/detect_bluekeep.py", + "description": "Python script to detect bluekeep vulnerability (CVE-2019-0708) with TLS\/SSL and x509 support", + "fork": false, + "created_at": "2019-06-03T07:49:26Z", + "updated_at": "2020-07-23T00:05:33Z", + "pushed_at": "2019-06-12T08:48:17Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 6, + "forks": 6, + "watchers": 19, + "score": 0 + }, + { + "id": 190510027, + "name": "CVE-2019-0708-Batch-Blue-Screen", + "full_name": "Wileysec\/CVE-2019-0708-Batch-Blue-Screen", + "owner": { + "login": "Wileysec", + "id": 33207361, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33207361?v=4", + "html_url": "https:\/\/github.com\/Wileysec" + }, + "html_url": "https:\/\/github.com\/Wileysec\/CVE-2019-0708-Batch-Blue-Screen", + "description": "改写某大佬写的0708蓝屏脚本 改为网段批量蓝屏", + "fork": false, + "created_at": "2019-06-06T03:49:26Z", + "updated_at": "2019-06-13T16:56:58Z", + "pushed_at": "2019-06-06T03:57:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 191301322, + "name": "CVE-2019-0708", + "full_name": "Pa55w0rd\/CVE-2019-0708", + "owner": { + "login": "Pa55w0rd", + "id": 16274549, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16274549?v=4", + "html_url": "https:\/\/github.com\/Pa55w0rd" + }, + "html_url": "https:\/\/github.com\/Pa55w0rd\/CVE-2019-0708", + "description": "CVE-2019-0708批量检测", + "fork": false, + "created_at": "2019-06-11T05:38:26Z", + "updated_at": "2020-12-06T10:24:24Z", + "pushed_at": "2019-06-11T06:40:41Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 2, + "forks": 2, + "watchers": 11, + "score": 0 + }, { "id": 191340467, "name": "CVE-2019-0708-PoC", @@ -505,6 +1724,98 @@ "watchers": 15, "score": 0 }, + { + "id": 191491863, + "name": "CVE-2019-0708-Msf--", + "full_name": "cream-sec\/CVE-2019-0708-Msf--", + "owner": { + "login": "cream-sec", + "id": 29266660, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29266660?v=4", + "html_url": "https:\/\/github.com\/cream-sec" + }, + "html_url": "https:\/\/github.com\/cream-sec\/CVE-2019-0708-Msf--", + "description": "CVE-2019-0708-Msf-验证", + "fork": false, + "created_at": "2019-06-12T03:37:39Z", + "updated_at": "2019-06-12T03:40:17Z", + "pushed_at": "2019-06-12T03:38:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 192833438, + "name": "CVE-2019-0708", + "full_name": "wdfcc\/CVE-2019-0708", + "owner": { + "login": "wdfcc", + "id": 14845586, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/14845586?v=4", + "html_url": "https:\/\/github.com\/wdfcc" + }, + "html_url": "https:\/\/github.com\/wdfcc\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-06-20T02:19:17Z", + "updated_at": "2019-06-20T02:26:29Z", + "pushed_at": "2019-06-20T02:26:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 193537193, + "name": "cve-2019-0708", + "full_name": "cvencoder\/cve-2019-0708", + "owner": { + "login": "cvencoder", + "id": 52171059, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/52171059?v=4", + "html_url": "https:\/\/github.com\/cvencoder" + }, + "html_url": "https:\/\/github.com\/cvencoder\/cve-2019-0708", + "description": "POC CVE-2019-0708 with python script!", + "fork": false, + "created_at": "2019-06-24T16:03:08Z", + "updated_at": "2019-07-28T09:20:55Z", + "pushed_at": "2019-06-24T16:03:58Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 0, + "forks": 0, + "watchers": 14, + "score": 0 + }, + { + "id": 195150954, + "name": "CVE-2019-0708-exp", + "full_name": "ze0r\/CVE-2019-0708-exp", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r" + }, + "html_url": "https:\/\/github.com\/ze0r\/CVE-2019-0708-exp", + "description": null, + "fork": false, + "created_at": "2019-07-04T01:49:22Z", + "updated_at": "2020-12-23T12:17:19Z", + "pushed_at": "2019-07-25T07:31:57Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 4, + "forks": 4, + "watchers": 12, + "score": 0 + }, { "id": 196871345, "name": "cve-2019-0708", @@ -528,6 +1839,29 @@ "watchers": 21, "score": 0 }, + { + "id": 197547695, + "name": "cve-2019-0708", + "full_name": "cve-2019-0708-poc\/cve-2019-0708", + "owner": { + "login": "cve-2019-0708-poc", + "id": 53038783, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/53038783?v=4", + "html_url": "https:\/\/github.com\/cve-2019-0708-poc" + }, + "html_url": "https:\/\/github.com\/cve-2019-0708-poc\/cve-2019-0708", + "description": "CVE-2019-0708 Exploit Tool", + "fork": false, + "created_at": "2019-07-18T08:41:01Z", + "updated_at": "2019-08-29T04:15:45Z", + "pushed_at": "2019-07-18T08:44:51Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 0, + "forks": 0, + "watchers": 18, + "score": 0 + }, { "id": 197655376, "name": "CVE-2019-0708", @@ -574,6 +1908,29 @@ "watchers": 283, "score": 0 }, + { + "id": 198731225, + "name": "CVE-2019-0708", + "full_name": "ntkernel0\/CVE-2019-0708", + "owner": { + "login": "ntkernel0", + "id": 46866847, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/46866847?v=4", + "html_url": "https:\/\/github.com\/ntkernel0" + }, + "html_url": "https:\/\/github.com\/ntkernel0\/CVE-2019-0708", + "description": "收集网上CVE-2018-0708的poc和exp(目前没有找到exp)", + "fork": false, + "created_at": "2019-07-25T01:05:21Z", + "updated_at": "2019-12-07T02:05:23Z", + "pushed_at": "2019-07-25T01:03:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 202911823, "name": "Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-", diff --git a/2019/CVE-2019-0709.json b/2019/CVE-2019-0709.json new file mode 100644 index 0000000000..9c0297ff22 --- /dev/null +++ b/2019/CVE-2019-0709.json @@ -0,0 +1,48 @@ +[ + { + "id": 189502228, + "name": "CVE-2019-0709", + "full_name": "YHZX2013\/CVE-2019-0709", + "owner": { + "login": "YHZX2013", + "id": 17893549, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17893549?v=4", + "html_url": "https:\/\/github.com\/YHZX2013" + }, + "html_url": "https:\/\/github.com\/YHZX2013\/CVE-2019-0709", + "description": "CVE-2019-0708 Exploit using Python", + "fork": false, + "created_at": "2019-05-31T00:48:49Z", + "updated_at": "2020-11-03T10:44:32Z", + "pushed_at": "2019-05-30T22:52:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 189527128, + "name": "CVE-2019-0709", + "full_name": "qq431169079\/CVE-2019-0709", + "owner": { + "login": "qq431169079", + "id": 42376039, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/42376039?v=4", + "html_url": "https:\/\/github.com\/qq431169079" + }, + "html_url": "https:\/\/github.com\/qq431169079\/CVE-2019-0709", + "description": "Exploit In Progress", + "fork": false, + "created_at": "2019-05-31T04:23:39Z", + "updated_at": "2020-11-03T11:02:24Z", + "pushed_at": "2019-05-26T15:25:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0768.json b/2019/CVE-2019-0768.json new file mode 100644 index 0000000000..2930624163 --- /dev/null +++ b/2019/CVE-2019-0768.json @@ -0,0 +1,25 @@ +[ + { + "id": 188212551, + "name": "ie11_vbscript_exploit", + "full_name": "ruthlezs\/ie11_vbscript_exploit", + "owner": { + "login": "ruthlezs", + "id": 15887791, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/15887791?v=4", + "html_url": "https:\/\/github.com\/ruthlezs" + }, + "html_url": "https:\/\/github.com\/ruthlezs\/ie11_vbscript_exploit", + "description": "Exploit Generator for CVE-2018-8174 & CVE-2019-0768 (RCE via VBScript Execution in IE11)", + "fork": false, + "created_at": "2019-05-23T10:28:40Z", + "updated_at": "2020-09-18T13:59:25Z", + "pushed_at": "2019-05-23T11:26:38Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 5, + "forks": 5, + "watchers": 11, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0785.json b/2019/CVE-2019-0785.json new file mode 100644 index 0000000000..c17cf66341 --- /dev/null +++ b/2019/CVE-2019-0785.json @@ -0,0 +1,25 @@ +[ + { + "id": 196208560, + "name": "CVE-2019-0785", + "full_name": "Jaky5155\/CVE-2019-0785", + "owner": { + "login": "Jaky5155", + "id": 47801640, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/47801640?v=4", + "html_url": "https:\/\/github.com\/Jaky5155" + }, + "html_url": "https:\/\/github.com\/Jaky5155\/CVE-2019-0785", + "description": "CVE-2019-0785", + "fork": false, + "created_at": "2019-07-10T13:16:42Z", + "updated_at": "2020-04-05T09:53:47Z", + "pushed_at": "2019-07-10T13:18:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0803.json b/2019/CVE-2019-0803.json new file mode 100644 index 0000000000..4e2b456639 --- /dev/null +++ b/2019/CVE-2019-0803.json @@ -0,0 +1,25 @@ +[ + { + "id": 187201710, + "name": "CVE-2019-0803", + "full_name": "ExpLife0011\/CVE-2019-0803", + "owner": { + "login": "ExpLife0011", + "id": 37372761, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37372761?v=4", + "html_url": "https:\/\/github.com\/ExpLife0011" + }, + "html_url": "https:\/\/github.com\/ExpLife0011\/CVE-2019-0803", + "description": "Win32k Elevation of Privilege Poc", + "fork": false, + "created_at": "2019-05-17T11:05:22Z", + "updated_at": "2020-09-30T07:16:14Z", + "pushed_at": "2019-05-17T10:53:29Z", + "stargazers_count": 75, + "watchers_count": 75, + "forks_count": 67, + "forks": 67, + "watchers": 75, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0808.json b/2019/CVE-2019-0808.json index 5d0db6b48a..dbf8541cb9 100644 --- a/2019/CVE-2019-0808.json +++ b/2019/CVE-2019-0808.json @@ -1,4 +1,73 @@ [ + { + "id": 177576776, + "name": "cve-2019-0808-poc", + "full_name": "ze0r\/cve-2019-0808-poc", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r" + }, + "html_url": "https:\/\/github.com\/ze0r\/cve-2019-0808-poc", + "description": "cve-2019-0808-poc", + "fork": false, + "created_at": "2019-03-25T11:53:35Z", + "updated_at": "2020-12-23T12:17:23Z", + "pushed_at": "2019-03-25T12:10:40Z", + "stargazers_count": 43, + "watchers_count": 43, + "forks_count": 19, + "forks": 19, + "watchers": 43, + "score": 0 + }, + { + "id": 182577297, + "name": "CVE-2019-0808", + "full_name": "rakesh143\/CVE-2019-0808", + "owner": { + "login": "rakesh143", + "id": 12870599, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/12870599?v=4", + "html_url": "https:\/\/github.com\/rakesh143" + }, + "html_url": "https:\/\/github.com\/rakesh143\/CVE-2019-0808", + "description": null, + "fork": false, + "created_at": "2019-04-21T20:04:34Z", + "updated_at": "2019-04-21T20:07:45Z", + "pushed_at": "2019-04-21T20:07:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 187227372, + "name": "CVE-2019-0808", + "full_name": "exodusintel\/CVE-2019-0808", + "owner": { + "login": "exodusintel", + "id": 16653014, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16653014?v=4", + "html_url": "https:\/\/github.com\/exodusintel" + }, + "html_url": "https:\/\/github.com\/exodusintel\/CVE-2019-0808", + "description": "Win32k Exploit by Grant Willcox", + "fork": false, + "created_at": "2019-05-17T14:08:01Z", + "updated_at": "2020-12-22T16:25:47Z", + "pushed_at": "2019-05-17T14:17:00Z", + "stargazers_count": 79, + "watchers_count": 79, + "forks_count": 37, + "forks": 37, + "watchers": 79, + "score": 0 + }, { "id": 264669775, "name": "CVE-2019-0808-32-64-exp", diff --git a/2019/CVE-2019-0841.json b/2019/CVE-2019-0841.json new file mode 100644 index 0000000000..d7283d2874 --- /dev/null +++ b/2019/CVE-2019-0841.json @@ -0,0 +1,71 @@ +[ + { + "id": 179680988, + "name": "CVE-2019-0841", + "full_name": "rogue-kdc\/CVE-2019-0841", + "owner": { + "login": "rogue-kdc", + "id": 49311295, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/49311295?v=4", + "html_url": "https:\/\/github.com\/rogue-kdc" + }, + "html_url": "https:\/\/github.com\/rogue-kdc\/CVE-2019-0841", + "description": "PoC code for CVE-2019-0841 Privilege Escalation vulnerability", + "fork": false, + "created_at": "2019-04-05T12:53:52Z", + "updated_at": "2020-12-30T15:18:41Z", + "pushed_at": "2019-04-09T16:49:19Z", + "stargazers_count": 222, + "watchers_count": 222, + "forks_count": 98, + "forks": 98, + "watchers": 222, + "score": 0 + }, + { + "id": 180605162, + "name": "CVE-2019-0841", + "full_name": "likescam\/CVE-2019-0841", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2019-0841", + "description": null, + "fork": false, + "created_at": "2019-04-10T14:58:22Z", + "updated_at": "2019-05-26T06:57:44Z", + "pushed_at": "2019-04-10T14:58:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 191441504, + "name": "CVE-2019-0841-BYPASS", + "full_name": "0x00-0x00\/CVE-2019-0841-BYPASS", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2019-0841-BYPASS", + "description": "A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.", + "fork": false, + "created_at": "2019-06-11T20:05:26Z", + "updated_at": "2020-12-21T21:53:48Z", + "pushed_at": "2019-06-11T20:49:42Z", + "stargazers_count": 55, + "watchers_count": 55, + "forks_count": 28, + "forks": 28, + "watchers": 55, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0888.json b/2019/CVE-2019-0888.json new file mode 100644 index 0000000000..5c81f58705 --- /dev/null +++ b/2019/CVE-2019-0888.json @@ -0,0 +1,25 @@ +[ + { + "id": 193166704, + "name": "CVE-2019-0888", + "full_name": "sophoslabs\/CVE-2019-0888", + "owner": { + "login": "sophoslabs", + "id": 40878494, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/40878494?v=4", + "html_url": "https:\/\/github.com\/sophoslabs" + }, + "html_url": "https:\/\/github.com\/sophoslabs\/CVE-2019-0888", + "description": "PoC for CVE-2019-0888 - Use-After-Free in Windows ActiveX Data Objects (ADO)", + "fork": false, + "created_at": "2019-06-21T22:26:52Z", + "updated_at": "2020-03-21T18:23:15Z", + "pushed_at": "2019-07-09T18:40:05Z", + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 21, + "forks": 21, + "watchers": 41, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0986.json b/2019/CVE-2019-0986.json new file mode 100644 index 0000000000..f5406691ce --- /dev/null +++ b/2019/CVE-2019-0986.json @@ -0,0 +1,25 @@ +[ + { + "id": 176955881, + "name": "CVE-2019-0986", + "full_name": "padovah4ck\/CVE-2019-0986", + "owner": { + "login": "padovah4ck", + "id": 13963076, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/13963076?v=4", + "html_url": "https:\/\/github.com\/padovah4ck" + }, + "html_url": "https:\/\/github.com\/padovah4ck\/CVE-2019-0986", + "description": "Security Research", + "fork": false, + "created_at": "2019-03-21T13:58:25Z", + "updated_at": "2020-11-17T08:28:22Z", + "pushed_at": "2019-06-17T08:10:53Z", + "stargazers_count": 34, + "watchers_count": 34, + "forks_count": 11, + "forks": 11, + "watchers": 34, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1002101.json b/2019/CVE-2019-1002101.json new file mode 100644 index 0000000000..e2c4167a02 --- /dev/null +++ b/2019/CVE-2019-1002101.json @@ -0,0 +1,25 @@ +[ + { + "id": 179330253, + "name": "CVE-2019-1002101-Helpers", + "full_name": "brompwnie\/CVE-2019-1002101-Helpers", + "owner": { + "login": "brompwnie", + "id": 8638589, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8638589?v=4", + "html_url": "https:\/\/github.com\/brompwnie" + }, + "html_url": "https:\/\/github.com\/brompwnie\/CVE-2019-1002101-Helpers", + "description": "PoC helper scripts and Dockerfile for CVE-2019-1002101", + "fork": false, + "created_at": "2019-04-03T16:36:58Z", + "updated_at": "2020-07-14T14:11:03Z", + "pushed_at": "2019-04-03T17:35:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 5, + "forks": 5, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1003000.json b/2019/CVE-2019-1003000.json index 747a17f707..f516afb523 100644 --- a/2019/CVE-2019-1003000.json +++ b/2019/CVE-2019-1003000.json @@ -21,5 +21,74 @@ "forks": 30, "watchers": 50, "score": 0 + }, + { + "id": 170809838, + "name": "cve-2019-1003000-jenkins-rce-poc", + "full_name": "adamyordan\/cve-2019-1003000-jenkins-rce-poc", + "owner": { + "login": "adamyordan", + "id": 9531164, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/9531164?v=4", + "html_url": "https:\/\/github.com\/adamyordan" + }, + "html_url": "https:\/\/github.com\/adamyordan\/cve-2019-1003000-jenkins-rce-poc", + "description": "Jenkins RCE Proof-of-Concept: SECURITY-1266 \/ CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)", + "fork": false, + "created_at": "2019-02-15T05:59:24Z", + "updated_at": "2020-12-02T16:34:39Z", + "pushed_at": "2019-04-01T13:19:49Z", + "stargazers_count": 268, + "watchers_count": 268, + "forks_count": 83, + "forks": 83, + "watchers": 268, + "score": 0 + }, + { + "id": 172198653, + "name": "CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "full_name": "0xtavian\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "owner": { + "login": "0xtavian", + "id": 21030907, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/21030907?v=4", + "html_url": "https:\/\/github.com\/0xtavian" + }, + "html_url": "https:\/\/github.com\/0xtavian\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "description": "Python CVE-2019-1003000 and CVE-2018-1999002 Pre-Auth RCE Jenkins ", + "fork": false, + "created_at": "2019-02-23T10:00:03Z", + "updated_at": "2020-04-20T00:16:50Z", + "pushed_at": "2019-02-23T10:01:26Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 3, + "forks": 3, + "watchers": 7, + "score": 0 + }, + { + "id": 183322760, + "name": "CVE-2019-1003000_RCE-DETECTION", + "full_name": "1NTheKut\/CVE-2019-1003000_RCE-DETECTION", + "owner": { + "login": "1NTheKut", + "id": 26243759, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/26243759?v=4", + "html_url": "https:\/\/github.com\/1NTheKut" + }, + "html_url": "https:\/\/github.com\/1NTheKut\/CVE-2019-1003000_RCE-DETECTION", + "description": "A C# module to detect if a Jenkins server is vulnerable to the RCE vulnerability found in CVE-2019-1003000 (chained with CVE-2018-1000861 for pre-auth RCE)", + "fork": false, + "created_at": "2019-04-24T23:52:42Z", + "updated_at": "2020-09-25T09:24:39Z", + "pushed_at": "2019-05-01T07:11:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-10149.json b/2019/CVE-2019-10149.json index 0f070d4816..f0ba1ac72f 100644 --- a/2019/CVE-2019-10149.json +++ b/2019/CVE-2019-10149.json @@ -1,4 +1,119 @@ [ + { + "id": 191233980, + "name": "exim-rce-quickfix", + "full_name": "bananaphones\/exim-rce-quickfix", + "owner": { + "login": "bananaphones", + "id": 4877449, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/4877449?v=4", + "html_url": "https:\/\/github.com\/bananaphones" + }, + "html_url": "https:\/\/github.com\/bananaphones\/exim-rce-quickfix", + "description": "quick fix for CVE-2019-10149, works on Debian\\Ubuntu\\Centos", + "fork": false, + "created_at": "2019-06-10T19:37:05Z", + "updated_at": "2020-10-11T13:08:22Z", + "pushed_at": "2019-06-14T10:16:02Z", + "stargazers_count": 23, + "watchers_count": 23, + "forks_count": 18, + "forks": 18, + "watchers": 23, + "score": 0 + }, + { + "id": 191493140, + "name": "eximrce-CVE-2019-10149", + "full_name": "cowbe0x004\/eximrce-CVE-2019-10149", + "owner": { + "login": "cowbe0x004", + "id": 3072913, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/3072913?v=4", + "html_url": "https:\/\/github.com\/cowbe0x004" + }, + "html_url": "https:\/\/github.com\/cowbe0x004\/eximrce-CVE-2019-10149", + "description": "simple python socket connection to test if exim is vulnerable to CVE-2019-10149. The payload simply touch a file in \/tmp\/eximrce.", + "fork": false, + "created_at": "2019-06-12T03:47:16Z", + "updated_at": "2020-09-06T02:39:13Z", + "pushed_at": "2019-07-08T18:25:12Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 13, + "forks": 13, + "watchers": 13, + "score": 0 + }, + { + "id": 191845568, + "name": "PoC--CVE-2019-10149_Exim", + "full_name": "MNEMO-CERT\/PoC--CVE-2019-10149_Exim", + "owner": { + "login": "MNEMO-CERT", + "id": 51804856, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/51804856?v=4", + "html_url": "https:\/\/github.com\/MNEMO-CERT" + }, + "html_url": "https:\/\/github.com\/MNEMO-CERT\/PoC--CVE-2019-10149_Exim", + "description": "PoC for CVE-2019-10149, this vulnerability could be xploited betwen 4-87 to 4.91 version of Exim server.", + "fork": false, + "created_at": "2019-06-13T23:21:53Z", + "updated_at": "2020-06-28T05:23:37Z", + "pushed_at": "2019-06-18T14:57:22Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 5, + "forks": 5, + "watchers": 14, + "score": 0 + }, + { + "id": 191952969, + "name": "CVE-2019-10149-quick", + "full_name": "aishee\/CVE-2019-10149-quick", + "owner": { + "login": "aishee", + "id": 8377283, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/8377283?v=4", + "html_url": "https:\/\/github.com\/aishee" + }, + "html_url": "https:\/\/github.com\/aishee\/CVE-2019-10149-quick", + "description": "Simple Bash shell quick fix CVE-2019-10149", + "fork": false, + "created_at": "2019-06-14T14:02:43Z", + "updated_at": "2019-06-14T14:03:33Z", + "pushed_at": "2019-06-14T14:03:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 194002154, + "name": "CVE-2019-10149-privilege-escalation", + "full_name": "AzizMea\/CVE-2019-10149-privilege-escalation", + "owner": { + "login": "AzizMea", + "id": 30970260, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/30970260?v=4", + "html_url": "https:\/\/github.com\/AzizMea" + }, + "html_url": "https:\/\/github.com\/AzizMea\/CVE-2019-10149-privilege-escalation", + "description": "CVE-2019-10149 privilege escalation", + "fork": false, + "created_at": "2019-06-27T01:34:41Z", + "updated_at": "2020-05-30T20:35:51Z", + "pushed_at": "2019-06-27T17:46:25Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 6, + "forks": 6, + "watchers": 9, + "score": 0 + }, { "id": 198729185, "name": "StickyExim", diff --git a/2019/CVE-2019-10207.json b/2019/CVE-2019-10207.json new file mode 100644 index 0000000000..9fd36f2deb --- /dev/null +++ b/2019/CVE-2019-10207.json @@ -0,0 +1,25 @@ +[ + { + "id": 199611138, + "name": "CVE-2019-10207", + "full_name": "butterflyhack\/CVE-2019-10207", + "owner": { + "login": "butterflyhack", + "id": 11525772, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11525772?v=4", + "html_url": "https:\/\/github.com\/butterflyhack" + }, + "html_url": "https:\/\/github.com\/butterflyhack\/CVE-2019-10207", + "description": "PoC for CVE-2019-10207", + "fork": false, + "created_at": "2019-07-30T08:39:21Z", + "updated_at": "2020-10-26T08:01:10Z", + "pushed_at": "2019-07-30T08:50:32Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 7, + "forks": 7, + "watchers": 18, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1040.json b/2019/CVE-2019-1040.json index fe3bfaf00d..ce366b5421 100644 --- a/2019/CVE-2019-1040.json +++ b/2019/CVE-2019-1040.json @@ -36,13 +36,36 @@ "description": "CVE-2019-1040 with Kerberos delegation", "fork": false, "created_at": "2019-06-18T12:10:26Z", - "updated_at": "2021-01-01T08:50:01Z", + "updated_at": "2021-01-01T12:47:58Z", "pushed_at": "2020-03-20T13:24:47Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 0, - "forks": 0, - "watchers": 4, + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 1, + "forks": 1, + "watchers": 9, + "score": 0 + }, + { + "id": 192691928, + "name": "UltraRealy_with_CVE-2019-1040", + "full_name": "lazaars\/UltraRealy_with_CVE-2019-1040", + "owner": { + "login": "lazaars", + "id": 36127186, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/36127186?v=4", + "html_url": "https:\/\/github.com\/lazaars" + }, + "html_url": "https:\/\/github.com\/lazaars\/UltraRealy_with_CVE-2019-1040", + "description": "Updated version for the tool UltraRealy with support of the CVE-2019-1040 exploit", + "fork": false, + "created_at": "2019-06-19T08:32:31Z", + "updated_at": "2020-10-21T22:17:03Z", + "pushed_at": "2019-06-19T09:15:16Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 5, + "forks": 5, + "watchers": 13, "score": 0 }, { @@ -105,13 +128,13 @@ "description": "an impacket-dependent script exploiting CVE-2019-1040", "fork": false, "created_at": "2021-01-01T05:59:06Z", - "updated_at": "2021-01-01T08:30:26Z", + "updated_at": "2021-01-01T15:10:16Z", "pushed_at": "2021-01-01T06:10:58Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 18, + "watchers_count": 18, "forks_count": 0, "forks": 0, - "watchers": 9, + "watchers": 18, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-1064.json b/2019/CVE-2019-1064.json new file mode 100644 index 0000000000..b9ce1f1082 --- /dev/null +++ b/2019/CVE-2019-1064.json @@ -0,0 +1,71 @@ +[ + { + "id": 191548642, + "name": "CVE-2019-1064", + "full_name": "RythmStick\/CVE-2019-1064", + "owner": { + "login": "RythmStick", + "id": 43847240, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/43847240?v=4", + "html_url": "https:\/\/github.com\/RythmStick" + }, + "html_url": "https:\/\/github.com\/RythmStick\/CVE-2019-1064", + "description": "CVE-2019-1064 Local Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2019-06-12T10:21:35Z", + "updated_at": "2020-06-12T21:35:59Z", + "pushed_at": "2019-06-13T09:55:07Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 10, + "forks": 10, + "watchers": 14, + "score": 0 + }, + { + "id": 191602145, + "name": "CVE-2019-1064", + "full_name": "0x00-0x00\/CVE-2019-1064", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2019-1064", + "description": "CVE-2019-1064 Local Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2019-06-12T15:54:55Z", + "updated_at": "2020-07-13T12:07:03Z", + "pushed_at": "2019-06-12T12:25:42Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 17, + "forks": 17, + "watchers": 11, + "score": 0 + }, + { + "id": 192173000, + "name": "CVE-2019-1064", + "full_name": "attackgithub\/CVE-2019-1064", + "owner": { + "login": "attackgithub", + "id": 45205753, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/45205753?v=4", + "html_url": "https:\/\/github.com\/attackgithub" + }, + "html_url": "https:\/\/github.com\/attackgithub\/CVE-2019-1064", + "description": "CVE-2019-1064 - AppXSVC Local Privilege Escalation", + "fork": false, + "created_at": "2019-06-16T09:31:11Z", + "updated_at": "2019-06-18T21:49:16Z", + "pushed_at": "2019-06-14T07:47:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10685.json b/2019/CVE-2019-10685.json new file mode 100644 index 0000000000..f013a5d423 --- /dev/null +++ b/2019/CVE-2019-10685.json @@ -0,0 +1,25 @@ +[ + { + "id": 179077030, + "name": "CVE-2019-10685", + "full_name": "alt3kx\/CVE-2019-10685", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2019-10685", + "description": "A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Print Archive System v2015 release 2.6", + "fork": false, + "created_at": "2019-04-02T12:50:46Z", + "updated_at": "2019-05-11T02:51:22Z", + "pushed_at": "2019-05-07T11:50:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1069.json b/2019/CVE-2019-1069.json new file mode 100644 index 0000000000..2e1e18df90 --- /dev/null +++ b/2019/CVE-2019-1069.json @@ -0,0 +1,25 @@ +[ + { + "id": 189962146, + "name": "SharpPolarBear", + "full_name": "S3cur3Th1sSh1t\/SharpPolarBear", + "owner": { + "login": "S3cur3Th1sSh1t", + "id": 27858067, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/27858067?v=4", + "html_url": "https:\/\/github.com\/S3cur3Th1sSh1t" + }, + "html_url": "https:\/\/github.com\/S3cur3Th1sSh1t\/SharpPolarBear", + "description": "Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069", + "fork": false, + "created_at": "2019-06-03T08:07:32Z", + "updated_at": "2020-12-21T21:53:48Z", + "pushed_at": "2019-06-26T11:53:08Z", + "stargazers_count": 33, + "watchers_count": 33, + "forks_count": 14, + "forks": 14, + "watchers": 33, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10869.json b/2019/CVE-2019-10869.json new file mode 100644 index 0000000000..704cdaf41e --- /dev/null +++ b/2019/CVE-2019-10869.json @@ -0,0 +1,25 @@ +[ + { + "id": 186229171, + "name": "CVE-2019-10869", + "full_name": "KTN1990\/CVE-2019-10869", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2019-10869", + "description": "(Wordpress) Ninja Forms File Uploads Extension <= 3.0.22 – Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2019-05-12T08:20:16Z", + "updated_at": "2020-09-06T05:31:01Z", + "pushed_at": "2019-05-17T10:41:43Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 6, + "forks": 6, + "watchers": 14, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10915.json b/2019/CVE-2019-10915.json new file mode 100644 index 0000000000..c54e7d2a04 --- /dev/null +++ b/2019/CVE-2019-10915.json @@ -0,0 +1,25 @@ +[ + { + "id": 198133475, + "name": "CVE-2019-10915", + "full_name": "jiansiting\/CVE-2019-10915", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-10915", + "description": "Siemens TIA administrator Tool RCE", + "fork": false, + "created_at": "2019-07-22T02:38:54Z", + "updated_at": "2020-03-18T01:41:48Z", + "pushed_at": "2019-07-22T11:48:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1096.json b/2019/CVE-2019-1096.json new file mode 100644 index 0000000000..4db4879545 --- /dev/null +++ b/2019/CVE-2019-1096.json @@ -0,0 +1,25 @@ +[ + { + "id": 198785536, + "name": "cve-2019-1096-poc", + "full_name": "CrackerCat\/cve-2019-1096-poc", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/cve-2019-1096-poc", + "description": null, + "fork": false, + "created_at": "2019-07-25T07:58:44Z", + "updated_at": "2020-08-17T10:36:33Z", + "pushed_at": "2019-07-25T07:24:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11076.json b/2019/CVE-2019-11076.json new file mode 100644 index 0000000000..e318aba139 --- /dev/null +++ b/2019/CVE-2019-11076.json @@ -0,0 +1,25 @@ +[ + { + "id": 180679185, + "name": "poc-cribl-rce", + "full_name": "livehybrid\/poc-cribl-rce", + "owner": { + "login": "livehybrid", + "id": 5527349, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5527349?v=4", + "html_url": "https:\/\/github.com\/livehybrid" + }, + "html_url": "https:\/\/github.com\/livehybrid\/poc-cribl-rce", + "description": "CVE-2019-11076 - Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request", + "fork": false, + "created_at": "2019-04-10T23:31:39Z", + "updated_at": "2020-03-15T20:21:00Z", + "pushed_at": "2019-04-11T12:50:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11223.json b/2019/CVE-2019-11223.json new file mode 100644 index 0000000000..8dedf1a380 --- /dev/null +++ b/2019/CVE-2019-11223.json @@ -0,0 +1,25 @@ +[ + { + "id": 181940820, + "name": "CVE-2019-11223", + "full_name": "AngelCtulhu\/CVE-2019-11223", + "owner": { + "login": "AngelCtulhu", + "id": 36587659, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36587659?v=4", + "html_url": "https:\/\/github.com\/AngelCtulhu" + }, + "html_url": "https:\/\/github.com\/AngelCtulhu\/CVE-2019-11223", + "description": "CVE-2019-11223 - Arbitrary File Upload in Wordpress Support Candy Plugin Version 2.0 Below", + "fork": false, + "created_at": "2019-04-17T17:43:46Z", + "updated_at": "2019-04-19T16:43:54Z", + "pushed_at": "2019-04-19T04:32:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 5, + "forks": 5, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1132.json b/2019/CVE-2019-1132.json index f0e0e462b3..1eb1d7b351 100644 --- a/2019/CVE-2019-1132.json +++ b/2019/CVE-2019-1132.json @@ -21,5 +21,28 @@ "forks": 37, "watchers": 60, "score": 0 + }, + { + "id": 199763019, + "name": "CVE-2019-1132", + "full_name": "petercc\/CVE-2019-1132", + "owner": { + "login": "petercc", + "id": 1819628, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1819628?v=4", + "html_url": "https:\/\/github.com\/petercc" + }, + "html_url": "https:\/\/github.com\/petercc\/CVE-2019-1132", + "description": "CVE-2019-1132", + "fork": false, + "created_at": "2019-07-31T02:30:28Z", + "updated_at": "2020-12-07T22:04:33Z", + "pushed_at": "2019-07-31T02:38:41Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-11358.json b/2019/CVE-2019-11358.json index dd97ea162f..b7f1846f54 100644 --- a/2019/CVE-2019-11358.json +++ b/2019/CVE-2019-11358.json @@ -22,6 +22,29 @@ "watchers": 21, "score": 0 }, + { + "id": 197643691, + "name": "jquery-prototype-pollution-fix", + "full_name": "bitnesswise\/jquery-prototype-pollution-fix", + "owner": { + "login": "bitnesswise", + "id": 32780182, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/32780182?v=4", + "html_url": "https:\/\/github.com\/bitnesswise" + }, + "html_url": "https:\/\/github.com\/bitnesswise\/jquery-prototype-pollution-fix", + "description": "A fix for CVE-2019-11358 (prototype pollution in jquery)", + "fork": false, + "created_at": "2019-07-18T19:15:33Z", + "updated_at": "2020-04-04T15:02:00Z", + "pushed_at": "2019-07-18T20:00:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, { "id": 255702097, "name": "snyk-js-jquery-565129", diff --git a/2019/CVE-2019-11477.json b/2019/CVE-2019-11477.json new file mode 100644 index 0000000000..af5126209d --- /dev/null +++ b/2019/CVE-2019-11477.json @@ -0,0 +1,25 @@ +[ + { + "id": 198296662, + "name": "cve-2019-11477-poc", + "full_name": "sasqwatch\/cve-2019-11477-poc", + "owner": { + "login": "sasqwatch", + "id": 22352904, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/22352904?v=4", + "html_url": "https:\/\/github.com\/sasqwatch" + }, + "html_url": "https:\/\/github.com\/sasqwatch\/cve-2019-11477-poc", + "description": null, + "fork": false, + "created_at": "2019-07-22T20:23:08Z", + "updated_at": "2020-06-28T07:56:08Z", + "pushed_at": "2019-07-21T15:56:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11523.json b/2019/CVE-2019-11523.json new file mode 100644 index 0000000000..e8af18ab58 --- /dev/null +++ b/2019/CVE-2019-11523.json @@ -0,0 +1,25 @@ +[ + { + "id": 182799429, + "name": "anviz-m3-rfid-cve-2019-11523-poc", + "full_name": "wizlab-it\/anviz-m3-rfid-cve-2019-11523-poc", + "owner": { + "login": "wizlab-it", + "id": 19650583, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/19650583?v=4", + "html_url": "https:\/\/github.com\/wizlab-it" + }, + "html_url": "https:\/\/github.com\/wizlab-it\/anviz-m3-rfid-cve-2019-11523-poc", + "description": "Anviz M3 RFID CVE-2019-11523 PoC", + "fork": false, + "created_at": "2019-04-22T14:00:50Z", + "updated_at": "2019-06-13T16:23:09Z", + "pushed_at": "2019-06-13T16:23:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11580.json b/2019/CVE-2019-11580.json index 769802d443..cd8d2b10be 100644 --- a/2019/CVE-2019-11580.json +++ b/2019/CVE-2019-11580.json @@ -1,4 +1,27 @@ [ + { + "id": 197342430, + "name": "CVE-2019-11580", + "full_name": "jas502n\/CVE-2019-11580", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11580", + "description": "CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE", + "fork": false, + "created_at": "2019-07-17T07:54:38Z", + "updated_at": "2020-12-11T10:06:47Z", + "pushed_at": "2019-07-18T10:03:28Z", + "stargazers_count": 84, + "watchers_count": 84, + "forks_count": 19, + "forks": 19, + "watchers": 84, + "score": 0 + }, { "id": 245476096, "name": "CVE-2019-11580", diff --git a/2019/CVE-2019-11581.json b/2019/CVE-2019-11581.json index baf6b6bfe7..0adc7efb8d 100644 --- a/2019/CVE-2019-11581.json +++ b/2019/CVE-2019-11581.json @@ -1,4 +1,27 @@ [ + { + "id": 197105656, + "name": "CVE-2019-11581", + "full_name": "jas502n\/CVE-2019-11581", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11581", + "description": "Atlassian JIRA Template injection vulnerability RCE", + "fork": false, + "created_at": "2019-07-16T02:27:00Z", + "updated_at": "2020-11-26T19:56:26Z", + "pushed_at": "2019-07-22T06:47:52Z", + "stargazers_count": 73, + "watchers_count": 73, + "forks_count": 27, + "forks": 27, + "watchers": 73, + "score": 0 + }, { "id": 198763431, "name": "CVE-2019-11581", diff --git a/2019/CVE-2019-11881.json b/2019/CVE-2019-11881.json new file mode 100644 index 0000000000..c8089848ad --- /dev/null +++ b/2019/CVE-2019-11881.json @@ -0,0 +1,25 @@ +[ + { + "id": 188323560, + "name": "VanCleef", + "full_name": "MauroEldritch\/VanCleef", + "owner": { + "login": "MauroEldritch", + "id": 1292978, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1292978?v=4", + "html_url": "https:\/\/github.com\/MauroEldritch" + }, + "html_url": "https:\/\/github.com\/MauroEldritch\/VanCleef", + "description": "Exploit for CVE-2019-11881 (Rancher 2.1.4 Web Parameter Tampering)", + "fork": false, + "created_at": "2019-05-24T00:09:21Z", + "updated_at": "2020-09-22T13:43:27Z", + "pushed_at": "2019-06-10T22:10:10Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12169.json b/2019/CVE-2019-12169.json new file mode 100644 index 0000000000..31532e06c7 --- /dev/null +++ b/2019/CVE-2019-12169.json @@ -0,0 +1,25 @@ +[ + { + "id": 188356491, + "name": "ATutor-2.2.4-Language-Exploit", + "full_name": "fuzzlove\/ATutor-2.2.4-Language-Exploit", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/ATutor-2.2.4-Language-Exploit", + "description": "ATutor 2.2.4 Arbitrary File Upload \/ RCE (CVE-2019-12169)", + "fork": false, + "created_at": "2019-05-24T05:15:17Z", + "updated_at": "2019-10-02T06:32:26Z", + "pushed_at": "2019-06-09T21:39:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12170.json b/2019/CVE-2019-12170.json new file mode 100644 index 0000000000..f1ad356c75 --- /dev/null +++ b/2019/CVE-2019-12170.json @@ -0,0 +1,25 @@ +[ + { + "id": 186354983, + "name": "ATutor-Instructor-Backup-Arbitrary-File", + "full_name": "fuzzlove\/ATutor-Instructor-Backup-Arbitrary-File", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/ATutor-Instructor-Backup-Arbitrary-File", + "description": "ATutor 2.2.4 'Backup' Remote Command Execution (CVE-2019-12170)", + "fork": false, + "created_at": "2019-05-13T06:01:47Z", + "updated_at": "2019-06-03T04:12:28Z", + "pushed_at": "2019-06-03T04:12:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12185.json b/2019/CVE-2019-12185.json new file mode 100644 index 0000000000..7f8c40edba --- /dev/null +++ b/2019/CVE-2019-12185.json @@ -0,0 +1,25 @@ +[ + { + "id": 187415847, + "name": "eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE", + "full_name": "fuzzlove\/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE", + "description": "eLabFTW 1.8.5 'EntityController' Arbitrary File Upload \/ RCE (CVE-2019-12185)", + "fork": false, + "created_at": "2019-05-18T23:56:52Z", + "updated_at": "2019-11-12T06:27:17Z", + "pushed_at": "2019-05-20T00:29:16Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 1, + "forks": 1, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12189.json b/2019/CVE-2019-12189.json index 7b254d279b..d1277d50a1 100644 --- a/2019/CVE-2019-12189.json +++ b/2019/CVE-2019-12189.json @@ -1,4 +1,27 @@ [ + { + "id": 187569819, + "name": "CVE-2019-12189", + "full_name": "falconz\/CVE-2019-12189", + "owner": { + "login": "falconz", + "id": 9218490, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/9218490?v=4", + "html_url": "https:\/\/github.com\/falconz" + }, + "html_url": "https:\/\/github.com\/falconz\/CVE-2019-12189", + "description": null, + "fork": false, + "created_at": "2019-05-20T04:52:38Z", + "updated_at": "2019-05-20T06:03:05Z", + "pushed_at": "2019-05-20T06:03:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, { "id": 187589027, "name": "CVE-2019-12189", diff --git a/2019/CVE-2019-12190.json b/2019/CVE-2019-12190.json new file mode 100644 index 0000000000..47c6186cc1 --- /dev/null +++ b/2019/CVE-2019-12190.json @@ -0,0 +1,25 @@ +[ + { + "id": 187596474, + "name": "CVE-2019-12190", + "full_name": "tuyenhva\/CVE-2019-12190", + "owner": { + "login": "tuyenhva", + "id": 17802001, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17802001?v=4", + "html_url": "https:\/\/github.com\/tuyenhva" + }, + "html_url": "https:\/\/github.com\/tuyenhva\/CVE-2019-12190", + "description": "CVE-2019-12190 - CentOS-WebPanel XSS vulnerability", + "fork": false, + "created_at": "2019-05-20T08:09:49Z", + "updated_at": "2019-05-20T08:13:09Z", + "pushed_at": "2019-05-20T08:13:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12252.json b/2019/CVE-2019-12252.json new file mode 100644 index 0000000000..26746b0def --- /dev/null +++ b/2019/CVE-2019-12252.json @@ -0,0 +1,25 @@ +[ + { + "id": 187880000, + "name": "CVE-2019-12252", + "full_name": "tuyenhva\/CVE-2019-12252", + "owner": { + "login": "tuyenhva", + "id": 17802001, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17802001?v=4", + "html_url": "https:\/\/github.com\/tuyenhva" + }, + "html_url": "https:\/\/github.com\/tuyenhva\/CVE-2019-12252", + "description": "CVE-2019-12252 Zoho ManageEngine ServiceDesk Plus < 10.5 Incorrect Access Control", + "fork": false, + "created_at": "2019-05-21T16:59:23Z", + "updated_at": "2019-05-21T17:01:52Z", + "pushed_at": "2019-05-21T17:01:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12272.json b/2019/CVE-2019-12272.json index b1de24a829..9403b7c617 100644 --- a/2019/CVE-2019-12272.json +++ b/2019/CVE-2019-12272.json @@ -1,4 +1,27 @@ [ + { + "id": 195171033, + "name": "LuCI_RCE_exp", + "full_name": "HACHp1\/LuCI_RCE_exp", + "owner": { + "login": "HACHp1", + "id": 25722416, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25722416?v=4", + "html_url": "https:\/\/github.com\/HACHp1" + }, + "html_url": "https:\/\/github.com\/HACHp1\/LuCI_RCE_exp", + "description": "Exp of cve-2019-12272", + "fork": false, + "created_at": "2019-07-04T04:54:36Z", + "updated_at": "2020-04-22T15:44:21Z", + "pushed_at": "2019-07-10T04:33:30Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 5, + "forks": 5, + "watchers": 14, + "score": 0 + }, { "id": 226418974, "name": "lede-17.01.3", diff --git a/2019/CVE-2019-12384.json b/2019/CVE-2019-12384.json index efeafd94db..48e383b426 100644 --- a/2019/CVE-2019-12384.json +++ b/2019/CVE-2019-12384.json @@ -1,4 +1,27 @@ [ + { + "id": 198579428, + "name": "CVE-2019-12384", + "full_name": "jas502n\/CVE-2019-12384", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-12384", + "description": "Jackson Rce For CVE-2019-12384 ", + "fork": false, + "created_at": "2019-07-24T07:12:14Z", + "updated_at": "2020-12-27T22:16:37Z", + "pushed_at": "2019-07-24T07:31:42Z", + "stargazers_count": 76, + "watchers_count": 76, + "forks_count": 15, + "forks": 15, + "watchers": 76, + "score": 0 + }, { "id": 198939305, "name": "Jackson_RCE-CVE-2019-12384", diff --git a/2019/CVE-2019-12453.json b/2019/CVE-2019-12453.json new file mode 100644 index 0000000000..a9149c4ddc --- /dev/null +++ b/2019/CVE-2019-12453.json @@ -0,0 +1,25 @@ +[ + { + "id": 197012907, + "name": "CVE-2019-12453", + "full_name": "undefinedmode\/CVE-2019-12453", + "owner": { + "login": "undefinedmode", + "id": 4165481, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4165481?v=4", + "html_url": "https:\/\/github.com\/undefinedmode" + }, + "html_url": "https:\/\/github.com\/undefinedmode\/CVE-2019-12453", + "description": "Authenticated XSS in Microstrategy Web - Versions prior to 10.1 patch 10", + "fork": false, + "created_at": "2019-07-15T14:17:10Z", + "updated_at": "2019-07-15T14:44:49Z", + "pushed_at": "2019-07-15T14:44:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12460.json b/2019/CVE-2019-12460.json new file mode 100644 index 0000000000..6641dc7b70 --- /dev/null +++ b/2019/CVE-2019-12460.json @@ -0,0 +1,25 @@ +[ + { + "id": 188212424, + "name": "WebPort-v1.19.1-Reflected-XSS", + "full_name": "EmreOvunc\/WebPort-v1.19.1-Reflected-XSS", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/WebPort-v1.19.1-Reflected-XSS", + "description": "CVE-2019-12460|Reflected XSS in WebPort-v1.19.1 impacts users who open a maliciously crafted link or third-party web page.", + "fork": false, + "created_at": "2019-05-23T10:27:49Z", + "updated_at": "2020-05-16T12:47:54Z", + "pushed_at": "2019-05-30T16:21:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12475.json b/2019/CVE-2019-12475.json new file mode 100644 index 0000000000..fe32271de5 --- /dev/null +++ b/2019/CVE-2019-12475.json @@ -0,0 +1,25 @@ +[ + { + "id": 197017455, + "name": "CVE-2019-12475", + "full_name": "undefinedmode\/CVE-2019-12475", + "owner": { + "login": "undefinedmode", + "id": 4165481, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/4165481?v=4", + "html_url": "https:\/\/github.com\/undefinedmode" + }, + "html_url": "https:\/\/github.com\/undefinedmode\/CVE-2019-12475", + "description": "Stored XSS in MicroStrategy Web prior to 10.4.6", + "fork": false, + "created_at": "2019-07-15T14:42:53Z", + "updated_at": "2019-07-15T14:47:02Z", + "pushed_at": "2019-07-15T14:47:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12594.json b/2019/CVE-2019-12594.json new file mode 100644 index 0000000000..d3a7b05703 --- /dev/null +++ b/2019/CVE-2019-12594.json @@ -0,0 +1,25 @@ +[ + { + "id": 194123487, + "name": "CVE-2019-12594", + "full_name": "Alexandre-Bartel\/CVE-2019-12594", + "owner": { + "login": "Alexandre-Bartel", + "id": 655248, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/655248?v=4", + "html_url": "https:\/\/github.com\/Alexandre-Bartel" + }, + "html_url": "https:\/\/github.com\/Alexandre-Bartel\/CVE-2019-12594", + "description": "This is a PoC for CVE-2019-12594, a vulnerability in DOSBox 0.74-2.", + "fork": false, + "created_at": "2019-06-27T15:49:16Z", + "updated_at": "2020-12-09T18:01:25Z", + "pushed_at": "2019-07-01T17:36:42Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 2, + "forks": 2, + "watchers": 9, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12735.json b/2019/CVE-2019-12735.json new file mode 100644 index 0000000000..307a28ba10 --- /dev/null +++ b/2019/CVE-2019-12735.json @@ -0,0 +1,48 @@ +[ + { + "id": 190523226, + "name": "ace-vim-neovim", + "full_name": "pcy190\/ace-vim-neovim", + "owner": { + "login": "pcy190", + "id": 40729789, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/40729789?v=4", + "html_url": "https:\/\/github.com\/pcy190" + }, + "html_url": "https:\/\/github.com\/pcy190\/ace-vim-neovim", + "description": "Vim\/Neovim Arbitrary Code Execution via Modelines (CVE-2019-12735)", + "fork": false, + "created_at": "2019-06-06T06:00:06Z", + "updated_at": "2020-11-17T05:53:56Z", + "pushed_at": "2019-06-06T06:09:56Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 6, + "forks": 6, + "watchers": 8, + "score": 0 + }, + { + "id": 192580764, + "name": "CVE-2019-12735-VIM-NEOVIM", + "full_name": "oldthree3\/CVE-2019-12735-VIM-NEOVIM", + "owner": { + "login": "oldthree3", + "id": 51964995, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/51964995?v=4", + "html_url": "https:\/\/github.com\/oldthree3" + }, + "html_url": "https:\/\/github.com\/oldthree3\/CVE-2019-12735-VIM-NEOVIM", + "description": null, + "fork": false, + "created_at": "2019-06-18T16:59:39Z", + "updated_at": "2019-06-19T07:30:04Z", + "pushed_at": "2019-06-19T07:30:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12796.json b/2019/CVE-2019-12796.json new file mode 100644 index 0000000000..bc7e1c102c --- /dev/null +++ b/2019/CVE-2019-12796.json @@ -0,0 +1,25 @@ +[ + { + "id": 192375622, + "name": "CVE-2019-12796", + "full_name": "PeterUpfold\/CVE-2019-12796", + "owner": { + "login": "PeterUpfold", + "id": 1255375, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1255375?v=4", + "html_url": "https:\/\/github.com\/PeterUpfold" + }, + "html_url": "https:\/\/github.com\/PeterUpfold\/CVE-2019-12796", + "description": "This repository will contain information regarding CVE-2019-12796 once it is made public.", + "fork": false, + "created_at": "2019-06-17T15:47:12Z", + "updated_at": "2019-06-17T17:02:01Z", + "pushed_at": "2019-06-17T15:49:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12949.json b/2019/CVE-2019-12949.json new file mode 100644 index 0000000000..1e07019769 --- /dev/null +++ b/2019/CVE-2019-12949.json @@ -0,0 +1,25 @@ +[ + { + "id": 193627360, + "name": "CVE-2019-12949", + "full_name": "tarantula-team\/CVE-2019-12949", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12949", + "description": "CVE-2019-12949 ", + "fork": false, + "created_at": "2019-06-25T03:22:23Z", + "updated_at": "2020-05-04T07:57:28Z", + "pushed_at": "2019-06-28T04:19:38Z", + "stargazers_count": 27, + "watchers_count": 27, + "forks_count": 9, + "forks": 9, + "watchers": 27, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13027.json b/2019/CVE-2019-13027.json new file mode 100644 index 0000000000..0ae462e7fd --- /dev/null +++ b/2019/CVE-2019-13027.json @@ -0,0 +1,25 @@ +[ + { + "id": 195768661, + "name": "CVE-2019-13027", + "full_name": "IckoGZ\/CVE-2019-13027", + "owner": { + "login": "IckoGZ", + "id": 52542268, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/52542268?v=4", + "html_url": "https:\/\/github.com\/IckoGZ" + }, + "html_url": "https:\/\/github.com\/IckoGZ\/CVE-2019-13027", + "description": "Details for disclosing CVE-2019-13027", + "fork": false, + "created_at": "2019-07-08T08:25:07Z", + "updated_at": "2019-07-11T08:33:11Z", + "pushed_at": "2019-07-11T08:33:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13063.json b/2019/CVE-2019-13063.json new file mode 100644 index 0000000000..46b4665d54 --- /dev/null +++ b/2019/CVE-2019-13063.json @@ -0,0 +1,25 @@ +[ + { + "id": 196970646, + "name": "CVE-2019-13063-POC", + "full_name": "0x6b7966\/CVE-2019-13063-POC", + "owner": { + "login": "0x6b7966", + "id": 22814832, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22814832?v=4", + "html_url": "https:\/\/github.com\/0x6b7966" + }, + "html_url": "https:\/\/github.com\/0x6b7966\/CVE-2019-13063-POC", + "description": "Proof of concept tool to exploit the directory traversal and local file inclusion vulnerability that resides in the Sahi-pro web application CVE-2019-13063", + "fork": false, + "created_at": "2019-07-15T09:45:36Z", + "updated_at": "2019-08-18T02:47:49Z", + "pushed_at": "2019-07-01T19:16:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13272.json b/2019/CVE-2019-13272.json index a44b03a9b4..2ab53ed2e9 100644 --- a/2019/CVE-2019-13272.json +++ b/2019/CVE-2019-13272.json @@ -1,4 +1,50 @@ [ + { + "id": 199781061, + "name": "CVE-2019-13272", + "full_name": "jas502n\/CVE-2019-13272", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-13272", + "description": "Linux 4.10 < 5.1.17 PTRACE_TRACEME local root", + "fork": false, + "created_at": "2019-07-31T04:51:43Z", + "updated_at": "2020-12-19T12:25:32Z", + "pushed_at": "2019-08-01T16:02:59Z", + "stargazers_count": 244, + "watchers_count": 244, + "forks_count": 94, + "forks": 94, + "watchers": 244, + "score": 0 + }, + { + "id": 199794841, + "name": "CVE-2019-13272", + "full_name": "Cyc1eC\/CVE-2019-13272", + "owner": { + "login": "Cyc1eC", + "id": 26767829, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/26767829?v=4", + "html_url": "https:\/\/github.com\/Cyc1eC" + }, + "html_url": "https:\/\/github.com\/Cyc1eC\/CVE-2019-13272", + "description": "The exploit for CVE-2019-13272", + "fork": false, + "created_at": "2019-07-31T06:36:21Z", + "updated_at": "2020-12-14T12:01:59Z", + "pushed_at": "2019-07-31T07:05:04Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 7, + "forks": 7, + "watchers": 4, + "score": 0 + }, { "id": 200459882, "name": "cve-2019-13272", diff --git a/2019/CVE-2019-13403.json b/2019/CVE-2019-13403.json new file mode 100644 index 0000000000..8de9baef85 --- /dev/null +++ b/2019/CVE-2019-13403.json @@ -0,0 +1,25 @@ +[ + { + "id": 196799368, + "name": "CVE-2019-13403", + "full_name": "B3Bo1d\/CVE-2019-13403", + "owner": { + "login": "B3Bo1d", + "id": 19810607, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19810607?v=4", + "html_url": "https:\/\/github.com\/B3Bo1d" + }, + "html_url": "https:\/\/github.com\/B3Bo1d\/CVE-2019-13403", + "description": "CVE-2019-13403", + "fork": false, + "created_at": "2019-07-14T05:52:01Z", + "updated_at": "2019-07-14T06:10:02Z", + "pushed_at": "2019-07-14T06:10:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14439.json b/2019/CVE-2019-14439.json new file mode 100644 index 0000000000..f6c3d0159c --- /dev/null +++ b/2019/CVE-2019-14439.json @@ -0,0 +1,25 @@ +[ + { + "id": 199983488, + "name": "CVE-2019-14439", + "full_name": "jas502n\/CVE-2019-14439", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-14439", + "description": "Jackson-databind RCE", + "fork": false, + "created_at": "2019-08-01T05:33:06Z", + "updated_at": "2019-12-15T16:09:26Z", + "pushed_at": "2019-08-01T05:33:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "forks": 2, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16098.json b/2019/CVE-2019-16098.json index f8c5026ca2..858244fe2a 100644 --- a/2019/CVE-2019-16098.json +++ b/2019/CVE-2019-16098.json @@ -13,13 +13,13 @@ "description": "Local privilege escalation PoC exploit for CVE-2019-16098", "fork": false, "created_at": "2019-09-10T15:57:36Z", - "updated_at": "2021-01-01T08:00:53Z", + "updated_at": "2021-01-01T12:01:29Z", "pushed_at": "2019-09-13T20:05:43Z", - "stargazers_count": 129, - "watchers_count": 129, - "forks_count": 41, - "forks": 41, - "watchers": 129, + "stargazers_count": 130, + "watchers_count": 130, + "forks_count": 42, + "forks": 42, + "watchers": 130, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-1652.json b/2019/CVE-2019-1652.json new file mode 100644 index 0000000000..517cc66d80 --- /dev/null +++ b/2019/CVE-2019-1652.json @@ -0,0 +1,25 @@ +[ + { + "id": 167347037, + "name": "CiscoRV320Dump", + "full_name": "0x27\/CiscoRV320Dump", + "owner": { + "login": "0x27", + "id": 9094330, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/9094330?v=4", + "html_url": "https:\/\/github.com\/0x27" + }, + "html_url": "https:\/\/github.com\/0x27\/CiscoRV320Dump", + "description": "CVE-2019-1652 \/CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!", + "fork": false, + "created_at": "2019-01-24T10:12:44Z", + "updated_at": "2020-12-24T03:48:24Z", + "pushed_at": "2019-02-08T12:38:05Z", + "stargazers_count": 195, + "watchers_count": 195, + "forks_count": 62, + "forks": 62, + "watchers": 195, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1653.json b/2019/CVE-2019-1653.json new file mode 100644 index 0000000000..c55983f19a --- /dev/null +++ b/2019/CVE-2019-1653.json @@ -0,0 +1,48 @@ +[ + { + "id": 168361115, + "name": "CVE-2019-1653", + "full_name": "dubfr33\/CVE-2019-1653", + "owner": { + "login": "dubfr33", + "id": 20056018, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/20056018?v=4", + "html_url": "https:\/\/github.com\/dubfr33" + }, + "html_url": "https:\/\/github.com\/dubfr33\/CVE-2019-1653", + "description": "NSE script to scan for Cisco routers vulnerable to CVE-2019-1653", + "fork": false, + "created_at": "2019-01-30T14:58:48Z", + "updated_at": "2020-04-21T04:04:11Z", + "pushed_at": "2019-01-30T15:01:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 178810790, + "name": "CiscoSpill", + "full_name": "shaheemirza\/CiscoSpill", + "owner": { + "login": "shaheemirza", + "id": 4853436, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/4853436?v=4", + "html_url": "https:\/\/github.com\/shaheemirza" + }, + "html_url": "https:\/\/github.com\/shaheemirza\/CiscoSpill", + "description": "Just a PoC tool to extract password using CVE-2019-1653.", + "fork": false, + "created_at": "2019-04-01T07:40:01Z", + "updated_at": "2020-11-25T23:13:59Z", + "pushed_at": "2019-04-01T07:50:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 4, + "forks": 4, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index fc0a912ad0..3536052690 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -40,8 +40,8 @@ "pushed_at": "2020-11-07T05:55:00Z", "stargazers_count": 2220, "watchers_count": 2220, - "forks_count": 629, - "forks": 629, + "forks_count": 630, + "forks": 630, "watchers": 2220, "score": 0 }, diff --git a/2019/CVE-2019-1821.json b/2019/CVE-2019-1821.json new file mode 100644 index 0000000000..145489af3b --- /dev/null +++ b/2019/CVE-2019-1821.json @@ -0,0 +1,25 @@ +[ + { + "id": 187835108, + "name": "CiscoExploit", + "full_name": "k8gege\/CiscoExploit", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege" + }, + "html_url": "https:\/\/github.com\/k8gege\/CiscoExploit", + "description": "Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution\/CVE-2019-1653\/Cisco SNMP RCE\/Dump Cisco RV320 Password)", + "fork": false, + "created_at": "2019-05-21T12:42:54Z", + "updated_at": "2020-12-21T01:20:21Z", + "pushed_at": "2019-05-21T14:52:36Z", + "stargazers_count": 67, + "watchers_count": 67, + "forks_count": 41, + "forks": 41, + "watchers": 67, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18634.json b/2019/CVE-2019-18634.json index 65b679a450..6a8b581afa 100644 --- a/2019/CVE-2019-18634.json +++ b/2019/CVE-2019-18634.json @@ -40,8 +40,8 @@ "pushed_at": "2020-06-04T13:17:10Z", "stargazers_count": 81, "watchers_count": 81, - "forks_count": 28, - "forks": 28, + "forks_count": 27, + "forks": 27, "watchers": 81, "score": 0 }, diff --git a/2019/CVE-2019-19781.json b/2019/CVE-2019-19781.json index e3319723f8..e267f9eeb4 100644 --- a/2019/CVE-2019-19781.json +++ b/2019/CVE-2019-19781.json @@ -36,13 +36,13 @@ "description": "Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]", "fork": false, "created_at": "2020-01-10T22:56:35Z", - "updated_at": "2020-12-25T13:43:31Z", + "updated_at": "2021-01-01T13:40:54Z", "pushed_at": "2020-01-18T07:01:29Z", - "stargazers_count": 356, - "watchers_count": 356, + "stargazers_count": 357, + "watchers_count": 357, "forks_count": 115, "forks": 115, - "watchers": 356, + "watchers": 357, "score": 0 }, { diff --git a/2019/CVE-2019-1987.json b/2019/CVE-2019-1987.json new file mode 100644 index 0000000000..ad77b08c9b --- /dev/null +++ b/2019/CVE-2019-1987.json @@ -0,0 +1,25 @@ +[ + { + "id": 171108223, + "name": "android-7-9-png-bug", + "full_name": "marcinguy\/android-7-9-png-bug", + "owner": { + "login": "marcinguy", + "id": 20355405, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/20355405?v=4", + "html_url": "https:\/\/github.com\/marcinguy" + }, + "html_url": "https:\/\/github.com\/marcinguy\/android-7-9-png-bug", + "description": "CVE-2019-1987", + "fork": false, + "created_at": "2019-02-17T10:22:01Z", + "updated_at": "2020-05-18T10:42:55Z", + "pushed_at": "2019-03-02T19:54:06Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 4, + "forks": 4, + "watchers": 12, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-2107.json b/2019/CVE-2019-2107.json index f293d9822d..83907a2885 100644 --- a/2019/CVE-2019-2107.json +++ b/2019/CVE-2019-2107.json @@ -21,5 +21,28 @@ "forks": 96, "watchers": 308, "score": 0 + }, + { + "id": 199203476, + "name": "CVE-2019-2107", + "full_name": "infiniteLoopers\/CVE-2019-2107", + "owner": { + "login": "infiniteLoopers", + "id": 27885817, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/27885817?v=4", + "html_url": "https:\/\/github.com\/infiniteLoopers" + }, + "html_url": "https:\/\/github.com\/infiniteLoopers\/CVE-2019-2107", + "description": null, + "fork": false, + "created_at": "2019-07-27T19:03:27Z", + "updated_at": "2019-10-18T20:42:21Z", + "pushed_at": "2019-07-27T19:06:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-2615.json b/2019/CVE-2019-2615.json new file mode 100644 index 0000000000..2d41b73c89 --- /dev/null +++ b/2019/CVE-2019-2615.json @@ -0,0 +1,25 @@ +[ + { + "id": 186277891, + "name": "CVE-2019-2615", + "full_name": "chiaifan\/CVE-2019-2615", + "owner": { + "login": "chiaifan", + "id": 28030381, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/28030381?v=4", + "html_url": "https:\/\/github.com\/chiaifan" + }, + "html_url": "https:\/\/github.com\/chiaifan\/CVE-2019-2615", + "description": null, + "fork": false, + "created_at": "2019-05-12T16:25:28Z", + "updated_at": "2019-12-12T02:40:06Z", + "pushed_at": "2019-05-12T16:53:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index 683e95617b..5807d16c1b 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -1,4 +1,73 @@ [ + { + "id": 181875107, + "name": "CVE-2019-2618", + "full_name": "pyn3rd\/CVE-2019-2618", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2019-2618", + "description": "Weblogic Unrestricted File Upload", + "fork": false, + "created_at": "2019-04-17T11:12:32Z", + "updated_at": "2020-10-25T08:10:09Z", + "pushed_at": "2019-04-17T11:13:29Z", + "stargazers_count": 50, + "watchers_count": 50, + "forks_count": 13, + "forks": 13, + "watchers": 50, + "score": 0 + }, + { + "id": 181885950, + "name": "cve-2019-2618", + "full_name": "jas502n\/cve-2019-2618", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/cve-2019-2618", + "description": "Weblogic Upload Vuln(Need username password)-CVE-2019-2618", + "fork": false, + "created_at": "2019-04-17T12:23:24Z", + "updated_at": "2020-12-01T08:45:17Z", + "pushed_at": "2019-04-17T15:05:09Z", + "stargazers_count": 155, + "watchers_count": 155, + "forks_count": 52, + "forks": 52, + "watchers": 155, + "score": 0 + }, + { + "id": 185175648, + "name": "CVE-2019-2618-", + "full_name": "wsfengfan\/CVE-2019-2618-", + "owner": { + "login": "wsfengfan", + "id": 33821840, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/33821840?v=4", + "html_url": "https:\/\/github.com\/wsfengfan" + }, + "html_url": "https:\/\/github.com\/wsfengfan\/CVE-2019-2618-", + "description": "CVE-2019-2618-自己编写", + "fork": false, + "created_at": "2019-05-06T10:33:26Z", + "updated_at": "2019-07-17T08:53:14Z", + "pushed_at": "2019-07-17T08:53:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, { "id": 193069571, "name": "WeblogicScan", @@ -67,5 +136,28 @@ "forks": 3, "watchers": 1, "score": 0 + }, + { + "id": 233997916, + "name": "weblogicScanner", + "full_name": "0xn0ne\/weblogicScanner", + "owner": { + "login": "0xn0ne", + "id": 16507416, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/16507416?v=4", + "html_url": "https:\/\/github.com\/0xn0ne" + }, + "html_url": "https:\/\/github.com\/0xn0ne\/weblogicScanner", + "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883", + "fork": false, + "created_at": "2020-01-15T04:26:29Z", + "updated_at": "2020-12-31T05:26:07Z", + "pushed_at": "2020-11-27T15:10:58Z", + "stargazers_count": 852, + "watchers_count": 852, + "forks_count": 204, + "forks": 204, + "watchers": 852, + "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-2725.json b/2019/CVE-2019-2725.json index ac35ee0dd9..e17a9feb85 100644 --- a/2019/CVE-2019-2725.json +++ b/2019/CVE-2019-2725.json @@ -22,6 +22,98 @@ "watchers": 255, "score": 0 }, + { + "id": 183346706, + "name": "CNVD-C-2019-48814-CNNVD-201904-961", + "full_name": "SkyBlueEternal\/CNVD-C-2019-48814-CNNVD-201904-961", + "owner": { + "login": "SkyBlueEternal", + "id": 46418185, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46418185?v=4", + "html_url": "https:\/\/github.com\/SkyBlueEternal" + }, + "html_url": "https:\/\/github.com\/SkyBlueEternal\/CNVD-C-2019-48814-CNNVD-201904-961", + "description": "CVE-2019-2725poc汇总 更新绕过CVE-2017-10271补丁POC", + "fork": false, + "created_at": "2019-04-25T03:07:53Z", + "updated_at": "2020-12-15T07:25:50Z", + "pushed_at": "2019-04-29T02:06:00Z", + "stargazers_count": 104, + "watchers_count": 104, + "forks_count": 37, + "forks": 37, + "watchers": 104, + "score": 0 + }, + { + "id": 183843413, + "name": "CNTA-2019-0014xCVE-2019-2725", + "full_name": "iceMatcha\/CNTA-2019-0014xCVE-2019-2725", + "owner": { + "login": "iceMatcha", + "id": 18480525, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/18480525?v=4", + "html_url": "https:\/\/github.com\/iceMatcha" + }, + "html_url": "https:\/\/github.com\/iceMatcha\/CNTA-2019-0014xCVE-2019-2725", + "description": null, + "fork": false, + "created_at": "2019-04-28T02:18:42Z", + "updated_at": "2020-08-27T07:53:35Z", + "pushed_at": "2019-05-13T10:14:01Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 8, + "forks": 8, + "watchers": 11, + "score": 0 + }, + { + "id": 184489534, + "name": "cve-2019-2725", + "full_name": "lasensio\/cve-2019-2725", + "owner": { + "login": "lasensio", + "id": 17970238, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/17970238?v=4", + "html_url": "https:\/\/github.com\/lasensio" + }, + "html_url": "https:\/\/github.com\/lasensio\/cve-2019-2725", + "description": null, + "fork": false, + "created_at": "2019-05-01T22:25:14Z", + "updated_at": "2020-12-11T08:35:59Z", + "pushed_at": "2019-05-01T23:00:39Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 14, + "forks": 14, + "watchers": 19, + "score": 0 + }, + { + "id": 184651903, + "name": "CVE-2019-2725", + "full_name": "davidmthomsen\/CVE-2019-2725", + "owner": { + "login": "davidmthomsen", + "id": 22969004, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22969004?v=4", + "html_url": "https:\/\/github.com\/davidmthomsen" + }, + "html_url": "https:\/\/github.com\/davidmthomsen\/CVE-2019-2725", + "description": null, + "fork": false, + "created_at": "2019-05-02T21:09:36Z", + "updated_at": "2020-10-05T20:10:46Z", + "pushed_at": "2019-05-02T21:11:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, { "id": 185003239, "name": "CVE-2019-2725", @@ -114,6 +206,121 @@ "watchers": 0, "score": 0 }, + { + "id": 191100816, + "name": "CVE-2019-2725", + "full_name": "TopScrew\/CVE-2019-2725", + "owner": { + "login": "TopScrew", + "id": 35072495, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/35072495?v=4", + "html_url": "https:\/\/github.com\/TopScrew" + }, + "html_url": "https:\/\/github.com\/TopScrew\/CVE-2019-2725", + "description": "CVE-2019-2725命令回显+webshell上传+最新绕过", + "fork": false, + "created_at": "2019-06-10T05:12:44Z", + "updated_at": "2020-12-01T14:14:40Z", + "pushed_at": "2019-06-21T03:33:05Z", + "stargazers_count": 141, + "watchers_count": 141, + "forks_count": 61, + "forks": 61, + "watchers": 141, + "score": 0 + }, + { + "id": 191266797, + "name": "CVE-2019-2725", + "full_name": "welove88888\/CVE-2019-2725", + "owner": { + "login": "welove88888", + "id": 29443226, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29443226?v=4", + "html_url": "https:\/\/github.com\/welove88888" + }, + "html_url": "https:\/\/github.com\/welove88888\/CVE-2019-2725", + "description": null, + "fork": false, + "created_at": "2019-06-11T00:49:56Z", + "updated_at": "2020-09-08T09:10:11Z", + "pushed_at": "2019-06-11T00:50:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 192078128, + "name": "CVE-2019-2725", + "full_name": "jiansiting\/CVE-2019-2725", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-2725", + "description": "weblogic绕过和wls远程执行", + "fork": false, + "created_at": "2019-06-15T12:51:19Z", + "updated_at": "2020-09-05T21:04:26Z", + "pushed_at": "2019-06-15T12:53:21Z", + "stargazers_count": 31, + "watchers_count": 31, + "forks_count": 35, + "forks": 35, + "watchers": 31, + "score": 0 + }, + { + "id": 192157128, + "name": "CVE-2019-2725", + "full_name": "kerlingcode\/CVE-2019-2725", + "owner": { + "login": "kerlingcode", + "id": 21171415, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/21171415?v=4", + "html_url": "https:\/\/github.com\/kerlingcode" + }, + "html_url": "https:\/\/github.com\/kerlingcode\/CVE-2019-2725", + "description": "CVE-2019-2725 bypass pocscan and exp ", + "fork": false, + "created_at": "2019-06-16T06:17:09Z", + "updated_at": "2020-03-17T08:04:13Z", + "pushed_at": "2019-06-21T01:44:11Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 8, + "forks": 8, + "watchers": 10, + "score": 0 + }, + { + "id": 193466146, + "name": "Weblogic", + "full_name": "black-mirror\/Weblogic", + "owner": { + "login": "black-mirror", + "id": 42571043, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/42571043?v=4", + "html_url": "https:\/\/github.com\/black-mirror" + }, + "html_url": "https:\/\/github.com\/black-mirror\/Weblogic", + "description": "Weblogic CVE-2019-2725 CVE-2019-2729 Getshell 命令执行 ", + "fork": false, + "created_at": "2019-06-24T08:33:07Z", + "updated_at": "2020-09-27T00:38:51Z", + "pushed_at": "2019-07-15T06:03:15Z", + "stargazers_count": 61, + "watchers_count": 61, + "forks_count": 22, + "forks": 22, + "watchers": 61, + "score": 0 + }, { "id": 203902761, "name": "CVE-2019-2725", diff --git a/2019/CVE-2019-3396.json b/2019/CVE-2019-3396.json index 1109823537..7aeafbef0d 100644 --- a/2019/CVE-2019-3396.json +++ b/2019/CVE-2019-3396.json @@ -45,6 +45,29 @@ "watchers": 22, "score": 0 }, + { + "id": 180347878, + "name": "CVE-2019-3396", + "full_name": "xiaoshuier\/CVE-2019-3396", + "owner": { + "login": "xiaoshuier", + "id": 28529214, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/28529214?v=4", + "html_url": "https:\/\/github.com\/xiaoshuier" + }, + "html_url": "https:\/\/github.com\/xiaoshuier\/CVE-2019-3396", + "description": null, + "fork": false, + "created_at": "2019-04-09T11:01:41Z", + "updated_at": "2020-07-11T12:06:45Z", + "pushed_at": "2019-04-09T10:59:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 180483984, "name": "CVE-2019-3396_EXP", @@ -91,6 +114,52 @@ "watchers": 110, "score": 0 }, + { + "id": 180485239, + "name": "CVE-2019-3396", + "full_name": "pyn3rd\/CVE-2019-3396", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2019-3396", + "description": "Confluence Widget Connector RCE", + "fork": false, + "created_at": "2019-04-10T02:24:29Z", + "updated_at": "2020-10-24T17:33:04Z", + "pushed_at": "2019-04-10T02:26:45Z", + "stargazers_count": 35, + "watchers_count": 35, + "forks_count": 16, + "forks": 16, + "watchers": 35, + "score": 0 + }, + { + "id": 180528467, + "name": "CVE-2019-3396", + "full_name": "s1xg0d\/CVE-2019-3396", + "owner": { + "login": "s1xg0d", + "id": 8321329, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8321329?v=4", + "html_url": "https:\/\/github.com\/s1xg0d" + }, + "html_url": "https:\/\/github.com\/s1xg0d\/CVE-2019-3396", + "description": null, + "fork": false, + "created_at": "2019-04-10T07:39:42Z", + "updated_at": "2019-05-13T11:39:51Z", + "pushed_at": "2019-05-13T11:39:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 180627265, "name": "CVE-2019-3396", @@ -114,6 +183,52 @@ "watchers": 0, "score": 0 }, + { + "id": 183862751, + "name": "confluence_CVE-2019-3396", + "full_name": "vntest11\/confluence_CVE-2019-3396", + "owner": { + "login": "vntest11", + "id": 46453327, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/46453327?v=4", + "html_url": "https:\/\/github.com\/vntest11" + }, + "html_url": "https:\/\/github.com\/vntest11\/confluence_CVE-2019-3396", + "description": " Confluence Widget Connector path traversal (CVE-2019-3396)", + "fork": false, + "created_at": "2019-04-28T05:59:21Z", + "updated_at": "2019-04-28T06:40:38Z", + "pushed_at": "2019-04-28T06:40:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 194643451, + "name": "test1", + "full_name": "tanw923\/test1", + "owner": { + "login": "tanw923", + "id": 49778932, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/49778932?v=4", + "html_url": "https:\/\/github.com\/tanw923" + }, + "html_url": "https:\/\/github.com\/tanw923\/test1", + "description": "https:\/\/github.com\/Yt1g3r\/CVE-2019-3396_EXP.git", + "fork": false, + "created_at": "2019-07-01T09:35:17Z", + "updated_at": "2019-07-02T15:24:32Z", + "pushed_at": "2019-07-02T15:24:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 203499284, "name": "CVE-2019-3396-confluence-poc", diff --git a/2019/CVE-2019-3398.json b/2019/CVE-2019-3398.json new file mode 100644 index 0000000000..fe9ac2e41f --- /dev/null +++ b/2019/CVE-2019-3398.json @@ -0,0 +1,25 @@ +[ + { + "id": 182378884, + "name": "cve-2019-3398", + "full_name": "superevr\/cve-2019-3398", + "owner": { + "login": "superevr", + "id": 2046483, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/2046483?v=4", + "html_url": "https:\/\/github.com\/superevr" + }, + "html_url": "https:\/\/github.com\/superevr\/cve-2019-3398", + "description": "Python script to exploit confluence path traversal vulnerability cve-2019-3398", + "fork": false, + "created_at": "2019-04-20T08:07:49Z", + "updated_at": "2020-02-29T17:02:55Z", + "pushed_at": "2019-06-06T21:17:09Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 3, + "forks": 3, + "watchers": 11, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3462.json b/2019/CVE-2019-3462.json new file mode 100644 index 0000000000..35d045791f --- /dev/null +++ b/2019/CVE-2019-3462.json @@ -0,0 +1,48 @@ +[ + { + "id": 167275161, + "name": "check_CVE-2019-3462", + "full_name": "tonejito\/check_CVE-2019-3462", + "owner": { + "login": "tonejito", + "id": 618588, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/618588?v=4", + "html_url": "https:\/\/github.com\/tonejito" + }, + "html_url": "https:\/\/github.com\/tonejito\/check_CVE-2019-3462", + "description": "Check @Debian and @Ubuntu #GNU \/ #Linux for CVE-2019-3462 in APT", + "fork": false, + "created_at": "2019-01-24T00:30:15Z", + "updated_at": "2019-01-26T01:21:38Z", + "pushed_at": "2019-01-26T01:21:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 170573944, + "name": "update-apt-package", + "full_name": "atilacastro\/update-apt-package", + "owner": { + "login": "atilacastro", + "id": 5832809, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5832809?v=4", + "html_url": "https:\/\/github.com\/atilacastro" + }, + "html_url": "https:\/\/github.com\/atilacastro\/update-apt-package", + "description": "Playbook update APT package because CVE-2019-3462", + "fork": false, + "created_at": "2019-02-13T20:22:33Z", + "updated_at": "2019-02-14T18:31:31Z", + "pushed_at": "2019-02-14T18:31:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3719.json b/2019/CVE-2019-3719.json new file mode 100644 index 0000000000..da78df9b95 --- /dev/null +++ b/2019/CVE-2019-3719.json @@ -0,0 +1,25 @@ +[ + { + "id": 184369823, + "name": "CVE-2019-3719", + "full_name": "jiansiting\/CVE-2019-3719", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-3719", + "description": null, + "fork": false, + "created_at": "2019-05-01T04:43:55Z", + "updated_at": "2019-06-02T04:14:24Z", + "pushed_at": "2019-05-01T04:50:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3799.json b/2019/CVE-2019-3799.json new file mode 100644 index 0000000000..7f5bd881bf --- /dev/null +++ b/2019/CVE-2019-3799.json @@ -0,0 +1,25 @@ +[ + { + "id": 181969843, + "name": "CVE-2019-3799", + "full_name": "mpgn\/CVE-2019-3799", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-3799", + "description": "CVE-2019-3799 - Spring Cloud Config Server: Directory Traversal < 2.1.2, 2.0.4, 1.4.6", + "fork": false, + "created_at": "2019-04-17T21:19:32Z", + "updated_at": "2020-12-31T02:00:01Z", + "pushed_at": "2019-04-18T10:08:12Z", + "stargazers_count": 31, + "watchers_count": 31, + "forks_count": 5, + "forks": 5, + "watchers": 31, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3847.json b/2019/CVE-2019-3847.json new file mode 100644 index 0000000000..6636a17a7a --- /dev/null +++ b/2019/CVE-2019-3847.json @@ -0,0 +1,25 @@ +[ + { + "id": 179544105, + "name": "moodle-login-csrf", + "full_name": "danielthatcher\/moodle-login-csrf", + "owner": { + "login": "danielthatcher", + "id": 11726509, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/11726509?v=4", + "html_url": "https:\/\/github.com\/danielthatcher" + }, + "html_url": "https:\/\/github.com\/danielthatcher\/moodle-login-csrf", + "description": "Scripts for exploiting MSA-18-0020 (CVE-2018-16854) and MSA-19-0004 (CVE-2019-3847)", + "fork": false, + "created_at": "2019-04-04T17:24:47Z", + "updated_at": "2019-09-29T23:50:29Z", + "pushed_at": "2019-07-21T15:52:46Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-48814.json b/2019/CVE-2019-48814.json new file mode 100644 index 0000000000..db63204378 --- /dev/null +++ b/2019/CVE-2019-48814.json @@ -0,0 +1,25 @@ +[ + { + "id": 183850213, + "name": "cve-2019-48814", + "full_name": "wucj001\/cve-2019-48814", + "owner": { + "login": "wucj001", + "id": 29703092, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/29703092?v=4", + "html_url": "https:\/\/github.com\/wucj001" + }, + "html_url": "https:\/\/github.com\/wucj001\/cve-2019-48814", + "description": "漏洞利用工具", + "fork": false, + "created_at": "2019-04-28T03:24:47Z", + "updated_at": "2019-06-19T18:43:16Z", + "pushed_at": "2019-06-19T18:43:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5418.json b/2019/CVE-2019-5418.json index fd99dd2523..992c92144a 100644 --- a/2019/CVE-2019-5418.json +++ b/2019/CVE-2019-5418.json @@ -1,4 +1,73 @@ [ + { + "id": 175966226, + "name": "CVE-2019-5418", + "full_name": "mpgn\/CVE-2019-5418", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-5418", + "description": "CVE-2019-5418 - File Content Disclosure on Ruby on Rails", + "fork": false, + "created_at": "2019-03-16T11:58:18Z", + "updated_at": "2021-01-01T07:53:06Z", + "pushed_at": "2019-03-25T07:19:58Z", + "stargazers_count": 165, + "watchers_count": 165, + "forks_count": 20, + "forks": 20, + "watchers": 165, + "score": 0 + }, + { + "id": 176323109, + "name": "CVE-2019-5418", + "full_name": "omarkurt\/CVE-2019-5418", + "owner": { + "login": "omarkurt", + "id": 1712468, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/1712468?v=4", + "html_url": "https:\/\/github.com\/omarkurt" + }, + "html_url": "https:\/\/github.com\/omarkurt\/CVE-2019-5418", + "description": "File Content Disclosure on Rails Test Case - CVE-2019-5418", + "fork": false, + "created_at": "2019-03-18T16:09:13Z", + "updated_at": "2020-04-17T21:45:45Z", + "pushed_at": "2019-03-18T16:15:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 1, + "forks": 1, + "watchers": 7, + "score": 0 + }, + { + "id": 176545257, + "name": "CVE-2019-5418-Scanner", + "full_name": "brompwnie\/CVE-2019-5418-Scanner", + "owner": { + "login": "brompwnie", + "id": 8638589, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8638589?v=4", + "html_url": "https:\/\/github.com\/brompwnie" + }, + "html_url": "https:\/\/github.com\/brompwnie\/CVE-2019-5418-Scanner", + "description": "A multi-threaded Golang scanner to identify Ruby endpoints vulnerable to CVE-2019-5418", + "fork": false, + "created_at": "2019-03-19T15:38:01Z", + "updated_at": "2020-08-23T16:04:43Z", + "pushed_at": "2019-03-21T17:26:06Z", + "stargazers_count": 32, + "watchers_count": 32, + "forks_count": 16, + "forks": 16, + "watchers": 32, + "score": 0 + }, { "id": 177236589, "name": "Rails-doubletap-RCE", @@ -22,6 +91,29 @@ "watchers": 105, "score": 0 }, + { + "id": 178527770, + "name": "CVE-2019-5418", + "full_name": "takeokunn\/CVE-2019-5418", + "owner": { + "login": "takeokunn", + "id": 11222510, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11222510?v=4", + "html_url": "https:\/\/github.com\/takeokunn" + }, + "html_url": "https:\/\/github.com\/takeokunn\/CVE-2019-5418", + "description": null, + "fork": false, + "created_at": "2019-03-30T07:40:11Z", + "updated_at": "2019-10-24T19:07:56Z", + "pushed_at": "2019-03-30T07:54:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, { "id": 178909066, "name": "RailroadBandit", diff --git a/2019/CVE-2019-5420.json b/2019/CVE-2019-5420.json new file mode 100644 index 0000000000..e24997cd8a --- /dev/null +++ b/2019/CVE-2019-5420.json @@ -0,0 +1,48 @@ +[ + { + "id": 176976251, + "name": "CVE-2019-5420", + "full_name": "knqyf263\/CVE-2019-5420", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-5420", + "description": "CVE-2019-5420 (Ruby on Rails)", + "fork": false, + "created_at": "2019-03-21T15:42:54Z", + "updated_at": "2020-07-31T01:42:44Z", + "pushed_at": "2019-03-21T23:52:48Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 0, + "forks": 0, + "watchers": 7, + "score": 0 + }, + { + "id": 178050921, + "name": "cve-2019-5420", + "full_name": "cved-sources\/cve-2019-5420", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-5420", + "description": "cve-2019-5420", + "fork": false, + "created_at": "2019-03-27T18:16:46Z", + "updated_at": "2019-03-27T18:17:07Z", + "pushed_at": "2019-03-27T18:17:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5624.json b/2019/CVE-2019-5624.json new file mode 100644 index 0000000000..60ddc2a97d --- /dev/null +++ b/2019/CVE-2019-5624.json @@ -0,0 +1,25 @@ +[ + { + "id": 184600046, + "name": "CVE-2019-5624", + "full_name": "VoidSec\/CVE-2019-5624", + "owner": { + "login": "VoidSec", + "id": 5717603, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/5717603?v=4", + "html_url": "https:\/\/github.com\/VoidSec" + }, + "html_url": "https:\/\/github.com\/VoidSec\/CVE-2019-5624", + "description": "A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE) ", + "fork": false, + "created_at": "2019-05-02T14:54:08Z", + "updated_at": "2020-12-01T09:32:18Z", + "pushed_at": "2019-05-02T15:15:51Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 6, + "forks": 6, + "watchers": 13, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5736.json b/2019/CVE-2019-5736.json index 1428e19016..4cbe779fae 100644 --- a/2019/CVE-2019-5736.json +++ b/2019/CVE-2019-5736.json @@ -1,4 +1,188 @@ [ + { + "id": 170398859, + "name": "cve-2019-5736-poc", + "full_name": "q3k\/cve-2019-5736-poc", + "owner": { + "login": "q3k", + "id": 315234, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/315234?v=4", + "html_url": "https:\/\/github.com\/q3k" + }, + "html_url": "https:\/\/github.com\/q3k\/cve-2019-5736-poc", + "description": "Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)", + "fork": false, + "created_at": "2019-02-12T22:07:47Z", + "updated_at": "2020-12-08T07:56:17Z", + "pushed_at": "2019-02-20T15:35:34Z", + "stargazers_count": 180, + "watchers_count": 180, + "forks_count": 63, + "forks": 63, + "watchers": 180, + "score": 0 + }, + { + "id": 170445833, + "name": "CVE-2019-5736-PoC", + "full_name": "Frichetten\/CVE-2019-5736-PoC", + "owner": { + "login": "Frichetten", + "id": 10386884, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/10386884?v=4", + "html_url": "https:\/\/github.com\/Frichetten" + }, + "html_url": "https:\/\/github.com\/Frichetten\/CVE-2019-5736-PoC", + "description": "PoC for CVE-2019-5736", + "fork": false, + "created_at": "2019-02-13T05:26:32Z", + "updated_at": "2020-12-31T11:03:48Z", + "pushed_at": "2019-02-19T11:45:13Z", + "stargazers_count": 442, + "watchers_count": 442, + "forks_count": 111, + "forks": 111, + "watchers": 442, + "score": 0 + }, + { + "id": 170454928, + "name": "cve-2019-5736", + "full_name": "jakubkrawczyk\/cve-2019-5736", + "owner": { + "login": "jakubkrawczyk", + "id": 22723539, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/22723539?v=4", + "html_url": "https:\/\/github.com\/jakubkrawczyk" + }, + "html_url": "https:\/\/github.com\/jakubkrawczyk\/cve-2019-5736", + "description": "My attempt to create PoC of CVE-2019-5736 (Docker escape)", + "fork": false, + "created_at": "2019-02-13T06:41:01Z", + "updated_at": "2020-08-06T13:05:54Z", + "pushed_at": "2019-02-13T06:46:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 170613828, + "name": "CVE-2019-5736", + "full_name": "jas502n\/CVE-2019-5736", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-5736", + "description": "runc容器逃逸漏洞预警", + "fork": false, + "created_at": "2019-02-14T02:30:12Z", + "updated_at": "2020-02-03T01:45:33Z", + "pushed_at": "2019-02-14T02:40:55Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 4, + "forks": 4, + "watchers": 14, + "score": 0 + }, + { + "id": 170656576, + "name": "CVE-2019-5736", + "full_name": "likescam\/CVE-2019-5736", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2019-5736", + "description": null, + "fork": false, + "created_at": "2019-02-14T08:37:25Z", + "updated_at": "2019-02-14T08:37:36Z", + "pushed_at": "2019-02-14T08:37:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 170656601, + "name": "cve-2019-5736-poc", + "full_name": "likescam\/cve-2019-5736-poc", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/cve-2019-5736-poc", + "description": null, + "fork": false, + "created_at": "2019-02-14T08:37:39Z", + "updated_at": "2019-02-14T08:37:49Z", + "pushed_at": "2019-02-14T08:37:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 170836971, + "name": "cve-2019-5736-poc", + "full_name": "agppp\/cve-2019-5736-poc", + "owner": { + "login": "agppp", + "id": 10527860, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/10527860?v=4", + "html_url": "https:\/\/github.com\/agppp" + }, + "html_url": "https:\/\/github.com\/agppp\/cve-2019-5736-poc", + "description": "getshell test", + "fork": false, + "created_at": "2019-02-15T09:22:27Z", + "updated_at": "2019-02-15T09:49:47Z", + "pushed_at": "2019-02-15T09:49:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 171499608, + "name": "poc-cve-2019-5736", + "full_name": "b3d3c\/poc-cve-2019-5736", + "owner": { + "login": "b3d3c", + "id": 46558799, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46558799?v=4", + "html_url": "https:\/\/github.com\/b3d3c" + }, + "html_url": "https:\/\/github.com\/b3d3c\/poc-cve-2019-5736", + "description": null, + "fork": false, + "created_at": "2019-02-19T15:34:18Z", + "updated_at": "2019-06-04T10:53:26Z", + "pushed_at": "2019-02-19T15:37:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, { "id": 171668415, "name": "RunC-CVE-2019-5736", @@ -22,6 +206,52 @@ "watchers": 51, "score": 0 }, + { + "id": 173057459, + "name": "CVE-2019-5736-PoC-2", + "full_name": "yyqs2008\/CVE-2019-5736-PoC-2", + "owner": { + "login": "yyqs2008", + "id": 1332668, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1332668?v=4", + "html_url": "https:\/\/github.com\/yyqs2008" + }, + "html_url": "https:\/\/github.com\/yyqs2008\/CVE-2019-5736-PoC-2", + "description": null, + "fork": false, + "created_at": "2019-02-28T06:48:13Z", + "updated_at": "2020-06-11T14:27:08Z", + "pushed_at": "2019-02-23T13:20:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 174545720, + "name": "CVE-2019-5736-PoC", + "full_name": "zyriuse75\/CVE-2019-5736-PoC", + "owner": { + "login": "zyriuse75", + "id": 225690, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/225690?v=4", + "html_url": "https:\/\/github.com\/zyriuse75" + }, + "html_url": "https:\/\/github.com\/zyriuse75\/CVE-2019-5736-PoC", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-5736 poc of CVE-2019-5736 ", + "fork": false, + "created_at": "2019-03-08T13:50:57Z", + "updated_at": "2019-03-08T13:50:59Z", + "pushed_at": "2019-03-08T13:50:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 177891884, "name": "CVE-2019-5736", @@ -45,6 +275,75 @@ "watchers": 0, "score": 0 }, + { + "id": 181238407, + "name": "cve-2019-5736-exp", + "full_name": "milloni\/cve-2019-5736-exp", + "owner": { + "login": "milloni", + "id": 2845035, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/2845035?v=4", + "html_url": "https:\/\/github.com\/milloni" + }, + "html_url": "https:\/\/github.com\/milloni\/cve-2019-5736-exp", + "description": "Exploit for CVE-2019-5736 runc vulnerability", + "fork": false, + "created_at": "2019-04-13T23:18:54Z", + "updated_at": "2019-04-16T18:18:42Z", + "pushed_at": "2019-04-14T21:39:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 3, + "forks": 3, + "watchers": 0, + "score": 0 + }, + { + "id": 185733954, + "name": "Docker-Runc-Exploit", + "full_name": "13paulmurith\/Docker-Runc-Exploit", + "owner": { + "login": "13paulmurith", + "id": 26403285, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/26403285?v=4", + "html_url": "https:\/\/github.com\/13paulmurith" + }, + "html_url": "https:\/\/github.com\/13paulmurith\/Docker-Runc-Exploit", + "description": "Docker runc CVE-2019-5736 exploit Dockerfile. Credits : https:\/\/github.com\/Frichetten\/CVE-2019-5736-PoC.git", + "fork": false, + "created_at": "2019-05-09T05:45:21Z", + "updated_at": "2019-05-09T05:47:46Z", + "pushed_at": "2019-05-09T05:47:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 194520468, + "name": "CVE-2019-5736-POC", + "full_name": "RyanNgWH\/CVE-2019-5736-POC", + "owner": { + "login": "RyanNgWH", + "id": 44436551, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/44436551?v=4", + "html_url": "https:\/\/github.com\/RyanNgWH" + }, + "html_url": "https:\/\/github.com\/RyanNgWH\/CVE-2019-5736-POC", + "description": "Proof of concept code for breaking out of docker via runC", + "fork": false, + "created_at": "2019-06-30T13:42:14Z", + "updated_at": "2019-06-30T16:33:39Z", + "pushed_at": "2019-06-30T16:33:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 200632359, "name": "cve-2019-5736-study", diff --git a/2019/CVE-2019-5737.json b/2019/CVE-2019-5737.json new file mode 100644 index 0000000000..5e2a08e2c0 --- /dev/null +++ b/2019/CVE-2019-5737.json @@ -0,0 +1,25 @@ +[ + { + "id": 172282648, + "name": "cve-2019-5737", + "full_name": "beelzebruh\/cve-2019-5737", + "owner": { + "login": "beelzebruh", + "id": 39379168, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/39379168?v=4", + "html_url": "https:\/\/github.com\/beelzebruh" + }, + "html_url": "https:\/\/github.com\/beelzebruh\/cve-2019-5737", + "description": null, + "fork": false, + "created_at": "2019-02-24T01:20:04Z", + "updated_at": "2020-05-12T03:29:52Z", + "pushed_at": "2019-02-24T03:43:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5786.json b/2019/CVE-2019-5786.json new file mode 100644 index 0000000000..deb28163ca --- /dev/null +++ b/2019/CVE-2019-5786.json @@ -0,0 +1,25 @@ +[ + { + "id": 176796740, + "name": "CVE-2019-5786", + "full_name": "exodusintel\/CVE-2019-5786", + "owner": { + "login": "exodusintel", + "id": 16653014, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16653014?v=4", + "html_url": "https:\/\/github.com\/exodusintel" + }, + "html_url": "https:\/\/github.com\/exodusintel\/CVE-2019-5786", + "description": "FileReader Exploit", + "fork": false, + "created_at": "2019-03-20T18:43:49Z", + "updated_at": "2020-12-31T02:54:21Z", + "pushed_at": "2019-03-20T18:47:25Z", + "stargazers_count": 253, + "watchers_count": 253, + "forks_count": 86, + "forks": 86, + "watchers": 253, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6203.json b/2019/CVE-2019-6203.json new file mode 100644 index 0000000000..1e01377477 --- /dev/null +++ b/2019/CVE-2019-6203.json @@ -0,0 +1,25 @@ +[ + { + "id": 185970201, + "name": "CVE-2019-6203-PoC", + "full_name": "qingxp9\/CVE-2019-6203-PoC", + "owner": { + "login": "qingxp9", + "id": 2822242, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2822242?v=4", + "html_url": "https:\/\/github.com\/qingxp9" + }, + "html_url": "https:\/\/github.com\/qingxp9\/CVE-2019-6203-PoC", + "description": "PoC for CVE-2019-6203, works on < iOS 12.2, macOS < 10.14.4", + "fork": false, + "created_at": "2019-05-10T10:36:54Z", + "updated_at": "2020-12-29T01:02:40Z", + "pushed_at": "2019-05-17T03:10:30Z", + "stargazers_count": 30, + "watchers_count": 30, + "forks_count": 12, + "forks": 12, + "watchers": 30, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6207.json b/2019/CVE-2019-6207.json index 45b410a1e3..6dfc14aedf 100644 --- a/2019/CVE-2019-6207.json +++ b/2019/CVE-2019-6207.json @@ -1,4 +1,27 @@ [ + { + "id": 187157796, + "name": "CVE-2019-6207", + "full_name": "dothanthitiendiettiende\/CVE-2019-6207", + "owner": { + "login": "dothanthitiendiettiende", + "id": 29480786, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/29480786?v=4", + "html_url": "https:\/\/github.com\/dothanthitiendiettiende" + }, + "html_url": "https:\/\/github.com\/dothanthitiendiettiende\/CVE-2019-6207", + "description": "getdirentriesattr kernel heap inofo leak", + "fork": false, + "created_at": "2019-05-17T06:17:51Z", + "updated_at": "2019-05-17T06:29:13Z", + "pushed_at": "2019-05-17T06:17:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 187160556, "name": "CVE-2019-6207", diff --git a/2019/CVE-2019-6225.json b/2019/CVE-2019-6225.json new file mode 100644 index 0000000000..f81ecdaab2 --- /dev/null +++ b/2019/CVE-2019-6225.json @@ -0,0 +1,71 @@ +[ + { + "id": 168440280, + "name": "OsirisJailbreak12", + "full_name": "fatgrass\/OsirisJailbreak12", + "owner": { + "login": "fatgrass", + "id": 19977419, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/19977419?v=4", + "html_url": "https:\/\/github.com\/fatgrass" + }, + "html_url": "https:\/\/github.com\/fatgrass\/OsirisJailbreak12", + "description": "iOS 12.0 -> 12.1.2 Incomplete Osiris Jailbreak with CVE-2019-6225 by GeoSn0w (FCE365)", + "fork": false, + "created_at": "2019-01-31T01:03:43Z", + "updated_at": "2020-07-28T09:05:58Z", + "pushed_at": "2019-01-31T00:53:03Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 73, + "forks": 73, + "watchers": 10, + "score": 0 + }, + { + "id": 194542840, + "name": "CVE-2019-6225-macOS", + "full_name": "TrungNguyen1909\/CVE-2019-6225-macOS", + "owner": { + "login": "TrungNguyen1909", + "id": 22745058, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22745058?v=4", + "html_url": "https:\/\/github.com\/TrungNguyen1909" + }, + "html_url": "https:\/\/github.com\/TrungNguyen1909\/CVE-2019-6225-macOS", + "description": null, + "fork": false, + "created_at": "2019-06-30T17:26:53Z", + "updated_at": "2020-04-01T13:37:24Z", + "pushed_at": "2019-06-30T17:28:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 201224192, + "name": "jailbreak-iOS12", + "full_name": "raystyle\/jailbreak-iOS12", + "owner": { + "login": "raystyle", + "id": 3284570, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3284570?v=4", + "html_url": "https:\/\/github.com\/raystyle" + }, + "html_url": "https:\/\/github.com\/raystyle\/jailbreak-iOS12", + "description": "OS 12.0 & 12.1.2 - Jailbreak with CVE-2019-6225", + "fork": false, + "created_at": "2019-08-08T09:22:57Z", + "updated_at": "2019-09-28T04:38:14Z", + "pushed_at": "2019-02-27T12:57:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6249.json b/2019/CVE-2019-6249.json new file mode 100644 index 0000000000..c5a86d0fc2 --- /dev/null +++ b/2019/CVE-2019-6249.json @@ -0,0 +1,25 @@ +[ + { + "id": 171827364, + "name": "CVE-2019-6249_Hucart-cms", + "full_name": "NMTech0x90\/CVE-2019-6249_Hucart-cms", + "owner": { + "login": "NMTech0x90", + "id": 27001865, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/27001865?v=4", + "html_url": "https:\/\/github.com\/NMTech0x90" + }, + "html_url": "https:\/\/github.com\/NMTech0x90\/CVE-2019-6249_Hucart-cms", + "description": "CVE-2019-6249 Hucart cms 复现环境", + "fork": false, + "created_at": "2019-02-21T08:03:43Z", + "updated_at": "2020-03-25T03:29:55Z", + "pushed_at": "2019-02-21T08:22:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6340.json b/2019/CVE-2019-6340.json index 73e80464d5..a273123919 100644 --- a/2019/CVE-2019-6340.json +++ b/2019/CVE-2019-6340.json @@ -1,4 +1,142 @@ [ + { + "id": 172094613, + "name": "Drupal-SA-CORE-2019-003", + "full_name": "g0rx\/Drupal-SA-CORE-2019-003", + "owner": { + "login": "g0rx", + "id": 10961397, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/10961397?v=4", + "html_url": "https:\/\/github.com\/g0rx" + }, + "html_url": "https:\/\/github.com\/g0rx\/Drupal-SA-CORE-2019-003", + "description": "CVE-2019-6340-Drupal SA-CORE-2019-003", + "fork": false, + "created_at": "2019-02-22T16:03:40Z", + "updated_at": "2020-11-04T08:14:58Z", + "pushed_at": "2019-02-24T18:43:05Z", + "stargazers_count": 32, + "watchers_count": 32, + "forks_count": 9, + "forks": 9, + "watchers": 32, + "score": 0 + }, + { + "id": 172217636, + "name": "CVE-2019-6340", + "full_name": "knqyf263\/CVE-2019-6340", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-6340", + "description": "Environment for CVE-2019-6340 (Drupal)", + "fork": false, + "created_at": "2019-02-23T13:28:58Z", + "updated_at": "2020-04-02T13:09:08Z", + "pushed_at": "2019-02-23T17:34:19Z", + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 10, + "forks": 10, + "watchers": 41, + "score": 0 + }, + { + "id": 172429144, + "name": "CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass", + "full_name": "DevDungeon\/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass", + "owner": { + "login": "DevDungeon", + "id": 16630634, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/16630634?v=4", + "html_url": "https:\/\/github.com\/DevDungeon" + }, + "html_url": "https:\/\/github.com\/DevDungeon\/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass", + "description": "CVE-2019-6340 Drupal 8.6.9 REST Auth Bypass examples", + "fork": false, + "created_at": "2019-02-25T03:38:47Z", + "updated_at": "2020-05-30T04:32:25Z", + "pushed_at": "2019-02-25T03:47:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 6, + "forks": 6, + "watchers": 3, + "score": 0 + }, + { + "id": 172458734, + "name": "CVE-2019-6340", + "full_name": "oways\/CVE-2019-6340", + "owner": { + "login": "oways", + "id": 11142952, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/11142952?v=4", + "html_url": "https:\/\/github.com\/oways" + }, + "html_url": "https:\/\/github.com\/oways\/CVE-2019-6340", + "description": "CVE-2019-6340 POC Drupal rce", + "fork": false, + "created_at": "2019-02-25T07:47:16Z", + "updated_at": "2020-04-02T11:50:43Z", + "pushed_at": "2019-02-25T08:57:14Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 6, + "forks": 6, + "watchers": 12, + "score": 0 + }, + { + "id": 172766416, + "name": "cve-2019-6340", + "full_name": "cved-sources\/cve-2019-6340", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-6340", + "description": "cve-2019-6340", + "fork": false, + "created_at": "2019-02-26T18:26:50Z", + "updated_at": "2020-04-02T13:08:58Z", + "pushed_at": "2019-02-26T18:38:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 175109773, + "name": "cve-2019-6340-bits", + "full_name": "d1vious\/cve-2019-6340-bits", + "owner": { + "login": "d1vious", + "id": 1476868, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1476868?v=4", + "html_url": "https:\/\/github.com\/d1vious" + }, + "html_url": "https:\/\/github.com\/d1vious\/cve-2019-6340-bits", + "description": "Bits generated while analyzing CVE-2019-6340 Drupal RESTful RCE", + "fork": false, + "created_at": "2019-03-12T01:13:56Z", + "updated_at": "2019-04-15T07:13:03Z", + "pushed_at": "2019-03-12T01:41:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 188896047, "name": "CVE-2019-6340", diff --git a/2019/CVE-2019-6440.json b/2019/CVE-2019-6440.json new file mode 100644 index 0000000000..db6f526fc8 --- /dev/null +++ b/2019/CVE-2019-6440.json @@ -0,0 +1,25 @@ +[ + { + "id": 170884262, + "name": "CVE-2019-6440", + "full_name": "hexnone\/CVE-2019-6440", + "owner": { + "login": "hexnone", + "id": 17256467, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/17256467?v=4", + "html_url": "https:\/\/github.com\/hexnone" + }, + "html_url": "https:\/\/github.com\/hexnone\/CVE-2019-6440", + "description": "CVE-2019-6440. Zemana RCE and privilege escalation.", + "fork": false, + "created_at": "2019-02-15T15:15:52Z", + "updated_at": "2019-03-22T18:53:26Z", + "pushed_at": "2019-03-22T18:53:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6446.json b/2019/CVE-2019-6446.json new file mode 100644 index 0000000000..0255d5f233 --- /dev/null +++ b/2019/CVE-2019-6446.json @@ -0,0 +1,25 @@ +[ + { + "id": 186728497, + "name": "CVE-2019-6446", + "full_name": "RayScri\/CVE-2019-6446", + "owner": { + "login": "RayScri", + "id": 49472130, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/49472130?v=4", + "html_url": "https:\/\/github.com\/RayScri" + }, + "html_url": "https:\/\/github.com\/RayScri\/CVE-2019-6446", + "description": "Numpy deserialization command execution", + "fork": false, + "created_at": "2019-05-15T01:39:53Z", + "updated_at": "2020-05-08T12:12:22Z", + "pushed_at": "2019-05-15T02:22:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 5, + "forks": 5, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6447.json b/2019/CVE-2019-6447.json index 84d7680872..8f03d51c12 100644 --- a/2019/CVE-2019-6447.json +++ b/2019/CVE-2019-6447.json @@ -1,4 +1,27 @@ [ + { + "id": 164948400, + "name": "ESFileExplorerOpenPortVuln", + "full_name": "fs0c131y\/ESFileExplorerOpenPortVuln", + "owner": { + "login": "fs0c131y", + "id": 36547191, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/36547191?v=4", + "html_url": "https:\/\/github.com\/fs0c131y" + }, + "html_url": "https:\/\/github.com\/fs0c131y\/ESFileExplorerOpenPortVuln", + "description": "ES File Explorer Open Port Vulnerability - CVE-2019-6447", + "fork": false, + "created_at": "2019-01-09T22:30:42Z", + "updated_at": "2021-01-01T06:18:55Z", + "pushed_at": "2019-01-22T21:00:36Z", + "stargazers_count": 590, + "watchers_count": 590, + "forks_count": 131, + "forks": 131, + "watchers": 590, + "score": 0 + }, { "id": 263921419, "name": "ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447", diff --git a/2019/CVE-2019-6453.json b/2019/CVE-2019-6453.json index 8c80f84d58..0f586b9dc2 100644 --- a/2019/CVE-2019-6453.json +++ b/2019/CVE-2019-6453.json @@ -1,4 +1,27 @@ [ + { + "id": 171244957, + "name": "cve-2019-6453-poc", + "full_name": "proofofcalc\/cve-2019-6453-poc", + "owner": { + "login": "proofofcalc", + "id": 47607270, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/47607270?v=4", + "html_url": "https:\/\/github.com\/proofofcalc" + }, + "html_url": "https:\/\/github.com\/proofofcalc\/cve-2019-6453-poc", + "description": "Proof of calc for CVE-2019-6453", + "fork": false, + "created_at": "2019-02-18T08:35:03Z", + "updated_at": "2020-11-03T21:48:56Z", + "pushed_at": "2019-02-18T13:10:38Z", + "stargazers_count": 49, + "watchers_count": 49, + "forks_count": 14, + "forks": 14, + "watchers": 49, + "score": 0 + }, { "id": 197653851, "name": "mIRC-CVE-2019-6453", diff --git a/2019/CVE-2019-6467.json b/2019/CVE-2019-6467.json new file mode 100644 index 0000000000..c4efe62894 --- /dev/null +++ b/2019/CVE-2019-6467.json @@ -0,0 +1,25 @@ +[ + { + "id": 183349186, + "name": "CVE-2019-6467", + "full_name": "knqyf263\/CVE-2019-6467", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-6467", + "description": "CVE-2019-6467 (BIND nxdomain-redirect)", + "fork": false, + "created_at": "2019-04-25T03:26:42Z", + "updated_at": "2020-06-24T02:18:49Z", + "pushed_at": "2019-04-25T04:06:48Z", + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 6, + "forks": 6, + "watchers": 26, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7216.json b/2019/CVE-2019-7216.json new file mode 100644 index 0000000000..2506034ea5 --- /dev/null +++ b/2019/CVE-2019-7216.json @@ -0,0 +1,25 @@ +[ + { + "id": 168365175, + "name": "CVE-2019-7216", + "full_name": "Ekultek\/CVE-2019-7216", + "owner": { + "login": "Ekultek", + "id": 14183473, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/14183473?v=4", + "html_url": "https:\/\/github.com\/Ekultek" + }, + "html_url": "https:\/\/github.com\/Ekultek\/CVE-2019-7216", + "description": "Filechucker filter bypass Proof Of Concept", + "fork": false, + "created_at": "2019-01-30T15:23:40Z", + "updated_at": "2020-03-30T04:22:37Z", + "pushed_at": "2019-02-01T16:56:53Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 6, + "forks": 6, + "watchers": 10, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7238.json b/2019/CVE-2019-7238.json index 36a87d9d37..60fb58bc64 100644 --- a/2019/CVE-2019-7238.json +++ b/2019/CVE-2019-7238.json @@ -1,4 +1,27 @@ [ + { + "id": 172401532, + "name": "CVE-2019-7238", + "full_name": "mpgn\/CVE-2019-7238", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-7238", + "description": "🐱‍💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱‍💻", + "fork": false, + "created_at": "2019-02-24T23:09:43Z", + "updated_at": "2020-12-30T11:55:07Z", + "pushed_at": "2019-02-25T07:37:07Z", + "stargazers_count": 137, + "watchers_count": 137, + "forks_count": 44, + "forks": 44, + "watchers": 137, + "score": 0 + }, { "id": 187840869, "name": "CVE-2019-7238", @@ -22,6 +45,29 @@ "watchers": 57, "score": 0 }, + { + "id": 199046172, + "name": "nexus_rce_CVE-2019-7238", + "full_name": "verctor\/nexus_rce_CVE-2019-7238", + "owner": { + "login": "verctor", + "id": 24811125, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/24811125?v=4", + "html_url": "https:\/\/github.com\/verctor" + }, + "html_url": "https:\/\/github.com\/verctor\/nexus_rce_CVE-2019-7238", + "description": "Some debug notes and exploit(not blind)", + "fork": false, + "created_at": "2019-07-26T16:08:40Z", + "updated_at": "2020-08-09T15:22:02Z", + "pushed_at": "2019-07-28T02:32:07Z", + "stargazers_count": 35, + "watchers_count": 35, + "forks_count": 7, + "forks": 7, + "watchers": 35, + "score": 0 + }, { "id": 233010845, "name": "CVE-2019-7238_Nexus_RCE_Tool", diff --git a/2019/CVE-2019-7304.json b/2019/CVE-2019-7304.json new file mode 100644 index 0000000000..18acb4af6f --- /dev/null +++ b/2019/CVE-2019-7304.json @@ -0,0 +1,48 @@ +[ + { + "id": 170261590, + "name": "dirty_sock", + "full_name": "initstring\/dirty_sock", + "owner": { + "login": "initstring", + "id": 26131150, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/26131150?v=4", + "html_url": "https:\/\/github.com\/initstring" + }, + "html_url": "https:\/\/github.com\/initstring\/dirty_sock", + "description": "Linux privilege escalation exploit via snapd (CVE-2019-7304)", + "fork": false, + "created_at": "2019-02-12T06:02:06Z", + "updated_at": "2020-12-29T14:00:44Z", + "pushed_at": "2019-05-09T21:34:26Z", + "stargazers_count": 531, + "watchers_count": 531, + "forks_count": 111, + "forks": 111, + "watchers": 531, + "score": 0 + }, + { + "id": 170741210, + "name": "CVE-2019-7304_DirtySock", + "full_name": "SecuritySi\/CVE-2019-7304_DirtySock", + "owner": { + "login": "SecuritySi", + "id": 7517443, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7517443?v=4", + "html_url": "https:\/\/github.com\/SecuritySi" + }, + "html_url": "https:\/\/github.com\/SecuritySi\/CVE-2019-7304_DirtySock", + "description": "Payload Generator", + "fork": false, + "created_at": "2019-02-14T18:48:56Z", + "updated_at": "2019-03-05T06:03:09Z", + "pushed_at": "2019-02-14T18:49:32Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7609.json b/2019/CVE-2019-7609.json index efd422e42a..0f4b8f7500 100644 --- a/2019/CVE-2019-7609.json +++ b/2019/CVE-2019-7609.json @@ -36,13 +36,13 @@ "description": "RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer", "fork": false, "created_at": "2019-10-21T07:32:31Z", - "updated_at": "2020-12-25T14:15:21Z", + "updated_at": "2021-01-01T10:01:26Z", "pushed_at": "2019-12-20T14:28:44Z", - "stargazers_count": 36, - "watchers_count": 36, + "stargazers_count": 35, + "watchers_count": 35, "forks_count": 10, "forks": 10, - "watchers": 36, + "watchers": 35, "score": 0 }, { diff --git a/2019/CVE-2019-7642.json b/2019/CVE-2019-7642.json new file mode 100644 index 0000000000..f588be6302 --- /dev/null +++ b/2019/CVE-2019-7642.json @@ -0,0 +1,25 @@ +[ + { + "id": 173723117, + "name": "CVE-2019-7642", + "full_name": "xw77cve\/CVE-2019-7642", + "owner": { + "login": "xw77cve", + "id": 48202281, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/48202281?v=4", + "html_url": "https:\/\/github.com\/xw77cve" + }, + "html_url": "https:\/\/github.com\/xw77cve\/CVE-2019-7642", + "description": null, + "fork": false, + "created_at": "2019-03-04T10:24:04Z", + "updated_at": "2019-10-04T12:40:46Z", + "pushed_at": "2019-03-04T11:04:30Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 1, + "forks": 1, + "watchers": 15, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8389.json b/2019/CVE-2019-8389.json new file mode 100644 index 0000000000..6562b2751c --- /dev/null +++ b/2019/CVE-2019-8389.json @@ -0,0 +1,25 @@ +[ + { + "id": 171097356, + "name": "CVE-2019-8389", + "full_name": "shawarkhanethicalhacker\/CVE-2019-8389", + "owner": { + "login": "shawarkhanethicalhacker", + "id": 41706151, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/41706151?v=4", + "html_url": "https:\/\/github.com\/shawarkhanethicalhacker" + }, + "html_url": "https:\/\/github.com\/shawarkhanethicalhacker\/CVE-2019-8389", + "description": " [CVE-2019-8389] An exploit code for exploiting a local file read vulnerability in Musicloud v1.6 iOS Application ", + "fork": false, + "created_at": "2019-02-17T08:10:50Z", + "updated_at": "2020-08-13T10:37:29Z", + "pushed_at": "2019-02-17T08:40:06Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 6, + "forks": 6, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8513.json b/2019/CVE-2019-8513.json new file mode 100644 index 0000000000..812daadeed --- /dev/null +++ b/2019/CVE-2019-8513.json @@ -0,0 +1,25 @@ +[ + { + "id": 184210054, + "name": "cve-2019-8513", + "full_name": "genknife\/cve-2019-8513", + "owner": { + "login": "genknife", + "id": 47594735, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/47594735?v=4", + "html_url": "https:\/\/github.com\/genknife" + }, + "html_url": "https:\/\/github.com\/genknife\/cve-2019-8513", + "description": null, + "fork": false, + "created_at": "2019-04-30T07:06:23Z", + "updated_at": "2019-07-10T02:57:11Z", + "pushed_at": "2019-07-10T02:57:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8540.json b/2019/CVE-2019-8540.json new file mode 100644 index 0000000000..d616da0140 --- /dev/null +++ b/2019/CVE-2019-8540.json @@ -0,0 +1,25 @@ +[ + { + "id": 187144564, + "name": "CVE-2019-8540", + "full_name": "maldiohead\/CVE-2019-8540", + "owner": { + "login": "maldiohead", + "id": 23315692, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23315692?v=4", + "html_url": "https:\/\/github.com\/maldiohead" + }, + "html_url": "https:\/\/github.com\/maldiohead\/CVE-2019-8540", + "description": "Kernel Stack info leak at exportObjectToClient function", + "fork": false, + "created_at": "2019-05-17T04:07:14Z", + "updated_at": "2020-12-26T09:21:42Z", + "pushed_at": "2019-05-21T08:32:39Z", + "stargazers_count": 35, + "watchers_count": 35, + "forks_count": 15, + "forks": 15, + "watchers": 35, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8565.json b/2019/CVE-2019-8565.json new file mode 100644 index 0000000000..bac7d628a1 --- /dev/null +++ b/2019/CVE-2019-8565.json @@ -0,0 +1,25 @@ +[ + { + "id": 184996067, + "name": "cve-2019-8565", + "full_name": "genknife\/cve-2019-8565", + "owner": { + "login": "genknife", + "id": 47594735, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/47594735?v=4", + "html_url": "https:\/\/github.com\/genknife" + }, + "html_url": "https:\/\/github.com\/genknife\/cve-2019-8565", + "description": null, + "fork": false, + "created_at": "2019-05-05T07:34:05Z", + "updated_at": "2019-07-10T02:58:35Z", + "pushed_at": "2019-07-10T02:58:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8627.json b/2019/CVE-2019-8627.json new file mode 100644 index 0000000000..843351e01f --- /dev/null +++ b/2019/CVE-2019-8627.json @@ -0,0 +1,25 @@ +[ + { + "id": 187134540, + "name": "CVE-2019-8627", + "full_name": "maldiohead\/CVE-2019-8627", + "owner": { + "login": "maldiohead", + "id": 23315692, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/23315692?v=4", + "html_url": "https:\/\/github.com\/maldiohead" + }, + "html_url": "https:\/\/github.com\/maldiohead\/CVE-2019-8627", + "description": "a kernel information leak on macOS<= 10.14.4", + "fork": false, + "created_at": "2019-05-17T02:40:39Z", + "updated_at": "2019-10-30T05:52:25Z", + "pushed_at": "2019-05-24T08:44:05Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 5, + "forks": 5, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8942.json b/2019/CVE-2019-8942.json index 13858c227e..5fb40dd216 100644 --- a/2019/CVE-2019-8942.json +++ b/2019/CVE-2019-8942.json @@ -1,4 +1,27 @@ [ + { + "id": 172448763, + "name": "WordPress_4.9.8_RCE_POC", + "full_name": "brianwrf\/WordPress_4.9.8_RCE_POC", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf" + }, + "html_url": "https:\/\/github.com\/brianwrf\/WordPress_4.9.8_RCE_POC", + "description": "A simple PoC for WordPress RCE (author priviledge), refer to CVE-2019-8942 and CVE-2019-8943.", + "fork": false, + "created_at": "2019-02-25T06:38:15Z", + "updated_at": "2020-12-30T03:48:48Z", + "pushed_at": "2019-03-18T01:20:52Z", + "stargazers_count": 57, + "watchers_count": 57, + "forks_count": 19, + "forks": 19, + "watchers": 57, + "score": 0 + }, { "id": 184548123, "name": "CVE-2019-8942", diff --git a/2019/CVE-2019-8956.json b/2019/CVE-2019-8956.json new file mode 100644 index 0000000000..26cdf0a047 --- /dev/null +++ b/2019/CVE-2019-8956.json @@ -0,0 +1,25 @@ +[ + { + "id": 188973928, + "name": "CVE-2019-8956", + "full_name": "butterflyhack\/CVE-2019-8956", + "owner": { + "login": "butterflyhack", + "id": 11525772, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/11525772?v=4", + "html_url": "https:\/\/github.com\/butterflyhack" + }, + "html_url": "https:\/\/github.com\/butterflyhack\/CVE-2019-8956", + "description": "sctp-PoC", + "fork": false, + "created_at": "2019-05-28T07:09:17Z", + "updated_at": "2020-04-13T01:07:35Z", + "pushed_at": "2019-05-28T07:15:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9184.json b/2019/CVE-2019-9184.json new file mode 100644 index 0000000000..c289b57b8d --- /dev/null +++ b/2019/CVE-2019-9184.json @@ -0,0 +1,25 @@ +[ + { + "id": 175870177, + "name": "cve-2019-9184", + "full_name": "cved-sources\/cve-2019-9184", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9184", + "description": "cve-2019-9184", + "fork": false, + "created_at": "2019-03-15T18:12:49Z", + "updated_at": "2019-03-15T18:15:09Z", + "pushed_at": "2019-03-15T18:15:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9194.json b/2019/CVE-2019-9194.json new file mode 100644 index 0000000000..adbf15afcf --- /dev/null +++ b/2019/CVE-2019-9194.json @@ -0,0 +1,25 @@ +[ + { + "id": 175870594, + "name": "cve-2019-9194", + "full_name": "cved-sources\/cve-2019-9194", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9194", + "description": "cve-2019-9194", + "fork": false, + "created_at": "2019-03-15T18:16:27Z", + "updated_at": "2019-03-15T18:17:32Z", + "pushed_at": "2019-03-15T18:17:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9202.json b/2019/CVE-2019-9202.json new file mode 100644 index 0000000000..2b9769ed8d --- /dev/null +++ b/2019/CVE-2019-9202.json @@ -0,0 +1,25 @@ +[ + { + "id": 182127433, + "name": "CVE-2019-9202", + "full_name": "polict\/CVE-2019-9202", + "owner": { + "login": "polict", + "id": 18173936, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/18173936?v=4", + "html_url": "https:\/\/github.com\/polict" + }, + "html_url": "https:\/\/github.com\/polict\/CVE-2019-9202", + "description": "Nagios IM 2.6 remote code execution exploit: CSRF + SQLi + RCE + LPE --> remote root", + "fork": false, + "created_at": "2019-04-18T17:09:26Z", + "updated_at": "2020-02-05T08:41:23Z", + "pushed_at": "2019-04-18T17:18:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9580.json b/2019/CVE-2019-9580.json new file mode 100644 index 0000000000..20a8ce80c2 --- /dev/null +++ b/2019/CVE-2019-9580.json @@ -0,0 +1,25 @@ +[ + { + "id": 175478558, + "name": "CVE-2019-9580", + "full_name": "mpgn\/CVE-2019-9580", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-9580", + "description": "CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE", + "fork": false, + "created_at": "2019-03-13T18:37:18Z", + "updated_at": "2020-04-05T17:19:04Z", + "pushed_at": "2019-03-13T19:26:27Z", + "stargazers_count": 28, + "watchers_count": 28, + "forks_count": 4, + "forks": 4, + "watchers": 28, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9621.json b/2019/CVE-2019-9621.json new file mode 100644 index 0000000000..5683ad068a --- /dev/null +++ b/2019/CVE-2019-9621.json @@ -0,0 +1,25 @@ +[ + { + "id": 185226722, + "name": "ZimbraExploit", + "full_name": "k8gege\/ZimbraExploit", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege" + }, + "html_url": "https:\/\/github.com\/k8gege\/ZimbraExploit", + "description": "Zimbra邮件系统漏洞 XXE\/RCE\/SSRF\/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)", + "fork": false, + "created_at": "2019-05-06T15:47:20Z", + "updated_at": "2020-11-24T09:29:20Z", + "pushed_at": "2019-05-08T16:22:58Z", + "stargazers_count": 54, + "watchers_count": 54, + "forks_count": 35, + "forks": 35, + "watchers": 54, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9653.json b/2019/CVE-2019-9653.json new file mode 100644 index 0000000000..4fcbaee059 --- /dev/null +++ b/2019/CVE-2019-9653.json @@ -0,0 +1,25 @@ +[ + { + "id": 175789235, + "name": "CVE-2019-9653", + "full_name": "grayoneday\/CVE-2019-9653", + "owner": { + "login": "grayoneday", + "id": 28929076, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/28929076?v=4", + "html_url": "https:\/\/github.com\/grayoneday" + }, + "html_url": "https:\/\/github.com\/grayoneday\/CVE-2019-9653", + "description": null, + "fork": false, + "created_at": "2019-03-15T09:27:15Z", + "updated_at": "2019-03-15T09:32:42Z", + "pushed_at": "2019-03-15T09:32:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9673.json b/2019/CVE-2019-9673.json new file mode 100644 index 0000000000..a380fffb64 --- /dev/null +++ b/2019/CVE-2019-9673.json @@ -0,0 +1,25 @@ +[ + { + "id": 175058439, + "name": "CVE-2019-9673", + "full_name": "mgrube\/CVE-2019-9673", + "owner": { + "login": "mgrube", + "id": 90159, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/90159?v=4", + "html_url": "https:\/\/github.com\/mgrube" + }, + "html_url": "https:\/\/github.com\/mgrube\/CVE-2019-9673", + "description": "Writeup", + "fork": false, + "created_at": "2019-03-11T18:16:15Z", + "updated_at": "2019-08-08T16:04:30Z", + "pushed_at": "2019-03-24T08:21:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9729.json b/2019/CVE-2019-9729.json new file mode 100644 index 0000000000..3d11a16530 --- /dev/null +++ b/2019/CVE-2019-9729.json @@ -0,0 +1,25 @@ +[ + { + "id": 175226868, + "name": "SdoKeyCrypt-sys-local-privilege-elevation", + "full_name": "HyperSine\/SdoKeyCrypt-sys-local-privilege-elevation", + "owner": { + "login": "HyperSine", + "id": 58699351, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/58699351?v=4", + "html_url": "https:\/\/github.com\/HyperSine" + }, + "html_url": "https:\/\/github.com\/HyperSine\/SdoKeyCrypt-sys-local-privilege-elevation", + "description": "CVE-2019-9729. Transferred from https:\/\/github.com\/DoubleLabyrinth\/SdoKeyCrypt-sys-local-privilege-elevation", + "fork": false, + "created_at": "2019-03-12T14:18:20Z", + "updated_at": "2020-08-27T17:37:48Z", + "pushed_at": "2019-03-13T01:24:21Z", + "stargazers_count": 80, + "watchers_count": 80, + "forks_count": 26, + "forks": 26, + "watchers": 80, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9730.json b/2019/CVE-2019-9730.json new file mode 100644 index 0000000000..5602fcc75d --- /dev/null +++ b/2019/CVE-2019-9730.json @@ -0,0 +1,25 @@ +[ + { + "id": 181268125, + "name": "CVE-2019-9730", + "full_name": "jthuraisamy\/CVE-2019-9730", + "owner": { + "login": "jthuraisamy", + "id": 5413071, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/5413071?v=4", + "html_url": "https:\/\/github.com\/jthuraisamy" + }, + "html_url": "https:\/\/github.com\/jthuraisamy\/CVE-2019-9730", + "description": "Synaptics Audio Driver LPE", + "fork": false, + "created_at": "2019-04-14T06:16:34Z", + "updated_at": "2020-11-03T22:53:01Z", + "pushed_at": "2019-04-15T11:17:39Z", + "stargazers_count": 30, + "watchers_count": 30, + "forks_count": 11, + "forks": 11, + "watchers": 30, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9787.json b/2019/CVE-2019-9787.json index c26c6f0de0..f6a9b06716 100644 --- a/2019/CVE-2019-9787.json +++ b/2019/CVE-2019-9787.json @@ -1,4 +1,27 @@ [ + { + "id": 181409411, + "name": "cve-2019-9787_csrf_poc", + "full_name": "rkatogit\/cve-2019-9787_csrf_poc", + "owner": { + "login": "rkatogit", + "id": 40052696, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/40052696?v=4", + "html_url": "https:\/\/github.com\/rkatogit" + }, + "html_url": "https:\/\/github.com\/rkatogit\/cve-2019-9787_csrf_poc", + "description": null, + "fork": false, + "created_at": "2019-04-15T03:59:44Z", + "updated_at": "2020-05-17T21:18:04Z", + "pushed_at": "2019-04-15T04:13:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, { "id": 202961104, "name": "CodePath_Week_7-8", diff --git a/2019/CVE-2019-9810.json b/2019/CVE-2019-9810.json index d49c357a40..76d435dbea 100644 --- a/2019/CVE-2019-9810.json +++ b/2019/CVE-2019-9810.json @@ -1,4 +1,27 @@ [ + { + "id": 177500802, + "name": "CVE-2019-9810-PoC", + "full_name": "xuechiyaobai\/CVE-2019-9810-PoC", + "owner": { + "login": "xuechiyaobai", + "id": 8443947, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/8443947?v=4", + "html_url": "https:\/\/github.com\/xuechiyaobai" + }, + "html_url": "https:\/\/github.com\/xuechiyaobai\/CVE-2019-9810-PoC", + "description": "Array.prototype.slice wrong alias information.", + "fork": false, + "created_at": "2019-03-25T02:33:18Z", + "updated_at": "2020-12-11T07:20:38Z", + "pushed_at": "2019-03-25T02:41:43Z", + "stargazers_count": 67, + "watchers_count": 67, + "forks_count": 15, + "forks": 15, + "watchers": 67, + "score": 0 + }, { "id": 185060837, "name": "CVE-2019-9810", diff --git a/2019/CVE-2019-9896.json b/2019/CVE-2019-9896.json new file mode 100644 index 0000000000..3c30e91833 --- /dev/null +++ b/2019/CVE-2019-9896.json @@ -0,0 +1,25 @@ +[ + { + "id": 186455638, + "name": "vuln-chm-hijack", + "full_name": "yasinyilmaz\/vuln-chm-hijack", + "owner": { + "login": "yasinyilmaz", + "id": 37842751, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/37842751?v=4", + "html_url": "https:\/\/github.com\/yasinyilmaz" + }, + "html_url": "https:\/\/github.com\/yasinyilmaz\/vuln-chm-hijack", + "description": "Potential malicious code execution via CHM hijacking (CVE-2019-9896)", + "fork": false, + "created_at": "2019-05-13T16:17:06Z", + "updated_at": "2020-03-30T02:07:41Z", + "pushed_at": "2019-05-13T16:30:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 9, + "forks": 9, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9978.json b/2019/CVE-2019-9978.json new file mode 100644 index 0000000000..0b08e4198a --- /dev/null +++ b/2019/CVE-2019-9978.json @@ -0,0 +1,94 @@ +[ + { + "id": 177681155, + "name": "CVE-2019-9978", + "full_name": "mpgn\/CVE-2019-9978", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-9978", + "description": "CVE-2019-9978 - RCE on a Wordpress plugin: Social Warfare < 3.5.3", + "fork": false, + "created_at": "2019-03-25T23:38:58Z", + "updated_at": "2020-04-05T17:18:01Z", + "pushed_at": "2019-05-09T13:36:42Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 2, + "forks": 2, + "watchers": 8, + "score": 0 + }, + { + "id": 184705705, + "name": "CVE-2019-9978", + "full_name": "hash3liZer\/CVE-2019-9978", + "owner": { + "login": "hash3liZer", + "id": 29171692, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/29171692?v=4", + "html_url": "https:\/\/github.com\/hash3liZer" + }, + "html_url": "https:\/\/github.com\/hash3liZer\/CVE-2019-9978", + "description": "CVE-2019-9978 - (PoC) RCE in Social WarFare Plugin (<=3.5.2)", + "fork": false, + "created_at": "2019-05-03T05:57:44Z", + "updated_at": "2020-09-23T17:25:10Z", + "pushed_at": "2019-05-03T06:18:03Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 6, + "forks": 6, + "watchers": 11, + "score": 0 + }, + { + "id": 185125359, + "name": "CVE-2019-9978", + "full_name": "KTN1990\/CVE-2019-9978", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2019-9978", + "description": "Wordpress Social Warfare Remote Code Execution (AUTO UPLOAD SHELL)", + "fork": false, + "created_at": "2019-05-06T04:48:43Z", + "updated_at": "2020-09-06T05:31:28Z", + "pushed_at": "2019-05-07T04:46:20Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 2, + "forks": 2, + "watchers": 6, + "score": 0 + }, + { + "id": 185264593, + "name": "cve-2019-9978", + "full_name": "cved-sources\/cve-2019-9978", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9978", + "description": "cve-2019-9978", + "fork": false, + "created_at": "2019-05-06T20:11:20Z", + "updated_at": "2019-05-06T20:11:46Z", + "pushed_at": "2019-05-06T20:11:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 6967f4d27f..c07485d206 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -910,13 +910,13 @@ "description": "CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost", "fork": false, "created_at": "2020-03-30T11:42:56Z", - "updated_at": "2020-12-31T16:37:18Z", + "updated_at": "2021-01-01T14:03:58Z", "pushed_at": "2020-12-07T20:04:27Z", - "stargazers_count": 1051, - "watchers_count": 1051, + "stargazers_count": 1053, + "watchers_count": 1053, "forks_count": 354, "forks": 354, - "watchers": 1051, + "watchers": 1053, "score": 0 }, { diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 3dbf04ffda..a5e543ad0e 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -151,13 +151,13 @@ "description": "Abuse CVE-2020-1472 (Zerologon) to take over a domain and then repair the local stored machine account password.", "fork": false, "created_at": "2020-09-14T19:27:14Z", - "updated_at": "2021-01-01T00:46:08Z", + "updated_at": "2021-01-01T09:52:26Z", "pushed_at": "2020-09-16T14:05:27Z", - "stargazers_count": 142, - "watchers_count": 142, + "stargazers_count": 143, + "watchers_count": 143, "forks_count": 34, "forks": 34, - "watchers": 142, + "watchers": 143, "score": 0 }, { diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index 306ba2462d..959b649403 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -17,8 +17,8 @@ "pushed_at": "2020-11-07T05:55:00Z", "stargazers_count": 2220, "watchers_count": 2220, - "forks_count": 629, - "forks": 629, + "forks_count": 630, + "forks": 630, "watchers": 2220, "score": 0 }, @@ -36,13 +36,13 @@ "description": "Vulmap - Web漏洞扫描和验证工具,可对Web容器、Web服务器、Web中间件以及CMS等Web程序进行漏洞扫描,并且具备漏洞利用功能。 相关测试人员可以使用vulmap检测目标是否存在特定漏洞,并且可以使用漏洞利用功能验证漏洞是否真实存在。CVE-2020-14882, CVE-2020-2555, CVE-2020-2883, S2-061, CVE-2020-13942, CVE-2020-17530", "fork": false, "created_at": "2020-10-09T06:34:36Z", - "updated_at": "2021-01-01T04:55:31Z", + "updated_at": "2021-01-01T14:25:48Z", "pushed_at": "2020-12-15T02:33:45Z", - "stargazers_count": 656, - "watchers_count": 656, + "stargazers_count": 658, + "watchers_count": 658, "forks_count": 116, "forks": 116, - "watchers": 656, + "watchers": 658, "score": 0 }, { @@ -63,8 +63,8 @@ "pushed_at": "2020-11-16T04:23:09Z", "stargazers_count": 203, "watchers_count": 203, - "forks_count": 38, - "forks": 38, + "forks_count": 39, + "forks": 39, "watchers": 203, "score": 0 }, diff --git a/2020/CVE-2020-25213.json b/2020/CVE-2020-25213.json index 112f0a9b20..efa13fffbd 100644 --- a/2020/CVE-2020-25213.json +++ b/2020/CVE-2020-25213.json @@ -17,8 +17,8 @@ "pushed_at": "2020-10-12T09:57:28Z", "stargazers_count": 24, "watchers_count": 24, - "forks_count": 8, - "forks": 8, + "forks_count": 9, + "forks": 9, "watchers": 24, "score": 0 }, diff --git a/2020/CVE-2020-35728.json b/2020/CVE-2020-35728.json index b9463e2302..f6c5e990d1 100644 --- a/2020/CVE-2020-35728.json +++ b/2020/CVE-2020-35728.json @@ -13,13 +13,13 @@ "description": " CVE-2020-35728 & Jackson-databind RCE", "fork": false, "created_at": "2020-12-31T01:55:39Z", - "updated_at": "2021-01-01T08:51:21Z", + "updated_at": "2021-01-01T13:21:55Z", "pushed_at": "2020-12-31T01:56:18Z", - "stargazers_count": 8, - "watchers_count": 8, - "forks_count": 0, - "forks": 0, - "watchers": 8, + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 1, + "forks": 1, + "watchers": 11, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-5902.json b/2020/CVE-2020-5902.json index 05dfaa7c5c..348eea7d68 100644 --- a/2020/CVE-2020-5902.json +++ b/2020/CVE-2020-5902.json @@ -1025,13 +1025,13 @@ "description": "GUI", "fork": false, "created_at": "2020-07-17T03:13:30Z", - "updated_at": "2020-07-28T04:24:51Z", + "updated_at": "2021-01-01T13:06:57Z", "pushed_at": "2020-07-17T08:09:30Z", - "stargazers_count": 6, - "watchers_count": 6, + "stargazers_count": 7, + "watchers_count": 7, "forks_count": 2, "forks": 2, - "watchers": 6, + "watchers": 7, "score": 0 }, { diff --git a/README.md b/README.md index 0422eca94f..b3e0aa7bdb 100644 --- a/README.md +++ b/README.md @@ -3498,7 +3498,12 @@ Arbitrary command execution can occur in Webmin through 1.962. Any user authoriz - [anasbousselham/webminscan](https://github.com/anasbousselham/webminscan) -### CVE-2020-35717 +### CVE-2020-35717 (2021-01-01) + + +zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true). + + - [hmartos/cve-2020-35717](https://github.com/hmartos/cve-2020-35717) ### CVE-2020-35728 (2020-12-26) @@ -3536,6 +3541,7 @@ Memory access in virtual memory mapping for some microprocessors may allow an au In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side. +- [mpgn/CVE-2019-0192](https://github.com/mpgn/CVE-2019-0192) - [Rapidsafeguard/Solr-RCE-CVE-2019-0192](https://github.com/Rapidsafeguard/Solr-RCE-CVE-2019-0192) ### CVE-2019-0193 (2019-08-01) @@ -3544,10 +3550,19 @@ In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true. +- [xConsoIe/CVE-2019-0193](https://github.com/xConsoIe/CVE-2019-0193) - [jas502n/CVE-2019-0193](https://github.com/jas502n/CVE-2019-0193) - [1135/solr_exploit](https://github.com/1135/solr_exploit) - [jaychouzzk/CVE-2019-0193-exp](https://github.com/jaychouzzk/CVE-2019-0193-exp) +### CVE-2019-0211 (2019-04-08) + + +In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. + + +- [ozkanbilge/Apache-Exploit-2019](https://github.com/ozkanbilge/Apache-Exploit-2019) + ### CVE-2019-0227 (2019-05-01) @@ -3575,15 +3590,27 @@ When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in - [pyn3rd/CVE-2019-0232](https://github.com/pyn3rd/CVE-2019-0232) +- [jas502n/CVE-2019-0232](https://github.com/jas502n/CVE-2019-0232) +- [CherishHair/CVE-2019-0232-EXP](https://github.com/CherishHair/CVE-2019-0232-EXP) - [setrus/CVE-2019-0232](https://github.com/setrus/CVE-2019-0232) - [0xmanjoos/CVE-2019-0232](https://github.com/0xmanjoos/CVE-2019-0232) +### CVE-2019-0539 (2019-01-08) + + +A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568. + + +- [0x43434343/CVE-2019-0539](https://github.com/0x43434343/CVE-2019-0539) + ### CVE-2019-0604 (2019-03-05) A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594. +- [linhlhq/CVE-2019-0604](https://github.com/linhlhq/CVE-2019-0604) +- [likescam/CVE-2019-0604_sharepoint_CVE](https://github.com/likescam/CVE-2019-0604_sharepoint_CVE) - [k8gege/CVE-2019-0604](https://github.com/k8gege/CVE-2019-0604) - [m5050/CVE-2019-0604](https://github.com/m5050/CVE-2019-0604) - [boxhg/CVE-2019-0604](https://github.com/boxhg/CVE-2019-0604) @@ -3596,37 +3623,104 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - [DreamoneOnly/CVE-2019-0623-32-exp](https://github.com/DreamoneOnly/CVE-2019-0623-32-exp) +### CVE-2019-0678 (2019-04-08) + + +An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. + + +- [c0d3G33k/CVE-2019-0678](https://github.com/c0d3G33k/CVE-2019-0678) + ### CVE-2019-0708 (2019-05-16) A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. +- [hook-s3c/CVE-2019-0708-poc](https://github.com/hook-s3c/CVE-2019-0708-poc) +- [SherlockSec/CVE-2019-0708](https://github.com/SherlockSec/CVE-2019-0708) - [yetiddbb/CVE-2019-0708-PoC](https://github.com/yetiddbb/CVE-2019-0708-PoC) +- [p0p0p0/CVE-2019-0708-exploit](https://github.com/p0p0p0/CVE-2019-0708-exploit) +- [rockmelodies/CVE-2019-0708-Exploit](https://github.com/rockmelodies/CVE-2019-0708-Exploit) +- [matengfei000/CVE-2019-0708](https://github.com/matengfei000/CVE-2019-0708) +- [xiyangzuishuai/Dark-Network-CVE-2019-0708](https://github.com/xiyangzuishuai/Dark-Network-CVE-2019-0708) +- [temp-user-2014/CVE-2019-0708](https://github.com/temp-user-2014/CVE-2019-0708) +- [areusecure/CVE-2019-0708](https://github.com/areusecure/CVE-2019-0708) +- [pry0cc/cve-2019-0708-2](https://github.com/pry0cc/cve-2019-0708-2) - [sbkcbig/CVE-2019-0708-EXPloit](https://github.com/sbkcbig/CVE-2019-0708-EXPloit) +- [sbkcbig/CVE-2019-0708-EXPloit-3389](https://github.com/sbkcbig/CVE-2019-0708-EXPloit-3389) - [YSheldon/MS_T120](https://github.com/YSheldon/MS_T120) +- [k8gege/CVE-2019-0708](https://github.com/k8gege/CVE-2019-0708) - [hotdog777714/RDS_CVE-2019-0708](https://github.com/hotdog777714/RDS_CVE-2019-0708) +- [jiansiting/CVE-2019-0708](https://github.com/jiansiting/CVE-2019-0708) +- [NullByteSuiteDevs/CVE-2019-0708](https://github.com/NullByteSuiteDevs/CVE-2019-0708) - [thugcrowd/CVE-2019-0708](https://github.com/thugcrowd/CVE-2019-0708) - [omaidf/CVE-2019-0708-PoC](https://github.com/omaidf/CVE-2019-0708-PoC) +- [blacksunwen/CVE-2019-0708](https://github.com/blacksunwen/CVE-2019-0708) - [infenet/CVE-2019-0708](https://github.com/infenet/CVE-2019-0708) +- [n0auth/CVE-2019-0708](https://github.com/n0auth/CVE-2019-0708) +- [gildaaa/CVE-2019-0708](https://github.com/gildaaa/CVE-2019-0708) - [sbkcbig/CVE-2019-0708-Poc-exploit](https://github.com/sbkcbig/CVE-2019-0708-Poc-exploit) +- [HackerJ0e/CVE-2019-0708](https://github.com/HackerJ0e/CVE-2019-0708) +- [syriusbughunt/CVE-2019-0708](https://github.com/syriusbughunt/CVE-2019-0708) +- [Barry-McCockiner/CVE-2019-0708](https://github.com/Barry-McCockiner/CVE-2019-0708) +- [ShadowBrokers-ExploitLeak/CVE-2019-0708](https://github.com/ShadowBrokers-ExploitLeak/CVE-2019-0708) +- [safly/CVE-2019-0708](https://github.com/safly/CVE-2019-0708) +- [Jaky5155/cve-2019-0708-exp](https://github.com/Jaky5155/cve-2019-0708-exp) - [fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status](https://github.com/fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status) +- [303sec/CVE-2019-0708](https://github.com/303sec/CVE-2019-0708) +- [f8al/CVE-2019-0708-POC](https://github.com/f8al/CVE-2019-0708-POC) +- [blockchainguard/CVE-2019-0708](https://github.com/blockchainguard/CVE-2019-0708) +- [haoge8090/CVE-2019-0708](https://github.com/haoge8090/CVE-2019-0708) - [yushiro/CVE-2019-0708](https://github.com/yushiro/CVE-2019-0708) +- [skyshell20082008/CVE-2019-0708-PoC-Hitting-Path](https://github.com/skyshell20082008/CVE-2019-0708-PoC-Hitting-Path) +- [ttsite/CVE-2019-0708-](https://github.com/ttsite/CVE-2019-0708-) +- [ttsite/CVE-2019-0708](https://github.com/ttsite/CVE-2019-0708) +- [biggerwing/CVE-2019-0708-poc](https://github.com/biggerwing/CVE-2019-0708-poc) +- [n1xbyte/CVE-2019-0708](https://github.com/n1xbyte/CVE-2019-0708) - [freeide/CVE-2019-0708](https://github.com/freeide/CVE-2019-0708) +- [edvacco/CVE-2019-0708-POC](https://github.com/edvacco/CVE-2019-0708-POC) +- [pry0cc/BlueKeepTracker](https://github.com/pry0cc/BlueKeepTracker) - [zjw88282740/CVE-2019-0708-win7](https://github.com/zjw88282740/CVE-2019-0708-win7) - [zerosum0x0/CVE-2019-0708](https://github.com/zerosum0x0/CVE-2019-0708) - [herhe/CVE-2019-0708poc](https://github.com/herhe/CVE-2019-0708poc) +- [l9c/rdp0708scanner](https://github.com/l9c/rdp0708scanner) +- [major203/cve-2019-0708-scan](https://github.com/major203/cve-2019-0708-scan) +- [SugiB3o/Check-vuln-CVE-2019-0708](https://github.com/SugiB3o/Check-vuln-CVE-2019-0708) - [gobysec/CVE-2019-0708](https://github.com/gobysec/CVE-2019-0708) +- [adalenv/CVE-2019-0708-Tool](https://github.com/adalenv/CVE-2019-0708-Tool) +- [smallFunction/CVE-2019-0708-POC](https://github.com/smallFunction/CVE-2019-0708-POC) +- [freeide/CVE-2019-0708-PoC-Exploit](https://github.com/freeide/CVE-2019-0708-PoC-Exploit) +- [robertdavidgraham/rdpscan](https://github.com/robertdavidgraham/rdpscan) +- [closethe/CVE-2019-0708-POC](https://github.com/closethe/CVE-2019-0708-POC) - [krivegasa/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit](https://github.com/krivegasa/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit) +- [Rostelecom-CERT/bluekeepscan](https://github.com/Rostelecom-CERT/bluekeepscan) +- [Leoid/CVE-2019-0708](https://github.com/Leoid/CVE-2019-0708) +- [ht0Ruial/CVE-2019-0708Poc-BatchScanning](https://github.com/ht0Ruial/CVE-2019-0708Poc-BatchScanning) +- [oneoy/BlueKeep](https://github.com/oneoy/BlueKeep) - [infiniti-team/CVE-2019-0708](https://github.com/infiniti-team/CVE-2019-0708) - [haishanzheng/CVE-2019-0708-generate-hosts](https://github.com/haishanzheng/CVE-2019-0708-generate-hosts) - [Ekultek/BlueKeep](https://github.com/Ekultek/BlueKeep) +- [UraSecTeam/CVE-2019-0708](https://github.com/UraSecTeam/CVE-2019-0708) +- [Gh0st0ne/rdpscan-BlueKeep](https://github.com/Gh0st0ne/rdpscan-BlueKeep) - [algo7/bluekeep_CVE-2019-0708_poc_to_exploit](https://github.com/algo7/bluekeep_CVE-2019-0708_poc_to_exploit) - [JasonLOU/CVE-2019-0708](https://github.com/JasonLOU/CVE-2019-0708) +- [shun-gg/CVE-2019-0708](https://github.com/shun-gg/CVE-2019-0708) +- [AdministratorGithub/CVE-2019-0708](https://github.com/AdministratorGithub/CVE-2019-0708) +- [umarfarook882/CVE-2019-0708](https://github.com/umarfarook882/CVE-2019-0708) +- [HynekPetrak/detect_bluekeep.py](https://github.com/HynekPetrak/detect_bluekeep.py) +- [Wileysec/CVE-2019-0708-Batch-Blue-Screen](https://github.com/Wileysec/CVE-2019-0708-Batch-Blue-Screen) +- [Pa55w0rd/CVE-2019-0708](https://github.com/Pa55w0rd/CVE-2019-0708) - [at0mik/CVE-2019-0708-PoC](https://github.com/at0mik/CVE-2019-0708-PoC) +- [cream-sec/CVE-2019-0708-Msf--](https://github.com/cream-sec/CVE-2019-0708-Msf--) +- [wdfcc/CVE-2019-0708](https://github.com/wdfcc/CVE-2019-0708) +- [cvencoder/cve-2019-0708](https://github.com/cvencoder/cve-2019-0708) +- [ze0r/CVE-2019-0708-exp](https://github.com/ze0r/CVE-2019-0708-exp) - [mekhalleh/cve-2019-0708](https://github.com/mekhalleh/cve-2019-0708) +- [cve-2019-0708-poc/cve-2019-0708](https://github.com/cve-2019-0708-poc/cve-2019-0708) - [andripwn/CVE-2019-0708](https://github.com/andripwn/CVE-2019-0708) - [0xeb-bp/bluekeep](https://github.com/0xeb-bp/bluekeep) +- [ntkernel0/CVE-2019-0708](https://github.com/ntkernel0/CVE-2019-0708) - [dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-](https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-) - [turingcompl33t/bluekeep](https://github.com/turingcompl33t/bluekeep) - [fade-vivida/CVE-2019-0708-test](https://github.com/fade-vivida/CVE-2019-0708-test) @@ -3657,6 +3751,15 @@ A remote code execution vulnerability exists in Remote Desktop Services formerly - [alexa872/CVE-2019-0708](https://github.com/alexa872/CVE-2019-0708) - [sinlee1/CVE-2019-0708](https://github.com/sinlee1/CVE-2019-0708) +### CVE-2019-0709 (2019-06-12) + + +A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0620, CVE-2019-0722. + + +- [YHZX2013/CVE-2019-0709](https://github.com/YHZX2013/CVE-2019-0709) +- [qq431169079/CVE-2019-0709](https://github.com/qq431169079/CVE-2019-0709) + ### CVE-2019-0752 (2019-04-09) @@ -3665,14 +3768,51 @@ A remote code execution vulnerability exists in the way that the scripting engin - [CreatePhotonW/CVE-2019-0752](https://github.com/CreatePhotonW/CVE-2019-0752) +### CVE-2019-0768 (2019-04-08) + + +A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0761. + + +- [ruthlezs/ie11_vbscript_exploit](https://github.com/ruthlezs/ie11_vbscript_exploit) + +### CVE-2019-0785 (2019-07-15) + + +A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. + + +- [Jaky5155/CVE-2019-0785](https://github.com/Jaky5155/CVE-2019-0785) + +### CVE-2019-0803 (2019-04-09) + + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859. + + +- [ExpLife0011/CVE-2019-0803](https://github.com/ExpLife0011/CVE-2019-0803) + ### CVE-2019-0808 (2019-04-08) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797. +- [ze0r/cve-2019-0808-poc](https://github.com/ze0r/cve-2019-0808-poc) +- [rakesh143/CVE-2019-0808](https://github.com/rakesh143/CVE-2019-0808) +- [exodusintel/CVE-2019-0808](https://github.com/exodusintel/CVE-2019-0808) - [DreamoneOnly/CVE-2019-0808-32-64-exp](https://github.com/DreamoneOnly/CVE-2019-0808-32-64-exp) +### CVE-2019-0841 (2019-04-09) + + +An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836. + + +- [rogue-kdc/CVE-2019-0841](https://github.com/rogue-kdc/CVE-2019-0841) +- [likescam/CVE-2019-0841](https://github.com/likescam/CVE-2019-0841) +- [0x00-0x00/CVE-2019-0841-BYPASS](https://github.com/0x00-0x00/CVE-2019-0841-BYPASS) + ### CVE-2019-0859 (2019-04-09) @@ -3689,6 +3829,22 @@ A remote code execution vulnerability exists in Remote Desktop Services - former - [qianshuidewajueji/CVE-2019-0887](https://github.com/qianshuidewajueji/CVE-2019-0887) +### CVE-2019-0888 (2019-06-12) + + +A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory, aka 'ActiveX Data Objects (ADO) Remote Code Execution Vulnerability'. + + +- [sophoslabs/CVE-2019-0888](https://github.com/sophoslabs/CVE-2019-0888) + +### CVE-2019-0986 (2019-06-12) + + +An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. + + +- [padovah4ck/CVE-2019-0986](https://github.com/padovah4ck/CVE-2019-0986) + ### CVE-2019-1040 (2019-06-12) @@ -3697,10 +3853,29 @@ A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle a - [Ridter/CVE-2019-1040](https://github.com/Ridter/CVE-2019-1040) - [Ridter/CVE-2019-1040-dcpwn](https://github.com/Ridter/CVE-2019-1040-dcpwn) +- [lazaars/UltraRealy_with_CVE-2019-1040](https://github.com/lazaars/UltraRealy_with_CVE-2019-1040) - [fox-it/cve-2019-1040-scanner](https://github.com/fox-it/cve-2019-1040-scanner) - [wzxmt/CVE-2019-1040](https://github.com/wzxmt/CVE-2019-1040) - [QAX-A-Team/dcpwn](https://github.com/QAX-A-Team/dcpwn) +### CVE-2019-1064 (2019-06-12) + + +An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. + + +- [RythmStick/CVE-2019-1064](https://github.com/RythmStick/CVE-2019-1064) +- [0x00-0x00/CVE-2019-1064](https://github.com/0x00-0x00/CVE-2019-1064) +- [attackgithub/CVE-2019-1064](https://github.com/attackgithub/CVE-2019-1064) + +### CVE-2019-1069 (2019-06-12) + + +An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'. + + +- [S3cur3Th1sSh1t/SharpPolarBear](https://github.com/S3cur3Th1sSh1t/SharpPolarBear) + ### CVE-2019-1083 (2019-07-15) @@ -3709,6 +3884,14 @@ A denial of service vulnerability exists when Microsoft Common Object Runtime Li - [stevenseeley/HowCVE-2019-1083Works](https://github.com/stevenseeley/HowCVE-2019-1083Works) +### CVE-2019-1096 (2019-07-15) + + +An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. + + +- [CrackerCat/cve-2019-1096-poc](https://github.com/CrackerCat/cve-2019-1096-poc) + ### CVE-2019-1108 (2019-07-29) @@ -3732,6 +3915,7 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - [Vlad-tri/CVE-2019-1132](https://github.com/Vlad-tri/CVE-2019-1132) +- [petercc/CVE-2019-1132](https://github.com/petercc/CVE-2019-1132) ### CVE-2019-1181 (2019-08-14) @@ -3878,6 +4062,23 @@ Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier - [securifera/CVE-2019-1579](https://github.com/securifera/CVE-2019-1579) - [Elsfa7-110/CVE-2019-1579](https://github.com/Elsfa7-110/CVE-2019-1579) +### CVE-2019-1652 (2019-01-24) + + +A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root. Cisco has released firmware updates that address this vulnerability. + + +- [0x27/CiscoRV320Dump](https://github.com/0x27/CiscoRV320Dump) + +### CVE-2019-1653 (2019-01-24) + + +A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability. + + +- [dubfr33/CVE-2019-1653](https://github.com/dubfr33/CVE-2019-1653) +- [shaheemirza/CiscoSpill](https://github.com/shaheemirza/CiscoSpill) + ### CVE-2019-1759 (2019-03-27) @@ -3886,6 +4087,22 @@ A vulnerability in access control list (ACL) functionality of the Gigabit Ethern - [r3m0t3nu11/CVE-2019-1759-csrf-js-rce](https://github.com/r3m0t3nu11/CVE-2019-1759-csrf-js-rce) +### CVE-2019-1821 (2019-05-15) + + +A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An attacker could exploit this vulnerability by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges on the underlying operating system. + + +- [k8gege/CiscoExploit](https://github.com/k8gege/CiscoExploit) + +### CVE-2019-1987 (2019-02-28) + + +In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-118143775. + + +- [marcinguy/android-7-9-png-bug](https://github.com/marcinguy/android-7-9-png-bug) + ### CVE-2019-2107 (2019-07-08) @@ -3893,6 +4110,7 @@ In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds - [marcinguy/CVE-2019-2107](https://github.com/marcinguy/CVE-2019-2107) +- [infiniteLoopers/CVE-2019-2107](https://github.com/infiniteLoopers/CVE-2019-2107) ### CVE-2019-2196 (2019-11-13) @@ -3935,15 +4153,27 @@ Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (su - [Phantomn/VirtualBox_CVE-2019-2525-CVE-2019-2548](https://github.com/Phantomn/VirtualBox_CVE-2019-2525-CVE-2019-2548) - [wotmd/VirtualBox-6.0.0-Exploit-1-day](https://github.com/wotmd/VirtualBox-6.0.0-Exploit-1-day) +### CVE-2019-2615 (2019-04-23) + + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). + + +- [chiaifan/CVE-2019-2615](https://github.com/chiaifan/CVE-2019-2615) + ### CVE-2019-2618 (2019-04-23) Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N). +- [pyn3rd/CVE-2019-2618](https://github.com/pyn3rd/CVE-2019-2618) +- [jas502n/cve-2019-2618](https://github.com/jas502n/cve-2019-2618) +- [wsfengfan/CVE-2019-2618-](https://github.com/wsfengfan/CVE-2019-2618-) - [dr0op/WeblogicScan](https://github.com/dr0op/WeblogicScan) - [he1dan/cve-2019-2618](https://github.com/he1dan/cve-2019-2618) - [ianxtianxt/cve-2019-2618](https://github.com/ianxtianxt/cve-2019-2618) +- [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) ### CVE-2019-2725 (2019-04-26) @@ -3952,10 +4182,19 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - [shack2/javaserializetools](https://github.com/shack2/javaserializetools) +- [SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961](https://github.com/SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961) +- [iceMatcha/CNTA-2019-0014xCVE-2019-2725](https://github.com/iceMatcha/CNTA-2019-0014xCVE-2019-2725) +- [lasensio/cve-2019-2725](https://github.com/lasensio/cve-2019-2725) +- [davidmthomsen/CVE-2019-2725](https://github.com/davidmthomsen/CVE-2019-2725) - [leerina/CVE-2019-2725](https://github.com/leerina/CVE-2019-2725) - [zhusx110/cve-2019-2725](https://github.com/zhusx110/cve-2019-2725) - [lufeirider/CVE-2019-2725](https://github.com/lufeirider/CVE-2019-2725) - [CVCLabs/cve-2019-2725](https://github.com/CVCLabs/cve-2019-2725) +- [TopScrew/CVE-2019-2725](https://github.com/TopScrew/CVE-2019-2725) +- [welove88888/CVE-2019-2725](https://github.com/welove88888/CVE-2019-2725) +- [jiansiting/CVE-2019-2725](https://github.com/jiansiting/CVE-2019-2725) +- [kerlingcode/CVE-2019-2725](https://github.com/kerlingcode/CVE-2019-2725) +- [black-mirror/Weblogic](https://github.com/black-mirror/Weblogic) - [pimps/CVE-2019-2725](https://github.com/pimps/CVE-2019-2725) - [ianxtianxt/CVE-2019-2725](https://github.com/ianxtianxt/CVE-2019-2725) - [N0b1e6/CVE-2019-2725-POC](https://github.com/N0b1e6/CVE-2019-2725-POC) @@ -4017,15 +4256,37 @@ The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 - [dothanthitiendiettiende/CVE-2019-3396](https://github.com/dothanthitiendiettiende/CVE-2019-3396) - [x-f1v3/CVE-2019-3396](https://github.com/x-f1v3/CVE-2019-3396) +- [xiaoshuier/CVE-2019-3396](https://github.com/xiaoshuier/CVE-2019-3396) - [Yt1g3r/CVE-2019-3396_EXP](https://github.com/Yt1g3r/CVE-2019-3396_EXP) - [jas502n/CVE-2019-3396](https://github.com/jas502n/CVE-2019-3396) +- [pyn3rd/CVE-2019-3396](https://github.com/pyn3rd/CVE-2019-3396) +- [s1xg0d/CVE-2019-3396](https://github.com/s1xg0d/CVE-2019-3396) - [quanpt103/CVE-2019-3396](https://github.com/quanpt103/CVE-2019-3396) +- [vntest11/confluence_CVE-2019-3396](https://github.com/vntest11/confluence_CVE-2019-3396) +- [tanw923/test1](https://github.com/tanw923/test1) - [skommando/CVE-2019-3396-confluence-poc](https://github.com/skommando/CVE-2019-3396-confluence-poc) - [JonathanZhou348/CVE-2019-3396TEST](https://github.com/JonathanZhou348/CVE-2019-3396TEST) - [am6539/CVE-2019-3396](https://github.com/am6539/CVE-2019-3396) - [W2Ning/CVE-2019-3396](https://github.com/W2Ning/CVE-2019-3396) - [yuehanked/cve-2019-3396](https://github.com/yuehanked/cve-2019-3396) +### CVE-2019-3398 (2019-04-18) + + +Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability. + + +- [superevr/cve-2019-3398](https://github.com/superevr/cve-2019-3398) + +### CVE-2019-3462 (2019-01-28) + + +Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. + + +- [tonejito/check_CVE-2019-3462](https://github.com/tonejito/check_CVE-2019-3462) +- [atilacastro/update-apt-package](https://github.com/atilacastro/update-apt-package) + ### CVE-2019-3663 (2019-11-13) @@ -4034,6 +4295,14 @@ Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defen - [funoverip/mcafee_atd_CVE-2019-3663](https://github.com/funoverip/mcafee_atd_CVE-2019-3663) +### CVE-2019-3719 (2019-04-18) + + +Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites. + + +- [jiansiting/CVE-2019-3719](https://github.com/jiansiting/CVE-2019-3719) + ### CVE-2019-3778 (2019-03-07) @@ -4042,6 +4311,22 @@ Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and - [BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection](https://github.com/BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection) +### CVE-2019-3799 (2019-05-06) + + +Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack. + + +- [mpgn/CVE-2019-3799](https://github.com/mpgn/CVE-2019-3799) + +### CVE-2019-3847 (2019-03-27) + + +A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf. + + +- [danielthatcher/moodle-login-csrf](https://github.com/danielthatcher/moodle-login-csrf) + ### CVE-2019-3929 (2019-04-30) @@ -4088,11 +4373,24 @@ An exploitable command injection vulnerability exists in the iocheckd service There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. +- [mpgn/CVE-2019-5418](https://github.com/mpgn/CVE-2019-5418) +- [omarkurt/CVE-2019-5418](https://github.com/omarkurt/CVE-2019-5418) +- [brompwnie/CVE-2019-5418-Scanner](https://github.com/brompwnie/CVE-2019-5418-Scanner) - [mpgn/Rails-doubletap-RCE](https://github.com/mpgn/Rails-doubletap-RCE) +- [takeokunn/CVE-2019-5418](https://github.com/takeokunn/CVE-2019-5418) - [Bad3r/RailroadBandit](https://github.com/Bad3r/RailroadBandit) - [ztgrace/CVE-2019-5418-Rails3](https://github.com/ztgrace/CVE-2019-5418-Rails3) - [random-robbie/CVE-2019-5418](https://github.com/random-robbie/CVE-2019-5418) +### CVE-2019-5420 (2019-03-27) + + +A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit. + + +- [knqyf263/CVE-2019-5420](https://github.com/knqyf263/CVE-2019-5420) +- [cved-sources/cve-2019-5420](https://github.com/cved-sources/cve-2019-5420) + ### CVE-2019-5427 (2019-04-22) @@ -4135,6 +4433,14 @@ OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite iss - [HynekPetrak/CVE-2019-5544_CVE-2020-3992](https://github.com/HynekPetrak/CVE-2019-5544_CVE-2020-3992) +### CVE-2019-5624 (2019-04-30) + + +Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level of the user running Metasploit. This issue affects: Rapid7 Metasploit Framework version 4.14.0 and prior versions. + + +- [VoidSec/CVE-2019-5624](https://github.com/VoidSec/CVE-2019-5624) + ### CVE-2019-5630 (2019-07-03) @@ -4157,8 +4463,21 @@ NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vu runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. +- [q3k/cve-2019-5736-poc](https://github.com/q3k/cve-2019-5736-poc) +- [Frichetten/CVE-2019-5736-PoC](https://github.com/Frichetten/CVE-2019-5736-PoC) +- [jakubkrawczyk/cve-2019-5736](https://github.com/jakubkrawczyk/cve-2019-5736) +- [jas502n/CVE-2019-5736](https://github.com/jas502n/CVE-2019-5736) +- [likescam/CVE-2019-5736](https://github.com/likescam/CVE-2019-5736) +- [likescam/cve-2019-5736-poc](https://github.com/likescam/cve-2019-5736-poc) +- [agppp/cve-2019-5736-poc](https://github.com/agppp/cve-2019-5736-poc) +- [b3d3c/poc-cve-2019-5736](https://github.com/b3d3c/poc-cve-2019-5736) - [twistlock/RunC-CVE-2019-5736](https://github.com/twistlock/RunC-CVE-2019-5736) +- [yyqs2008/CVE-2019-5736-PoC-2](https://github.com/yyqs2008/CVE-2019-5736-PoC-2) +- [zyriuse75/CVE-2019-5736-PoC](https://github.com/zyriuse75/CVE-2019-5736-PoC) - [stillan00b/CVE-2019-5736](https://github.com/stillan00b/CVE-2019-5736) +- [milloni/cve-2019-5736-exp](https://github.com/milloni/cve-2019-5736-exp) +- [13paulmurith/Docker-Runc-Exploit](https://github.com/13paulmurith/Docker-Runc-Exploit) +- [RyanNgWH/CVE-2019-5736-POC](https://github.com/RyanNgWH/CVE-2019-5736-POC) - [Lee-SungYoung/cve-2019-5736-study](https://github.com/Lee-SungYoung/cve-2019-5736-study) - [chosam2/cve-2019-5736-poc](https://github.com/chosam2/cve-2019-5736-poc) - [epsteina16/Docker-Escape-Miner](https://github.com/epsteina16/Docker-Escape-Miner) @@ -4167,6 +4486,14 @@ runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allow - [BBRathnayaka/POC-CVE-2019-5736](https://github.com/BBRathnayaka/POC-CVE-2019-5736) - [shen54/IT19172088](https://github.com/shen54/IT19172088) +### CVE-2019-5737 (2019-03-28) + + +In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitigated by the use of a load balancer or other proxy layer. This vulnerability is an extension of CVE-2018-12121, addressed in November and impacts all active Node.js release lines including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1. + + +- [beelzebruh/cve-2019-5737](https://github.com/beelzebruh/cve-2019-5737) + ### CVE-2019-5782 (2019-02-19) @@ -4175,6 +4502,14 @@ Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 - [CreatePhotonW/CVE-2019-5782_CVE-2019-13768](https://github.com/CreatePhotonW/CVE-2019-5782_CVE-2019-13768) +### CVE-2019-5786 (2019-06-27) + + +Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. + + +- [exodusintel/CVE-2019-5786](https://github.com/exodusintel/CVE-2019-5786) + ### CVE-2019-5822 (2019-06-27) @@ -4199,15 +4534,42 @@ An issue was discovered in OpenSSH 7.9. Due to the scp implementation being deri - [53n7hu/SNP](https://github.com/53n7hu/SNP) +### CVE-2019-6203 (2020-04-17) + + +A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic. + + +- [qingxp9/CVE-2019-6203-PoC](https://github.com/qingxp9/CVE-2019-6203-PoC) + ### CVE-2019-6207 (2019-12-18) An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. +- [dothanthitiendiettiende/CVE-2019-6207](https://github.com/dothanthitiendiettiende/CVE-2019-6207) - [maldiohead/CVE-2019-6207](https://github.com/maldiohead/CVE-2019-6207) - [DimitriFourny/cve-2019-6207](https://github.com/DimitriFourny/cve-2019-6207) +### CVE-2019-6225 (2019-03-05) + + +A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges. + + +- [fatgrass/OsirisJailbreak12](https://github.com/fatgrass/OsirisJailbreak12) +- [TrungNguyen1909/CVE-2019-6225-macOS](https://github.com/TrungNguyen1909/CVE-2019-6225-macOS) +- [raystyle/jailbreak-iOS12](https://github.com/raystyle/jailbreak-iOS12) + +### CVE-2019-6249 (2019-01-13) + + +An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add. + + +- [NMTech0x90/CVE-2019-6249_Hucart-cms](https://github.com/NMTech0x90/CVE-2019-6249_Hucart-cms) + ### CVE-2019-6260 (2019-01-22) @@ -4230,15 +4592,38 @@ HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege a Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.) +- [g0rx/Drupal-SA-CORE-2019-003](https://github.com/g0rx/Drupal-SA-CORE-2019-003) +- [knqyf263/CVE-2019-6340](https://github.com/knqyf263/CVE-2019-6340) +- [DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass](https://github.com/DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass) +- [oways/CVE-2019-6340](https://github.com/oways/CVE-2019-6340) +- [cved-sources/cve-2019-6340](https://github.com/cved-sources/cve-2019-6340) +- [d1vious/cve-2019-6340-bits](https://github.com/d1vious/cve-2019-6340-bits) - [jas502n/CVE-2019-6340](https://github.com/jas502n/CVE-2019-6340) - [ludy-dev/drupal8-REST-RCE](https://github.com/ludy-dev/drupal8-REST-RCE) +### CVE-2019-6440 (2019-01-15) + + +Zemana AntiMalware before 3.0.658 Beta mishandles update logic. + + +- [hexnone/CVE-2019-6440](https://github.com/hexnone/CVE-2019-6440) + +### CVE-2019-6446 (2019-01-16) + + +** DISPUTED ** An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources. + + +- [RayScri/CVE-2019-6446](https://github.com/RayScri/CVE-2019-6446) + ### CVE-2019-6447 (2019-01-16) The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP. +- [fs0c131y/ESFileExplorerOpenPortVuln](https://github.com/fs0c131y/ESFileExplorerOpenPortVuln) - [SandaRuFdo/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447](https://github.com/SandaRuFdo/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447) ### CVE-2019-6453 (2019-02-18) @@ -4247,8 +4632,17 @@ The ES File Explorer File Manager application through 4.1.9.7.4 for Android allo mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable). +- [proofofcalc/cve-2019-6453-poc](https://github.com/proofofcalc/cve-2019-6453-poc) - [andripwn/mIRC-CVE-2019-6453](https://github.com/andripwn/mIRC-CVE-2019-6453) +### CVE-2019-6467 (2019-10-09) + + +A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch. + + +- [knqyf263/CVE-2019-6467](https://github.com/knqyf263/CVE-2019-6467) + ### CVE-2019-6690 (2019-03-17) @@ -4283,6 +4677,14 @@ SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrus - [devzspy/CVE-2019-7214](https://github.com/devzspy/CVE-2019-7214) +### CVE-2019-7216 (2019-01-31) + + +An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi has a filter bypass that allows a malicious user to upload any type of file by using % characters within the extension, e.g., file.%ph%p becomes file.php. + + +- [Ekultek/CVE-2019-7216](https://github.com/Ekultek/CVE-2019-7216) + ### CVE-2019-7219 (2019-04-11) @@ -4297,9 +4699,20 @@ Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0 Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. +- [mpgn/CVE-2019-7238](https://github.com/mpgn/CVE-2019-7238) - [jas502n/CVE-2019-7238](https://github.com/jas502n/CVE-2019-7238) +- [verctor/nexus_rce_CVE-2019-7238](https://github.com/verctor/nexus_rce_CVE-2019-7238) - [magicming200/CVE-2019-7238_Nexus_RCE_Tool](https://github.com/magicming200/CVE-2019-7238_Nexus_RCE_Tool) +### CVE-2019-7304 (2019-04-23) + + +Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1. + + +- [initstring/dirty_sock](https://github.com/initstring/dirty_sock) +- [SecuritySi/CVE-2019-7304_DirtySock](https://github.com/SecuritySi/CVE-2019-7304_DirtySock) + ### CVE-2019-7356 (2020-11-04) @@ -4353,6 +4766,14 @@ Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SS - [random-robbie/CVE-2019-7616](https://github.com/random-robbie/CVE-2019-7616) +### CVE-2019-7642 (2019-03-25) + + +D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10). + + +- [xw77cve/CVE-2019-7642](https://github.com/xw77cve/CVE-2019-7642) + ### CVE-2019-7839 (2019-06-12) @@ -4361,6 +4782,14 @@ ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 a - [securifera/CVE-2019-7839](https://github.com/securifera/CVE-2019-7839) +### CVE-2019-8389 (2019-02-16) + + +A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a crafted ../ payload) to the download.script endpoint. This will create a MusicPlayerArchive.zip archive that is publicly accessible and includes the content of any requested file (such as the /etc/passwd file). + + +- [shawarkhanethicalhacker/CVE-2019-8389](https://github.com/shawarkhanethicalhacker/CVE-2019-8389) + ### CVE-2019-8446 (2019-08-23) @@ -4389,6 +4818,30 @@ The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 a - [jas502n/CVE-2019-8451](https://github.com/jas502n/CVE-2019-8451) - [h0ffayyy/Jira-CVE-2019-8451](https://github.com/h0ffayyy/Jira-CVE-2019-8451) +### CVE-2019-8513 (2019-12-18) + + +This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands. + + +- [genknife/cve-2019-8513](https://github.com/genknife/cve-2019-8513) + +### CVE-2019-8540 (2019-12-18) + + +A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. + + +- [maldiohead/CVE-2019-8540](https://github.com/maldiohead/CVE-2019-8540) + +### CVE-2019-8565 (2019-12-18) + + +A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges. + + +- [genknife/cve-2019-8565](https://github.com/genknife/cve-2019-8565) + ### CVE-2019-8591 (2019-12-18) @@ -4405,6 +4858,9 @@ Multiple memory corruption issues were addressed with improved memory handling. - [BadAccess11/CVE-2019-8601](https://github.com/BadAccess11/CVE-2019-8601) +### CVE-2019-8627 +- [maldiohead/CVE-2019-8627](https://github.com/maldiohead/CVE-2019-8627) + ### CVE-2019-8641 (2019-12-18) @@ -4444,8 +4900,17 @@ NTP through 4.2.8p12 has a NULL Pointer Dereference. WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943. +- [brianwrf/WordPress_4.9.8_RCE_POC](https://github.com/brianwrf/WordPress_4.9.8_RCE_POC) - [synacktiv/CVE-2019-8942](https://github.com/synacktiv/CVE-2019-8942) +### CVE-2019-8956 (2019-04-01) + + +In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory. + + +- [butterflyhack/CVE-2019-8956](https://github.com/butterflyhack/CVE-2019-8956) + ### CVE-2019-8978 (2019-05-14) @@ -4478,6 +4943,14 @@ Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allo - [ZenyWay/opgp-service-cve-2019-9153](https://github.com/ZenyWay/opgp-service-cve-2019-9153) +### CVE-2019-9184 (2019-02-26) + + +SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter. + + +- [cved-sources/cve-2019-9184](https://github.com/cved-sources/cve-2019-9184) + ### CVE-2019-9193 (2019-04-01) @@ -4486,6 +4959,22 @@ Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allo - [skyship36/CVE-2019-9193](https://github.com/skyship36/CVE-2019-9193) +### CVE-2019-9194 (2019-02-26) + + +elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. + + +- [cved-sources/cve-2019-9194](https://github.com/cved-sources/cve-2019-9194) + +### CVE-2019-9202 (2019-03-28) + + +Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues. + + +- [polict/CVE-2019-9202](https://github.com/polict/CVE-2019-9202) + ### CVE-2019-9465 (2020-01-07) @@ -4510,6 +4999,14 @@ Some HTTP/2 implementations are vulnerable to window size manipulation and strea - [flyniu666/ingress-nginx-0.21-1.19.5](https://github.com/flyniu666/ingress-nginx-0.21-1.19.5) +### CVE-2019-9580 (2019-03-08) + + +In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3, it is possible to bypass the CORS protection mechanism via a "null" origin value, potentially leading to XSS. + + +- [mpgn/CVE-2019-9580](https://github.com/mpgn/CVE-2019-9580) + ### CVE-2019-9596 (2019-10-23) @@ -4526,6 +5023,22 @@ The AirDroid application through 4.2.1.6 for Android allows remote attackers to - [s4vitar/AirDroidPwner](https://github.com/s4vitar/AirDroidPwner) +### CVE-2019-9621 (2019-04-30) + + +Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component. + + +- [k8gege/ZimbraExploit](https://github.com/k8gege/ZimbraExploit) + +### CVE-2019-9653 (2019-05-31) + + +NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handle_load_config.php. + + +- [grayoneday/CVE-2019-9653](https://github.com/grayoneday/CVE-2019-9653) + ### CVE-2019-9670 (2019-05-29) @@ -4535,6 +5048,30 @@ mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 - [rek7/Zimbra-RCE](https://github.com/rek7/Zimbra-RCE) - [attackgithub/Zimbra-RCE](https://github.com/attackgithub/Zimbra-RCE) +### CVE-2019-9673 (2019-06-05) + + +Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI. + + +- [mgrube/CVE-2019-9673](https://github.com/mgrube/CVE-2019-9673) + +### CVE-2019-9729 (2019-03-12) + + +In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signedness error and a heap-based buffer underflow. + + +- [HyperSine/SdoKeyCrypt-sys-local-privilege-elevation](https://github.com/HyperSine/SdoKeyCrypt-sys-local-privilege-elevation) + +### CVE-2019-9730 (2019-06-05) + + +Incorrect access control in the CxUtilSvc component of the Synaptics Sound Device drivers prior to version 2.29 allows a local attacker to increase access privileges to the Windows Registry via an unpublished API. + + +- [jthuraisamy/CVE-2019-9730](https://github.com/jthuraisamy/CVE-2019-9730) + ### CVE-2019-9745 (2019-10-14) @@ -4557,6 +5094,7 @@ Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, a WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php. +- [rkatogit/cve-2019-9787_csrf_poc](https://github.com/rkatogit/cve-2019-9787_csrf_poc) - [PalmTreeForest/CodePath_Week_7-8](https://github.com/PalmTreeForest/CodePath_Week_7-8) - [sijiahi/Wordpress_cve-2019-9787_defense](https://github.com/sijiahi/Wordpress_cve-2019-9787_defense) - [matinciel/Wordpress_CVE-2019-9787](https://github.com/matinciel/Wordpress_CVE-2019-9787) @@ -4567,8 +5105,28 @@ WordPress before 5.1.1 does not properly filter comment content, leading to Remo Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1. +- [xuechiyaobai/CVE-2019-9810-PoC](https://github.com/xuechiyaobai/CVE-2019-9810-PoC) - [0vercl0k/CVE-2019-9810](https://github.com/0vercl0k/CVE-2019-9810) +### CVE-2019-9896 (2019-03-20) + + +In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable. + + +- [yasinyilmaz/vuln-chm-hijack](https://github.com/yasinyilmaz/vuln-chm-hijack) + +### CVE-2019-9978 (2019-03-24) + + +The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro. + + +- [mpgn/CVE-2019-9978](https://github.com/mpgn/CVE-2019-9978) +- [hash3liZer/CVE-2019-9978](https://github.com/hash3liZer/CVE-2019-9978) +- [KTN1990/CVE-2019-9978](https://github.com/KTN1990/CVE-2019-9978) +- [cved-sources/cve-2019-9978](https://github.com/cved-sources/cve-2019-9978) + ### CVE-2019-10008 (2019-04-24) @@ -4599,6 +5157,11 @@ In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was rep A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. +- [bananaphones/exim-rce-quickfix](https://github.com/bananaphones/exim-rce-quickfix) +- [cowbe0x004/eximrce-CVE-2019-10149](https://github.com/cowbe0x004/eximrce-CVE-2019-10149) +- [MNEMO-CERT/PoC--CVE-2019-10149_Exim](https://github.com/MNEMO-CERT/PoC--CVE-2019-10149_Exim) +- [aishee/CVE-2019-10149-quick](https://github.com/aishee/CVE-2019-10149-quick) +- [AzizMea/CVE-2019-10149-privilege-escalation](https://github.com/AzizMea/CVE-2019-10149-privilege-escalation) - [Brets0150/StickyExim](https://github.com/Brets0150/StickyExim) - [ChrissHack/exim.exp](https://github.com/ChrissHack/exim.exp) - [darsigovrustam/CVE-2019-10149](https://github.com/darsigovrustam/CVE-2019-10149) @@ -4614,6 +5177,14 @@ A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML - [rusakovichma/CVE-2019-10172](https://github.com/rusakovichma/CVE-2019-10172) +### CVE-2019-10207 (2019-11-25) + + +A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash. + + +- [butterflyhack/CVE-2019-10207](https://github.com/butterflyhack/CVE-2019-10207) + ### CVE-2019-10392 (2019-09-12) @@ -4639,6 +5210,14 @@ Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument op - [cved-sources/cve-2019-10678](https://github.com/cved-sources/cve-2019-10678) +### CVE-2019-10685 (2019-05-24) + + +A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Heidelberg Prinect Archiver v2013 release 1.0. + + +- [alt3kx/CVE-2019-10685](https://github.com/alt3kx/CVE-2019-10685) + ### CVE-2019-10708 (2019-04-02) @@ -4664,6 +5243,22 @@ All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 br - [RepublicR0K/CVE-2019-10779](https://github.com/RepublicR0K/CVE-2019-10779) +### CVE-2019-10869 (2019-05-07) + + +Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php (aka upload/submit page) name and tmp_name parameters. + + +- [KTN1990/CVE-2019-10869](https://github.com/KTN1990/CVE-2019-10869) + +### CVE-2019-10915 (2019-07-11) + + +A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. + + +- [jiansiting/CVE-2019-10915](https://github.com/jiansiting/CVE-2019-10915) + ### CVE-2019-10999 (2019-05-06) @@ -4707,6 +5302,14 @@ A broken access control vulnerability in HG100 firmware versions up to 4.00.06 a - [tim124058/ASUS-SmartHome-Exploit](https://github.com/tim124058/ASUS-SmartHome-Exploit) +### CVE-2019-11076 (2019-04-23) + + +Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request. + + +- [livehybrid/poc-cribl-rce](https://github.com/livehybrid/poc-cribl-rce) + ### CVE-2019-11157 (2019-12-16) @@ -4715,6 +5318,14 @@ Improper conditions check in voltage settings for some Intel(R) Processors may a - [zkenjar/v0ltpwn](https://github.com/zkenjar/v0ltpwn) +### CVE-2019-11223 (2019-04-18) + + +An Unrestricted File Upload Vulnerability in the SupportCandy plugin through 2.0.0 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension. + + +- [AngelCtulhu/CVE-2019-11223](https://github.com/AngelCtulhu/CVE-2019-11223) + ### CVE-2019-11224 (2019-05-15) @@ -4730,6 +5341,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan - [DanielRuf/snyk-js-jquery-174006](https://github.com/DanielRuf/snyk-js-jquery-174006) +- [bitnesswise/jquery-prototype-pollution-fix](https://github.com/bitnesswise/jquery-prototype-pollution-fix) - [DanielRuf/snyk-js-jquery-565129](https://github.com/DanielRuf/snyk-js-jquery-565129) ### CVE-2019-11447 (2019-04-22) @@ -4742,6 +5354,14 @@ An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate th - [mt-code/CVE-2019-11447](https://github.com/mt-code/CVE-2019-11447) - [khuntor/CVE-2019-11447-EXP](https://github.com/khuntor/CVE-2019-11447-EXP) +### CVE-2019-11477 (2019-06-18) + + +Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff. + + +- [sasqwatch/cve-2019-11477-poc](https://github.com/sasqwatch/cve-2019-11477-poc) + ### CVE-2019-11510 (2019-05-08) @@ -4761,6 +5381,14 @@ In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7 - [andripwn/pulse-exploit](https://github.com/andripwn/pulse-exploit) - [pwn3z/CVE-2019-11510-PulseVPN](https://github.com/pwn3z/CVE-2019-11510-PulseVPN) +### CVE-2019-11523 (2019-06-06) + + +Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No authentication/encryption is done. Attackers can fully interact with the device: for example, send the "open door" command, download the users list (which includes RFID codes and passcodes in cleartext), or update/create users. The same attack can be executed on a local network and over the internet (if the device is exposed on a public IP address). + + +- [wizlab-it/anviz-m3-rfid-cve-2019-11523-poc](https://github.com/wizlab-it/anviz-m3-rfid-cve-2019-11523-poc) + ### CVE-2019-11539 (2019-04-25) @@ -4775,6 +5403,7 @@ In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x), from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x), from version 3.2.0 before 3.2.8 (the fixed version for 3.2.x), from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x), and from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability. +- [jas502n/CVE-2019-11580](https://github.com/jas502n/CVE-2019-11580) - [shelld3v/CVE-2019-11580](https://github.com/shelld3v/CVE-2019-11580) ### CVE-2019-11581 (2019-08-09) @@ -4783,6 +5412,7 @@ Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin inco There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability. +- [jas502n/CVE-2019-11581](https://github.com/jas502n/CVE-2019-11581) - [kobs0N/CVE-2019-11581](https://github.com/kobs0N/CVE-2019-11581) ### CVE-2019-11687 (2019-05-02) @@ -4818,6 +5448,14 @@ A vulnerability exists where if a user opens a locally saved HTML file, this fil - [alidnf/CVE-2019-11730](https://github.com/alidnf/CVE-2019-11730) +### CVE-2019-11881 (2019-06-10) + + +A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading" message. + + +- [MauroEldritch/VanCleef](https://github.com/MauroEldritch/VanCleef) + ### CVE-2019-11931 (2019-11-14) @@ -4866,6 +5504,22 @@ A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x befo - [codeplutos/CVE-2019-12086-jackson-databind-file-read](https://github.com/codeplutos/CVE-2019-12086-jackson-databind-file-read) - [Al1ex/CVE-2019-12086](https://github.com/Al1ex/CVE-2019-12086) +### CVE-2019-12169 (2019-06-03) + + +ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in remote code execution via a ".." pathname in a ZIP archive to the mods/_core/languages/language_import.php (aka Import New Language) or mods/_standard/patcher/index_admin.php (aka Patcher) component. + + +- [fuzzlove/ATutor-2.2.4-Language-Exploit](https://github.com/fuzzlove/ATutor-2.2.4-Language-Exploit) + +### CVE-2019-12170 (2019-05-17) + + +ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. + + +- [fuzzlove/ATutor-Instructor-Backup-Arbitrary-File](https://github.com/fuzzlove/ATutor-Instructor-Backup-Arbitrary-File) + ### CVE-2019-12180 (2020-02-05) @@ -4882,14 +5536,39 @@ A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 f - [guywhataguy/CVE-2019-12181](https://github.com/guywhataguy/CVE-2019-12181) +### CVE-2019-12185 (2019-05-19) + + +eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. + + +- [fuzzlove/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE](https://github.com/fuzzlove/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE) + ### CVE-2019-12189 (2019-05-21) An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do search field. +- [falconz/CVE-2019-12189](https://github.com/falconz/CVE-2019-12189) - [tuyenhva/CVE-2019-12189](https://github.com/tuyenhva/CVE-2019-12189) +### CVE-2019-12190 (2019-05-21) + + +XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the testacc/fileManager2.php fm_current_dir or filename parameter. + + +- [tuyenhva/CVE-2019-12190](https://github.com/tuyenhva/CVE-2019-12190) + +### CVE-2019-12252 (2019-05-21) + + +In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the lowest privileges (guest) can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail&notifyTo=SOLFORWARD&id= substring. + + +- [tuyenhva/CVE-2019-12252](https://github.com/tuyenhva/CVE-2019-12252) + ### CVE-2019-12255 (2019-08-09) @@ -4904,6 +5583,7 @@ Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). Th In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability. +- [HACHp1/LuCI_RCE_exp](https://github.com/HACHp1/LuCI_RCE_exp) - [roguedream/lede-17.01.3](https://github.com/roguedream/lede-17.01.3) ### CVE-2019-12314 (2019-05-24) @@ -4920,6 +5600,7 @@ Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path travers FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible. +- [jas502n/CVE-2019-12384](https://github.com/jas502n/CVE-2019-12384) - [MagicZer0/Jackson_RCE-CVE-2019-12384](https://github.com/MagicZer0/Jackson_RCE-CVE-2019-12384) ### CVE-2019-12409 (2019-11-18) @@ -4930,6 +5611,30 @@ The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the - [jas502n/CVE-2019-12409](https://github.com/jas502n/CVE-2019-12409) +### CVE-2019-12453 (2019-07-19) + + +In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation. + + +- [undefinedmode/CVE-2019-12453](https://github.com/undefinedmode/CVE-2019-12453) + +### CVE-2019-12460 (2019-05-30) + + +Web Port 1.19.1 allows XSS via the /access/setup type parameter. + + +- [EmreOvunc/WebPort-v1.19.1-Reflected-XSS](https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS) + +### CVE-2019-12475 (2019-07-17) + + +In MicroStrategy Web before 10.4.6, there is stored XSS in metric due to insufficient input validation. + + +- [undefinedmode/CVE-2019-12475](https://github.com/undefinedmode/CVE-2019-12475) + ### CVE-2019-12476 (2019-06-17) @@ -4986,6 +5691,23 @@ The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266 - [Matheus-Garbelini/esp32_esp8266_attacks](https://github.com/Matheus-Garbelini/esp32_esp8266_attacks) +### CVE-2019-12594 (2019-07-02) + + +DOSBox 0.74-2 has Incorrect Access Control. + + +- [Alexandre-Bartel/CVE-2019-12594](https://github.com/Alexandre-Bartel/CVE-2019-12594) + +### CVE-2019-12735 (2019-06-05) + + +getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. + + +- [pcy190/ace-vim-neovim](https://github.com/pcy190/ace-vim-neovim) +- [oldthree3/CVE-2019-12735-VIM-NEOVIM](https://github.com/oldthree3/CVE-2019-12735-VIM-NEOVIM) + ### CVE-2019-12750 (2019-07-31) @@ -4994,6 +5716,9 @@ Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec - [v-p-b/cve-2019-12750](https://github.com/v-p-b/cve-2019-12750) +### CVE-2019-12796 +- [PeterUpfold/CVE-2019-12796](https://github.com/PeterUpfold/CVE-2019-12796) + ### CVE-2019-12814 (2019-06-19) @@ -5045,6 +5770,14 @@ RedwoodHQ 2.5.5 does not require any authentication for database operations, whi - [EthicalHCOP/CVE-2019-12890_RedxploitHQ](https://github.com/EthicalHCOP/CVE-2019-12890_RedxploitHQ) +### CVE-2019-12949 (2019-06-25) + + +In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remote attacker can run any command with root privileges on that server. + + +- [tarantula-team/CVE-2019-12949](https://github.com/tarantula-team/CVE-2019-12949) + ### CVE-2019-12999 (2020-01-31) @@ -5078,6 +5811,14 @@ Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access - [x1tan/CVE-2019-13025](https://github.com/x1tan/CVE-2019-13025) +### CVE-2019-13027 (2019-07-12) + + +Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter. + + +- [IckoGZ/CVE-2019-13027](https://github.com/IckoGZ/CVE-2019-13027) + ### CVE-2019-13051 (2019-10-09) @@ -5086,6 +5827,14 @@ Pi-Hole 4.3 allows Command Injection. - [pr0tean/CVE-2019-13051](https://github.com/pr0tean/CVE-2019-13051) +### CVE-2019-13063 (2019-09-23) + + +Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will result in file disclosure (i.e., being able to pull any file from the remote victim application). This can be used to steal and obtain sensitive config and other files. This can result in complete compromise of the application. The script parameter is vulnerable to directory traversal and both local and remote file inclusion. + + +- [0x6b7966/CVE-2019-13063-POC](https://github.com/0x6b7966/CVE-2019-13063-POC) + ### CVE-2019-13086 (2019-06-30) @@ -5125,6 +5874,8 @@ An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fin In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments. +- [jas502n/CVE-2019-13272](https://github.com/jas502n/CVE-2019-13272) +- [Cyc1eC/CVE-2019-13272](https://github.com/Cyc1eC/CVE-2019-13272) - [bigbigliang-malwarebenchmark/cve-2019-13272](https://github.com/bigbigliang-malwarebenchmark/cve-2019-13272) - [oneoy/CVE-2019-13272](https://github.com/oneoy/CVE-2019-13272) - [Huandtx/CVE-2019-13272](https://github.com/Huandtx/CVE-2019-13272) @@ -5143,6 +5894,14 @@ Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker - [lodi-g/CVE-2019-13361](https://github.com/lodi-g/CVE-2019-13361) +### CVE-2019-13403 (2019-07-17) + + +Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information. + + +- [B3Bo1d/CVE-2019-13403](https://github.com/B3Bo1d/CVE-2019-13403) + ### CVE-2019-13404 (2019-07-07) @@ -5326,6 +6085,14 @@ The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 appli - [0x48piraj/CVE-2019-14339](https://github.com/0x48piraj/CVE-2019-14339) +### CVE-2019-14439 (2019-07-30) + + +A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath. + + +- [jas502n/CVE-2019-14439](https://github.com/jas502n/CVE-2019-14439) + ### CVE-2019-14450 (2019-10-28) @@ -6306,6 +7073,17 @@ A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in exten - [Fysac/CVE-2019-20326](https://github.com/Fysac/CVE-2019-20326) +### CVE-2019-48814 +- [wucj001/cve-2019-48814](https://github.com/wucj001/cve-2019-48814) + +### CVE-2019-1002101 (2019-04-01) + + +The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0. + + +- [brompwnie/CVE-2019-1002101-Helpers](https://github.com/brompwnie/CVE-2019-1002101-Helpers) + ### CVE-2019-1003000 (2019-01-22) @@ -6313,6 +7091,9 @@ A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier - [wetw0rk/Exploit-Development](https://github.com/wetw0rk/Exploit-Development) +- [adamyordan/cve-2019-1003000-jenkins-rce-poc](https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc) +- [0xtavian/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins](https://github.com/0xtavian/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins) +- [1NTheKut/CVE-2019-1003000_RCE-DETECTION](https://github.com/1NTheKut/CVE-2019-1003000_RCE-DETECTION) ### CVE-2019-1010054 (2019-07-18) @@ -9677,6 +10458,22 @@ The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Serv - [sheri31/0005poc](https://github.com/sheri31/0005poc) +### CVE-2017-0038 (2017-02-20) + + +gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap memory via a crafted EMF file, as demonstrated by an EMR_SETDIBITSTODEVICE record with modified Device Independent Bitmap (DIB) dimensions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3216, CVE-2016-3219, and/or CVE-2016-3220. + + +- [k0keoyo/CVE-2017-0038-EXP-C-JS](https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS) + +### CVE-2017-0065 (2017-03-16) + + +Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068. + + +- [Dankirk/cve-2017-0065](https://github.com/Dankirk/cve-2017-0065) + ### CVE-2017-0075 (2017-03-16) @@ -9685,12 +10482,29 @@ Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows - [4B5F5F4B/HyperV](https://github.com/4B5F5F4B/HyperV) +### CVE-2017-0106 (2017-04-12) + + +Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." + + +- [ryhanson/CVE-2017-0106](https://github.com/ryhanson/CVE-2017-0106) + +### CVE-2017-0108 (2017-03-16) + + +The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014. + + +- [homjxi0e/CVE-2017-0108](https://github.com/homjxi0e/CVE-2017-0108) + ### CVE-2017-0143 (2017-03-16) The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148. +- [valarauco/wannafind](https://github.com/valarauco/wannafind) - [6A0BCD80/Etern-blue-Windows-7-Checker](https://github.com/6A0BCD80/Etern-blue-Windows-7-Checker) ### CVE-2017-0144 (2017-03-16) @@ -9702,21 +10516,56 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 - [peterpt/eternal_scanner](https://github.com/peterpt/eternal_scanner) - [kimocoder/eternalblue](https://github.com/kimocoder/eternalblue) +### CVE-2017-0145 (2017-03-16) + + +The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148. + + +- [MelonSmasher/chef_tissues](https://github.com/MelonSmasher/chef_tissues) + ### CVE-2017-0199 (2017-04-12) Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." +- [ryhanson/CVE-2017-0199](https://github.com/ryhanson/CVE-2017-0199) +- [SyFi/cve-2017-0199](https://github.com/SyFi/cve-2017-0199) +- [bhdresh/CVE-2017-0199](https://github.com/bhdresh/CVE-2017-0199) +- [NotAwful/CVE-2017-0199-Fix](https://github.com/NotAwful/CVE-2017-0199-Fix) +- [haibara3839/CVE-2017-0199-master](https://github.com/haibara3839/CVE-2017-0199-master) +- [Exploit-install/CVE-2017-0199](https://github.com/Exploit-install/CVE-2017-0199) +- [zakybstrd21215/PoC-CVE-2017-0199](https://github.com/zakybstrd21215/PoC-CVE-2017-0199) +- [n1shant-sinha/CVE-2017-0199](https://github.com/n1shant-sinha/CVE-2017-0199) +- [kn0wm4d/htattack](https://github.com/kn0wm4d/htattack) +- [joke998/Cve-2017-0199](https://github.com/joke998/Cve-2017-0199) +- [joke998/Cve-2017-0199-](https://github.com/joke998/Cve-2017-0199-) +- [sUbc0ol/Microsoft-Word-CVE-2017-0199-](https://github.com/sUbc0ol/Microsoft-Word-CVE-2017-0199-) +- [viethdgit/CVE-2017-0199](https://github.com/viethdgit/CVE-2017-0199) +- [nicpenning/RTF-Cleaner](https://github.com/nicpenning/RTF-Cleaner) +- [bloomer1016/2017-11-17-Maldoc-Using-CVE-2017-0199](https://github.com/bloomer1016/2017-11-17-Maldoc-Using-CVE-2017-0199) +- [jacobsoo/RTF-Cleaner](https://github.com/jacobsoo/RTF-Cleaner) - [likescam/CVE-2017-0199](https://github.com/likescam/CVE-2017-0199) - [stealth-ronin/CVE-2017-0199-PY-KIT](https://github.com/stealth-ronin/CVE-2017-0199-PY-KIT) +### CVE-2017-0204 (2017-04-12) + + +Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability." + + +- [ryhanson/CVE-2017-0204](https://github.com/ryhanson/CVE-2017-0204) + ### CVE-2017-0213 (2017-05-12) Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214. +- [shaheemirza/CVE-2017-0213-](https://github.com/shaheemirza/CVE-2017-0213-) +- [zcgonvh/CVE-2017-0213](https://github.com/zcgonvh/CVE-2017-0213) +- [billa3283/CVE-2017-0213](https://github.com/billa3283/CVE-2017-0213) - [likescam/CVE-2017-0213](https://github.com/likescam/CVE-2017-0213) - [jbooz1/CVE-2017-0213](https://github.com/jbooz1/CVE-2017-0213) - [eonrickity/CVE-2017-0213](https://github.com/eonrickity/CVE-2017-0213) @@ -9747,6 +10596,14 @@ The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows - [R06otMD5/cve-2017-0263-poc](https://github.com/R06otMD5/cve-2017-0263-poc) +### CVE-2017-0290 (2017-05-09) + + +The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." + + +- [homjxi0e/CVE-2017-0290-](https://github.com/homjxi0e/CVE-2017-0290-) + ### CVE-2017-0411 (2017-02-08) @@ -9761,6 +10618,7 @@ An elevation of privilege vulnerability in the Framework APIs could enable a loc A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33718716. +- [JiounDai/CVE-2017-0478](https://github.com/JiounDai/CVE-2017-0478) - [likescam/CVE-2017-0478](https://github.com/likescam/CVE-2017-0478) ### CVE-2017-0541 (2017-04-07) @@ -9769,14 +10627,32 @@ A remote code execution vulnerability in the Framesequence library could enable A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34031018. +- [JiounDai/CVE-2017-0541](https://github.com/JiounDai/CVE-2017-0541) - [likescam/CVE-2017-0541](https://github.com/likescam/CVE-2017-0541) +### CVE-2017-0554 (2017-04-07) + + +An elevation of privilege vulnerability in the Telephony component could enable a local malicious application to access capabilities outside of its permission levels. This issue is rated as Moderate because it could be used to gain access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33815946. + + +- [lanrat/tethr](https://github.com/lanrat/tethr) + +### CVE-2017-0564 (2017-04-07) + + +An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34276203. + + +- [guoygang/CVE-2017-0564-ION-PoC](https://github.com/guoygang/CVE-2017-0564-ION-PoC) + ### CVE-2017-0781 (2017-09-14) A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105. +- [ojasookert/CVE-2017-0781](https://github.com/ojasookert/CVE-2017-0781) - [marcinguy/android712-blueborne](https://github.com/marcinguy/android712-blueborne) - [mjancek/BlueborneDetection](https://github.com/mjancek/BlueborneDetection) - [CrackSoft900/Blue-Borne](https://github.com/CrackSoft900/Blue-Borne) @@ -9787,7 +10663,13 @@ A remote code execution vulnerability in the Android system (bluetooth). Product A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698. +- [ojasookert/CVE-2017-0785](https://github.com/ojasookert/CVE-2017-0785) +- [aymankhalfatni/CVE-2017-0785](https://github.com/aymankhalfatni/CVE-2017-0785) +- [Alfa100001/-CVE-2017-0785-BlueBorne-PoC](https://github.com/Alfa100001/-CVE-2017-0785-BlueBorne-PoC) +- [Hackerscript/BlueBorne-CVE-2017-0785](https://github.com/Hackerscript/BlueBorne-CVE-2017-0785) - [pieterbork/blueborne](https://github.com/pieterbork/blueborne) +- [sigbitsadmin/diff](https://github.com/sigbitsadmin/diff) +- [SigBitsLabs/diff](https://github.com/SigBitsLabs/diff) - [RavSS/Bluetooth-Crash-CVE-2017-0785](https://github.com/RavSS/Bluetooth-Crash-CVE-2017-0785) ### CVE-2017-0806 (2017-10-03) @@ -9798,14 +10680,57 @@ An elevation of privilege vulnerability in the Android framework (gatekeeperresp - [michalbednarski/ReparcelBug](https://github.com/michalbednarski/ReparcelBug) +### CVE-2017-0807 (2017-10-03) + + +An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974. + + +- [kpatsakis/PoC_CVE-2017-0807](https://github.com/kpatsakis/PoC_CVE-2017-0807) + +### CVE-2017-1635 (2017-12-13) + + +IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243. + + +- [emcalv/tivoli-poc](https://github.com/emcalv/tivoli-poc) + +### CVE-2017-2368 (2017-02-20) + + +An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "Contacts" component. It allows remote attackers to cause a denial of service (application crash) via a crafted contact card. + + +- [vincedes3/CVE-2017-2368](https://github.com/vincedes3/CVE-2017-2368) + ### CVE-2017-2370 (2017-02-20) An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. +- [maximehip/extra_recipe](https://github.com/maximehip/extra_recipe) +- [JackBro/extra_recipe](https://github.com/JackBro/extra_recipe) +- [Rootkitsmm/extra_recipe-iOS-10.2](https://github.com/Rootkitsmm/extra_recipe-iOS-10.2) - [Peterpan0927/CVE-2017-2370](https://github.com/Peterpan0927/CVE-2017-2370) +### CVE-2017-2388 (2017-04-01) + + +An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. + + +- [bazad/IOFireWireFamily-null-deref](https://github.com/bazad/IOFireWireFamily-null-deref) + +### CVE-2017-2636 (2017-03-07) + + +Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. + + +- [alexzorin/cve-2017-2636-el](https://github.com/alexzorin/cve-2017-2636-el) + ### CVE-2017-2666 (2018-07-27) @@ -9814,6 +10739,14 @@ It was discovered in Undertow that the code that parsed the HTTP request line pe - [tafamace/CVE-2017-2666](https://github.com/tafamace/CVE-2017-2666) +### CVE-2017-2671 (2017-04-05) + + +The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call. + + +- [homjxi0e/CVE-2017-2671](https://github.com/homjxi0e/CVE-2017-2671) + ### CVE-2017-2751 (2018-10-03) @@ -9822,6 +10755,14 @@ A BIOS password extraction vulnerability has been reported on certain consumer n - [BaderSZ/CVE-2017-2751](https://github.com/BaderSZ/CVE-2017-2751) +### CVE-2017-2793 (2017-05-23) + + +An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigger this vulnerability. + + +- [sUbc0ol/Detection-for-CVE-2017-2793](https://github.com/sUbc0ol/Detection-for-CVE-2017-2793) + ### CVE-2017-3000 (2017-03-14) @@ -9839,6 +10780,14 @@ Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, - [codewhitesec/ColdFusionPwn](https://github.com/codewhitesec/ColdFusionPwn) - [cucadili/CVE-2017-3066](https://github.com/cucadili/CVE-2017-3066) +### CVE-2017-3078 (2017-06-20) + + +Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Successful exploitation could lead to arbitrary code execution. + + +- [homjxi0e/CVE-2017-3078](https://github.com/homjxi0e/CVE-2017-3078) + ### CVE-2017-3143 (2019-01-16) @@ -9847,6 +10796,14 @@ An attacker who is able to send and receive messages to an authoritative DNS ser - [saaph/CVE-2017-3143](https://github.com/saaph/CVE-2017-3143) +### CVE-2017-3241 (2017-01-27) + + +Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). + + +- [xfei3/CVE-2017-3241-POC](https://github.com/xfei3/CVE-2017-3241-POC) + ### CVE-2017-3248 (2017-01-27) @@ -9865,6 +10822,42 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - [ianxtianxt/CVE-2017-3506](https://github.com/ianxtianxt/CVE-2017-3506) - [Al1ex/CVE-2017-3506](https://github.com/Al1ex/CVE-2017-3506) +### CVE-2017-3599 (2017-04-24) + + +Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet. + + +- [SECFORCE/CVE-2017-3599](https://github.com/SECFORCE/CVE-2017-3599) + +### CVE-2017-3730 (2017-05-04) + + +In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack. + + +- [guidovranken/CVE-2017-3730](https://github.com/guidovranken/CVE-2017-3730) +- [ymmah/OpenSSL-CVE-2017-3730](https://github.com/ymmah/OpenSSL-CVE-2017-3730) + +### CVE-2017-3881 (2017-03-17) + + +A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893. + + +- [artkond/cisco-rce](https://github.com/artkond/cisco-rce) +- [homjxi0e/CVE-2017-3881-exploit-cisco-](https://github.com/homjxi0e/CVE-2017-3881-exploit-cisco-) +- [homjxi0e/CVE-2017-3881-Cisco](https://github.com/homjxi0e/CVE-2017-3881-Cisco) +- [zakybstrd21215/PoC-CVE-2017-3881](https://github.com/zakybstrd21215/PoC-CVE-2017-3881) +- [1337g/CVE-2017-3881](https://github.com/1337g/CVE-2017-3881) + +### CVE-2017-4490 +- [homjxi0e/CVE-2017-4490-](https://github.com/homjxi0e/CVE-2017-4490-) +- [homjxi0e/CVE-2017-4490-install-Script-Python-in-Terminal-](https://github.com/homjxi0e/CVE-2017-4490-install-Script-Python-in-Terminal-) + +### CVE-2017-4878 +- [brianwrf/CVE-2017-4878-Samples](https://github.com/brianwrf/CVE-2017-4878-Samples) + ### CVE-2017-4971 (2017-06-13) @@ -9873,6 +10866,14 @@ An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications t - [cved-sources/cve-2017-4971](https://github.com/cved-sources/cve-2017-4971) +### CVE-2017-5005 (2017-01-02) + + +Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation. + + +- [payatu/QuickHeal](https://github.com/payatu/QuickHeal) + ### CVE-2017-5007 (2017-02-17) @@ -9882,10 +10883,20 @@ Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56. - [Ang-YC/CVE-2017-5007](https://github.com/Ang-YC/CVE-2017-5007) ### CVE-2017-5123 +- [FloatingGuy/CVE-2017-5123](https://github.com/FloatingGuy/CVE-2017-5123) +- [0x5068656e6f6c/CVE-2017-5123](https://github.com/0x5068656e6f6c/CVE-2017-5123) - [Synacktiv-contrib/exploiting-cve-2017-5123](https://github.com/Synacktiv-contrib/exploiting-cve-2017-5123) - [teawater/CVE-2017-5123](https://github.com/teawater/CVE-2017-5123) - [c3r34lk1ll3r/CVE-2017-5123](https://github.com/c3r34lk1ll3r/CVE-2017-5123) +### CVE-2017-5124 (2018-02-07) + + +Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page. + + +- [Bo0oM/CVE-2017-5124](https://github.com/Bo0oM/CVE-2017-5124) + ### CVE-2017-5223 (2017-01-16) @@ -9894,27 +10905,86 @@ An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method a - [cscli/CVE-2017-5223](https://github.com/cscli/CVE-2017-5223) +### CVE-2017-5415 (2018-06-11) + + +An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox < 52. + + +- [649/CVE-2017-5415](https://github.com/649/CVE-2017-5415) + ### CVE-2017-5487 (2017-01-14) wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request. +- [teambugsbunny/wpUsersScan](https://github.com/teambugsbunny/wpUsersScan) - [R3K1NG/wpUsersScan](https://github.com/R3K1NG/wpUsersScan) - [GeunSam2/CVE-2017-5487](https://github.com/GeunSam2/CVE-2017-5487) - [patilkr/wp-CVE-2017-5487-exploit](https://github.com/patilkr/wp-CVE-2017-5487-exploit) +### CVE-2017-5633 (2017-03-06) + + +Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. + + +- [cardangi/Exploit-CVE-2017-5633](https://github.com/cardangi/Exploit-CVE-2017-5633) + ### CVE-2017-5638 (2017-03-10) The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. +- [PolarisLab/S2-045](https://github.com/PolarisLab/S2-045) +- [Flyteas/Struts2-045-Exp](https://github.com/Flyteas/Struts2-045-Exp) +- [bongbongco/cve-2017-5638](https://github.com/bongbongco/cve-2017-5638) +- [jas502n/S2-045-EXP-POC-TOOLS](https://github.com/jas502n/S2-045-EXP-POC-TOOLS) +- [mthbernardes/strutszeiro](https://github.com/mthbernardes/strutszeiro) +- [xsscx/cve-2017-5638](https://github.com/xsscx/cve-2017-5638) +- [immunio/apache-struts2-CVE-2017-5638](https://github.com/immunio/apache-struts2-CVE-2017-5638) +- [Masahiro-Yamada/OgnlContentTypeRejectorValve](https://github.com/Masahiro-Yamada/OgnlContentTypeRejectorValve) +- [aljazceru/CVE-2017-5638-Apache-Struts2](https://github.com/aljazceru/CVE-2017-5638-Apache-Struts2) +- [sjitech/test_struts2_vulnerability_CVE-2017-5638](https://github.com/sjitech/test_struts2_vulnerability_CVE-2017-5638) +- [jrrombaldo/CVE-2017-5638](https://github.com/jrrombaldo/CVE-2017-5638) +- [random-robbie/CVE-2017-5638](https://github.com/random-robbie/CVE-2017-5638) +- [initconf/CVE-2017-5638_struts](https://github.com/initconf/CVE-2017-5638_struts) - [mazen160/struts-pwn](https://github.com/mazen160/struts-pwn) +- [ret2jazzy/Struts-Apache-ExploitPack](https://github.com/ret2jazzy/Struts-Apache-ExploitPack) +- [lolwaleet/ExpStruts](https://github.com/lolwaleet/ExpStruts) +- [oktavianto/CVE-2017-5638-Apache-Struts2](https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2) +- [jrrdev/cve-2017-5638](https://github.com/jrrdev/cve-2017-5638) +- [opt9/Strutshock](https://github.com/opt9/Strutshock) +- [falcon-lnhg/StrutsShell](https://github.com/falcon-lnhg/StrutsShell) +- [bhagdave/CVE-2017-5638](https://github.com/bhagdave/CVE-2017-5638) - [jas502n/st2-046-poc](https://github.com/jas502n/st2-046-poc) +- [KarzsGHR/S2-046_S2-045_POC](https://github.com/KarzsGHR/S2-046_S2-045_POC) +- [gsfish/S2-Reaper](https://github.com/gsfish/S2-Reaper) +- [mcassano/cve-2017-5638](https://github.com/mcassano/cve-2017-5638) +- [opt9/Strutscli](https://github.com/opt9/Strutscli) - [tahmed11/strutsy](https://github.com/tahmed11/strutsy) +- [payatu/CVE-2017-5638](https://github.com/payatu/CVE-2017-5638) +- [Aasron/Struts2-045-Exp](https://github.com/Aasron/Struts2-045-Exp) +- [SpiderMate/Stutsfi](https://github.com/SpiderMate/Stutsfi) +- [jpacora/Struts2Shell](https://github.com/jpacora/Struts2Shell) +- [AndreasKl/CVE-2017-5638](https://github.com/AndreasKl/CVE-2017-5638) +- [riyazwalikar/struts-rce-cve-2017-5638](https://github.com/riyazwalikar/struts-rce-cve-2017-5638) +- [homjxi0e/CVE-2017-5638](https://github.com/homjxi0e/CVE-2017-5638) +- [eeehit/CVE-2017-5638](https://github.com/eeehit/CVE-2017-5638) +- [sUbc0ol/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner](https://github.com/sUbc0ol/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner) +- [sUbc0ol/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638](https://github.com/sUbc0ol/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638) +- [R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit-](https://github.com/R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit-) +- [Xhendos/CVE-2017-5638](https://github.com/Xhendos/CVE-2017-5638) +- [TamiiLambrado/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner](https://github.com/TamiiLambrado/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner) +- [invisiblethreat/strutser](https://github.com/invisiblethreat/strutser) - [lizhi16/CVE-2017-5638](https://github.com/lizhi16/CVE-2017-5638) +- [c002/Apache-Struts](https://github.com/c002/Apache-Struts) +- [donaldashdown/Common-Vulnerability-and-Exploit](https://github.com/donaldashdown/Common-Vulnerability-and-Exploit) - [grant100/cybersecurity-struts2](https://github.com/grant100/cybersecurity-struts2) +- [cafnet/apache-struts-v2-CVE-2017-5638](https://github.com/cafnet/apache-struts-v2-CVE-2017-5638) +- [0x00-0x00/CVE-2017-5638](https://github.com/0x00-0x00/CVE-2017-5638) - [m3ssap0/struts2_cve-2017-5638](https://github.com/m3ssap0/struts2_cve-2017-5638) - [Greynad/struts2-jakarta-inject](https://github.com/Greynad/struts2-jakarta-inject) - [ggolawski/struts-rce](https://github.com/ggolawski/struts-rce) @@ -9943,7 +11013,10 @@ In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT). +- [CerberusSecurity/CVE-2017-5689](https://github.com/CerberusSecurity/CVE-2017-5689) - [x1sec/amthoneypot](https://github.com/x1sec/amthoneypot) +- [Bijaye/intel_amt_bypass](https://github.com/Bijaye/intel_amt_bypass) +- [embedi/amt_auth_bypass_poc](https://github.com/embedi/amt_auth_bypass_poc) ### CVE-2017-5693 (2018-07-31) @@ -9959,8 +11032,18 @@ Firmware in the Intel Puma 5, 6, and 7 Series might experience resource depletio Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. +- [opsxcq/exploit-cve-2017-5715](https://github.com/opsxcq/exploit-cve-2017-5715) - [mathse/meltdown-spectre-bios-list](https://github.com/mathse/meltdown-spectre-bios-list) - [GregAskew/SpeculativeExecutionAssessment](https://github.com/GregAskew/SpeculativeExecutionAssessment) +- [dmo2118/retpoline-audit](https://github.com/dmo2118/retpoline-audit) + +### CVE-2017-5721 (2017-10-10) + + +Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory. + + +- [embedi/smm_usbrt_poc](https://github.com/embedi/smm_usbrt_poc) ### CVE-2017-5753 (2018-01-04) @@ -9968,6 +11051,12 @@ Systems with microprocessors utilizing speculative execution and indirect branch Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. +- [Eugnis/spectre-attack](https://github.com/Eugnis/spectre-attack) +- [EdwardOwusuAdjei/Spectre-PoC](https://github.com/EdwardOwusuAdjei/Spectre-PoC) +- [poilynx/spectre-attack-example](https://github.com/poilynx/spectre-attack-example) +- [xsscx/cve-2017-5753](https://github.com/xsscx/cve-2017-5753) +- [pedrolucasoliva/spectre-attack-demo](https://github.com/pedrolucasoliva/spectre-attack-demo) +- [ixtal23/spectreScope](https://github.com/ixtal23/spectreScope) - [sachinthaBS/Spectre-Vulnerability-CVE-2017-5753-](https://github.com/sachinthaBS/Spectre-Vulnerability-CVE-2017-5753-) ### CVE-2017-5754 (2018-01-04) @@ -9979,6 +11068,9 @@ Systems with microprocessors utilizing speculative execution and indirect branch - [ionescu007/SpecuCheck](https://github.com/ionescu007/SpecuCheck) - [raphaelsc/Am-I-affected-by-Meltdown](https://github.com/raphaelsc/Am-I-affected-by-Meltdown) - [Viralmaniar/In-Spectre-Meltdown](https://github.com/Viralmaniar/In-Spectre-Meltdown) +- [speecyy/Am-I-affected-by-Meltdown](https://github.com/speecyy/Am-I-affected-by-Meltdown) +- [zzado/Meltdown](https://github.com/zzado/Meltdown) +- [jdmulloy/meltdown-aws-scanner](https://github.com/jdmulloy/meltdown-aws-scanner) ### CVE-2017-5792 (2018-02-15) @@ -10036,6 +11128,14 @@ D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DG - [varangamin/CVE-2017-6206](https://github.com/varangamin/CVE-2017-6206) +### CVE-2017-6370 (2017-03-17) + + +TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network and reading the userident and username fields. + + +- [faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request](https://github.com/faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request) + ### CVE-2017-6558 (2017-03-09) @@ -10058,6 +11158,7 @@ A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve57697. +- [GarnetSunset/CiscoSpectreTakeover](https://github.com/GarnetSunset/CiscoSpectreTakeover) - [GarnetSunset/CiscoIOSSNMPToolkit](https://github.com/GarnetSunset/CiscoIOSSNMPToolkit) ### CVE-2017-6913 (2018-09-18) @@ -10074,8 +11175,43 @@ Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail before 7.6. AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862. +- [patrickfreed/nfsen-exploit](https://github.com/patrickfreed/nfsen-exploit) - [KeyStrOke95/nfsen_1.3.7_CVE-2017-6971](https://github.com/KeyStrOke95/nfsen_1.3.7_CVE-2017-6971) +### CVE-2017-7038 (2017-07-20) + + +A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. + + +- [ansjdnakjdnajkd/CVE-2017-7038](https://github.com/ansjdnakjdnajkd/CVE-2017-7038) + +### CVE-2017-7047 (2017-07-20) + + +An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. + + +- [JosephShenton/Triple_Fetch-Kernel-Creds](https://github.com/JosephShenton/Triple_Fetch-Kernel-Creds) +- [q1f3/Triple_fetch](https://github.com/q1f3/Triple_fetch) + +### CVE-2017-7061 (2017-07-20) + + +An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. + + +- [TheLoneHaxor/jailbreakme103](https://github.com/TheLoneHaxor/jailbreakme103) + +### CVE-2017-7089 (2017-10-22) + + +An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that is mishandled during parent-tab processing. + + +- [Bo0oM/CVE-2017-7089](https://github.com/Bo0oM/CVE-2017-7089) +- [aymankhalfatni/Safari_Mac](https://github.com/aymankhalfatni/Safari_Mac) + ### CVE-2017-7092 (2017-10-22) @@ -10084,13 +11220,50 @@ An issue was discovered in certain Apple products. iOS before 11 is affected. Sa - [xuechiyaobai/CVE-2017-7092-PoC](https://github.com/xuechiyaobai/CVE-2017-7092-PoC) +### CVE-2017-7173 (2018-04-03) + + +An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. + + +- [bazad/sysctl_coalition_get_pid_list-dos](https://github.com/bazad/sysctl_coalition_get_pid_list-dos) + +### CVE-2017-7184 (2017-03-19) + + +The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52. + + +- [rockl/cve-2017-7184](https://github.com/rockl/cve-2017-7184) +- [rockl/cve-2017-7184-bak](https://github.com/rockl/cve-2017-7184-bak) + +### CVE-2017-7188 (2017-04-14) + + +Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a base64-encoded SCRIPT element within a data: URL in the returnUrl parameter to default/toggleCollapse. + + +- [faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC](https://github.com/faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC) + ### CVE-2017-7269 (2017-03-26) Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. +- [eliuha/webdav_exploit](https://github.com/eliuha/webdav_exploit) - [lcatro/CVE-2017-7269-Echo-PoC](https://github.com/lcatro/CVE-2017-7269-Echo-PoC) +- [caicai1355/CVE-2017-7269-exploit](https://github.com/caicai1355/CVE-2017-7269-exploit) +- [M1a0rz/CVE-2017-7269](https://github.com/M1a0rz/CVE-2017-7269) +- [whiteHat001/cve-2017-7269picture](https://github.com/whiteHat001/cve-2017-7269picture) +- [zcgonvh/cve-2017-7269](https://github.com/zcgonvh/cve-2017-7269) +- [jrrombaldo/CVE-2017-7269](https://github.com/jrrombaldo/CVE-2017-7269) +- [g0rx/iis6-exploit-2017-CVE-2017-7269](https://github.com/g0rx/iis6-exploit-2017-CVE-2017-7269) +- [slimpagey/IIS_6.0_WebDAV_Ruby](https://github.com/slimpagey/IIS_6.0_WebDAV_Ruby) +- [homjxi0e/cve-2017-7269](https://github.com/homjxi0e/cve-2017-7269) +- [xiaovpn/CVE-2017-7269](https://github.com/xiaovpn/CVE-2017-7269) +- [zcgonvh/cve-2017-7269-tool](https://github.com/zcgonvh/cve-2017-7269-tool) +- [mirrorblack/CVE-2017-7269](https://github.com/mirrorblack/CVE-2017-7269) - [Al1ex/CVE-2017-7269](https://github.com/Al1ex/CVE-2017-7269) ### CVE-2017-7374 (2017-03-31) @@ -10109,12 +11282,26 @@ Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by - [brahmstaedt/libxml2-exploit](https://github.com/brahmstaedt/libxml2-exploit) +### CVE-2017-7472 (2017-05-11) + + +The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls. + + +- [homjxi0e/CVE-2017-7472](https://github.com/homjxi0e/CVE-2017-7472) + ### CVE-2017-7494 (2017-05-30) Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. +- [betab0t/cve-2017-7494](https://github.com/betab0t/cve-2017-7494) +- [homjxi0e/CVE-2017-7494](https://github.com/homjxi0e/CVE-2017-7494) +- [opsxcq/exploit-CVE-2017-7494](https://github.com/opsxcq/exploit-CVE-2017-7494) +- [Waffles-2/SambaCry](https://github.com/Waffles-2/SambaCry) +- [brianwrf/SambaHunter](https://github.com/brianwrf/SambaHunter) +- [joxeankoret/CVE-2017-7494](https://github.com/joxeankoret/CVE-2017-7494) - [Zer0d0y/Samba-CVE-2017-7494](https://github.com/Zer0d0y/Samba-CVE-2017-7494) - [incredible1yu/CVE-2017-7494](https://github.com/incredible1yu/CVE-2017-7494) - [cved-sources/cve-2017-7494](https://github.com/cved-sources/cve-2017-7494) @@ -10127,6 +11314,8 @@ Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to r A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. +- [SecureSkyTechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095](https://github.com/SecureSkyTechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095) +- [Nazicc/S2-055](https://github.com/Nazicc/S2-055) - [JavanXD/Demo-Exploit-Jackson-RCE](https://github.com/JavanXD/Demo-Exploit-Jackson-RCE) - [47bwy/CVE-2017-7525](https://github.com/47bwy/CVE-2017-7525) - [BassinD/jackson-RCE](https://github.com/BassinD/jackson-RCE) @@ -10139,6 +11328,7 @@ A deserialization flaw was discovered in the jackson-databind, versions before 2 Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. +- [liusec/CVE-2017-7529](https://github.com/liusec/CVE-2017-7529) - [en0f/CVE-2017-7529_PoC](https://github.com/en0f/CVE-2017-7529_PoC) - [cved-sources/cve-2017-7529](https://github.com/cved-sources/cve-2017-7529) - [MaxSecurity/CVE-2017-7529-POC](https://github.com/MaxSecurity/CVE-2017-7529-POC) @@ -10146,6 +11336,30 @@ Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer - [cyberharsh/nginx-CVE-2017-7529](https://github.com/cyberharsh/nginx-CVE-2017-7529) - [daehee/nginx-overflow](https://github.com/daehee/nginx-overflow) +### CVE-2017-7648 (2017-04-10) + + +Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. + + +- [notmot/CVE-2017-7648.](https://github.com/notmot/CVE-2017-7648.) + +### CVE-2017-7679 (2017-06-19) + + +In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. + + +- [snknritr/CVE-2017-7679-in-python](https://github.com/snknritr/CVE-2017-7679-in-python) + +### CVE-2017-7912 (2019-04-08) + + +Hanwha Techwin SRN-4000, SRN-4000 firmware versions prior to SRN4000_v2.16_170401, A specially crafted http request and response could allow an attacker to gain access to the device management page with admin privileges without proper authentication. + + +- [homjxi0e/CVE-2017-7912_Sneak](https://github.com/homjxi0e/CVE-2017-7912_Sneak) + ### CVE-2017-7921 (2017-05-05) @@ -10156,12 +11370,21 @@ An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Serie - [BurnyMcDull/CVE-2017-7921](https://github.com/BurnyMcDull/CVE-2017-7921) - [MisakaMikato/cve-2017-7921-golang](https://github.com/MisakaMikato/cve-2017-7921-golang) +### CVE-2017-7998 (2018-01-08) + + +Multiple cross-site scripting (XSS) vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) printer name when adding a printer in the admin panel or (2) username parameter to webapp/users/user_reg.jsp. + + +- [homjxi0e/CVE-2017-7998](https://github.com/homjxi0e/CVE-2017-7998) + ### CVE-2017-8046 (2018-01-04) Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code. +- [Soontao/CVE-2017-8046-DEMO](https://github.com/Soontao/CVE-2017-8046-DEMO) - [sj/spring-data-rest-CVE-2017-8046](https://github.com/sj/spring-data-rest-CVE-2017-8046) - [m3ssap0/SpringBreakVulnerableApp](https://github.com/m3ssap0/SpringBreakVulnerableApp) - [m3ssap0/spring-break_cve-2017-8046](https://github.com/m3ssap0/spring-break_cve-2017-8046) @@ -10178,14 +11401,27 @@ Malicious PATCH requests submitted to servers using Spring Data REST versions pr WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of the SERVER_NAME variable in wp-includes/pluggable.php in conjunction with the PHP mail function. Exploitation is not achievable in all cases because it requires at least one of the following: (1) the attacker can prevent the victim from receiving any e-mail messages for an extended period of time (such as 5 days), (2) the victim's e-mail system sends an autoresponse containing the original message, or (3) the victim manually composes a reply containing the original message. +- [homjxi0e/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset](https://github.com/homjxi0e/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset) +- [alash3al/wp-allowed-hosts](https://github.com/alash3al/wp-allowed-hosts) - [cyberheartmi9/CVE-2017-8295](https://github.com/cyberheartmi9/CVE-2017-8295) +### CVE-2017-8382 (2017-05-16) + + +admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts. + + +- [faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc](https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc) + ### CVE-2017-8464 (2017-06-14) Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability." +- [Elm0D/CVE-2017-8464](https://github.com/Elm0D/CVE-2017-8464) +- [3gstudent/CVE-2017-8464-EXP](https://github.com/3gstudent/CVE-2017-8464-EXP) +- [Securitykid/CVE-2017-8464-exp-generator](https://github.com/Securitykid/CVE-2017-8464-exp-generator) - [X-Vector/usbhijacking](https://github.com/X-Vector/usbhijacking) - [xssfile/CVE-2017-8464-EXP](https://github.com/xssfile/CVE-2017-8464-EXP) @@ -10206,6 +11442,14 @@ Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Window - [Lynggaard91/windows2016fixCVE-2017-8529](https://github.com/Lynggaard91/windows2016fixCVE-2017-8529) - [sfitpro/cve-2017-8529](https://github.com/sfitpro/cve-2017-8529) +### CVE-2017-8543 (2017-06-14) + + +Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability". + + +- [americanhanko/windows-security-cve-2017-8543](https://github.com/americanhanko/windows-security-cve-2017-8543) + ### CVE-2017-8570 (2017-07-11) @@ -10213,12 +11457,29 @@ Microsoft Office allows a remote code execution vulnerability due to the way tha - [temesgeny/ppsx-file-generator](https://github.com/temesgeny/ppsx-file-generator) +- [rxwx/CVE-2017-8570](https://github.com/rxwx/CVE-2017-8570) - [MaxSecurity/Office-CVE-2017-8570](https://github.com/MaxSecurity/Office-CVE-2017-8570) - [SwordSheath/CVE-2017-8570](https://github.com/SwordSheath/CVE-2017-8570) - [Drac0nids/CVE-2017-8570](https://github.com/Drac0nids/CVE-2017-8570) - [930201676/CVE-2017-8570](https://github.com/930201676/CVE-2017-8570) - [erfze/CVE-2017-8570](https://github.com/erfze/CVE-2017-8570) +### CVE-2017-8625 (2017-08-08) + + +Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka "Internet Explorer Security Feature Bypass Vulnerability". + + +- [homjxi0e/CVE-2017-8625_Bypass_UMCI](https://github.com/homjxi0e/CVE-2017-8625_Bypass_UMCI) + +### CVE-2017-8641 (2017-08-08) + + +Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. + + +- [homjxi0e/CVE-2017-8641_chakra_Js_GlobalObject](https://github.com/homjxi0e/CVE-2017-8641_chakra_Js_GlobalObject) + ### CVE-2017-8759 (2017-09-12) @@ -10226,7 +11487,17 @@ Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow - [Voulnet/CVE-2017-8759-Exploit-sample](https://github.com/Voulnet/CVE-2017-8759-Exploit-sample) +- [nccgroup/CVE-2017-8759](https://github.com/nccgroup/CVE-2017-8759) +- [vysecurity/CVE-2017-8759](https://github.com/vysecurity/CVE-2017-8759) +- [BasuCert/CVE-2017-8759](https://github.com/BasuCert/CVE-2017-8759) +- [tahisaad6/CVE-2017-8759-Exploit-sample2](https://github.com/tahisaad6/CVE-2017-8759-Exploit-sample2) +- [homjxi0e/CVE-2017-8759_-SOAP_WSDL](https://github.com/homjxi0e/CVE-2017-8759_-SOAP_WSDL) - [bhdresh/CVE-2017-8759](https://github.com/bhdresh/CVE-2017-8759) +- [Lz1y/CVE-2017-8759](https://github.com/Lz1y/CVE-2017-8759) +- [JonasUliana/CVE-2017-8759](https://github.com/JonasUliana/CVE-2017-8759) +- [Securitykid/CVE-2017-8759](https://github.com/Securitykid/CVE-2017-8759) +- [ashr/CVE-2017-8759-exploits](https://github.com/ashr/CVE-2017-8759-exploits) +- [l0n3rs/CVE-2017-8759](https://github.com/l0n3rs/CVE-2017-8759) - [ChaitanyaHaritash/CVE-2017-8759](https://github.com/ChaitanyaHaritash/CVE-2017-8759) - [smashinu/CVE-2017-8759Expoit](https://github.com/smashinu/CVE-2017-8759Expoit) - [adeljck/CVE-2017-8759](https://github.com/adeljck/CVE-2017-8759) @@ -10242,6 +11513,22 @@ An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is X - [Voraka/cve-2017-8760](https://github.com/Voraka/cve-2017-8760) +### CVE-2017-8779 (2017-05-04) + + +rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. + + +- [drbothen/GO-RPCBOMB](https://github.com/drbothen/GO-RPCBOMB) + +### CVE-2017-8802 (2018-01-16) + + +Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.8.0 Beta2 might allow remote attackers to inject arbitrary web script or HTML via vectors related to the "Show Snippet" functionality. + + +- [ozzi-/Zimbra-CVE-2017-8802-Hotifx](https://github.com/ozzi-/Zimbra-CVE-2017-8802-Hotifx) + ### CVE-2017-8809 (2017-11-15) @@ -10266,9 +11553,18 @@ The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. +- [brianwrf/Joomla3.7-SQLi-CVE-2017-8917](https://github.com/brianwrf/Joomla3.7-SQLi-CVE-2017-8917) - [stefanlucas/Exploit-Joomla](https://github.com/stefanlucas/Exploit-Joomla) - [cved-sources/cve-2017-8917](https://github.com/cved-sources/cve-2017-8917) +### CVE-2017-9097 (2017-06-15) + + +In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0, and other products, an LFI vulnerability allows a remote attacker to read or modify files through a path traversal technique, as demonstrated by reading the password file, or using the template parameter to cgi-bin/write.cgi to write to an arbitrary file. + + +- [MDudek-ICS/AntiWeb_testing-Suite](https://github.com/MDudek-ICS/AntiWeb_testing-Suite) + ### CVE-2017-9101 (2017-05-21) @@ -10288,6 +11584,31 @@ Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 an - [ictnamanh/CVE-2017-9248](https://github.com/ictnamanh/CVE-2017-9248) - [shacojx/dp](https://github.com/shacojx/dp) +### CVE-2017-9417 (2017-06-03) + + +Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. + + +- [mailinneberg/Broadpwn](https://github.com/mailinneberg/Broadpwn) + +### CVE-2017-9430 (2017-06-05) + + +Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string. + + +- [homjxi0e/CVE-2017-9430](https://github.com/homjxi0e/CVE-2017-9430) +- [j0lama/Dnstracer-1.9-Fix](https://github.com/j0lama/Dnstracer-1.9-Fix) + +### CVE-2017-9476 (2017-07-30) + + +The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices makes it easy for remote attackers to determine the hidden SSID and passphrase for a Home Security Wi-Fi network. + + +- [wiire-a/CVE-2017-9476](https://github.com/wiire-a/CVE-2017-9476) + ### CVE-2017-9506 (2017-08-23) @@ -10313,6 +11634,22 @@ An information exposure vulnerability in forget_passwd.cgi in Synology DiskStati - [rfcl/Synology-DiskStation-User-Enumeration-CVE-2017-9554-](https://github.com/rfcl/Synology-DiskStation-User-Enumeration-CVE-2017-9554-) +### CVE-2017-9606 (2017-06-14) + + +Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks. + + +- [Houl777/CVE-2017-9606](https://github.com/Houl777/CVE-2017-9606) + +### CVE-2017-9609 (2017-07-17) + + +Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the map_language parameter to backend/pages/lang_settings.php. + + +- [faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc](https://github.com/faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc) + ### CVE-2017-9769 (2017-08-02) @@ -10322,12 +11659,22 @@ A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse - [kkent030315/CVE-2017-9769](https://github.com/kkent030315/CVE-2017-9769) - [alexa872/CVE-2017-9769-exploits](https://github.com/alexa872/CVE-2017-9769-exploits) +### CVE-2017-9779 (2017-09-07) + + +OCaml compiler allows attackers to have unspecified impact via unknown vectors, a similar issue to CVE-2017-9772 "but with much less impact." + + +- [homjxi0e/CVE-2017-9779](https://github.com/homjxi0e/CVE-2017-9779) + ### CVE-2017-9791 (2017-07-10) The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. +- [IanSmith123/s2-048](https://github.com/IanSmith123/s2-048) +- [dragoneeg/Struts2-048](https://github.com/dragoneeg/Struts2-048) - [xfer0/CVE-2017-9791](https://github.com/xfer0/CVE-2017-9791) ### CVE-2017-9798 (2017-09-18) @@ -10336,6 +11683,9 @@ The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code exe Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c. +- [nitrado/CVE-2017-9798](https://github.com/nitrado/CVE-2017-9798) +- [pabloec20/optionsbleed](https://github.com/pabloec20/optionsbleed) +- [l0n3rs/CVE-2017-9798](https://github.com/l0n3rs/CVE-2017-9798) - [brokensound77/OptionsBleed-POC-Scanner](https://github.com/brokensound77/OptionsBleed-POC-Scanner) ### CVE-2017-9805 (2017-09-15) @@ -10345,7 +11695,12 @@ The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x bef - [luc10/struts-rce-cve-2017-9805](https://github.com/luc10/struts-rce-cve-2017-9805) +- [hahwul/struts2-rce-cve-2017-9805-ruby](https://github.com/hahwul/struts2-rce-cve-2017-9805-ruby) +- [mazen160/struts-pwn_CVE-2017-9805](https://github.com/mazen160/struts-pwn_CVE-2017-9805) +- [Lone-Ranger/apache-struts-pwn_CVE-2017-9805](https://github.com/Lone-Ranger/apache-struts-pwn_CVE-2017-9805) - [0x00-0x00/-CVE-2017-9805](https://github.com/0x00-0x00/-CVE-2017-9805) +- [BeyondCy/S2-052](https://github.com/BeyondCy/S2-052) +- [chrisjd20/cve-2017-9805.py](https://github.com/chrisjd20/cve-2017-9805.py) - [UbuntuStrike/struts_rest_rce_fuzz-CVE-2017-9805-](https://github.com/UbuntuStrike/struts_rest_rce_fuzz-CVE-2017-9805-) - [UbuntuStrike/CVE-2017-9805-Apache-Struts-Fuzz-N-Sploit](https://github.com/UbuntuStrike/CVE-2017-9805-Apache-Struts-Fuzz-N-Sploit) - [0xd3vil/CVE-2017-9805-Exploit](https://github.com/0xd3vil/CVE-2017-9805-Exploit) @@ -10388,15 +11743,35 @@ Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 thr - [xyringe/CVE-2017-9934](https://github.com/xyringe/CVE-2017-9934) +### CVE-2017-9999 +- [homjxi0e/CVE-2017-9999_bypassing_General_Firefox](https://github.com/homjxi0e/CVE-2017-9999_bypassing_General_Firefox) + +### CVE-2017-10235 (2017-08-08) + + +Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.7 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H). + + +- [fundacion-sadosky/vbox_cve_2017_10235](https://github.com/fundacion-sadosky/vbox_cve_2017_10235) + ### CVE-2017-10271 (2017-10-19) Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). +- [1337g/CVE-2017-10271](https://github.com/1337g/CVE-2017-10271) +- [s3xy/CVE-2017-10271](https://github.com/s3xy/CVE-2017-10271) +- [ZH3FENG/PoCs-Weblogic_2017_10271](https://github.com/ZH3FENG/PoCs-Weblogic_2017_10271) - [c0mmand3rOpSec/CVE-2017-10271](https://github.com/c0mmand3rOpSec/CVE-2017-10271) +- [Luffin/CVE-2017-10271](https://github.com/Luffin/CVE-2017-10271) +- [cjjduck/weblogic_wls_wsat_rce](https://github.com/cjjduck/weblogic_wls_wsat_rce) +- [kkirsche/CVE-2017-10271](https://github.com/kkirsche/CVE-2017-10271) - [pssss/CVE-2017-10271](https://github.com/pssss/CVE-2017-10271) +- [SuperHacker-liuan/cve-2017-10271-poc](https://github.com/SuperHacker-liuan/cve-2017-10271-poc) - [bmcculley/CVE-2017-10271](https://github.com/bmcculley/CVE-2017-10271) +- [peterpeter228/Oracle-WebLogic-CVE-2017-10271](https://github.com/peterpeter228/Oracle-WebLogic-CVE-2017-10271) +- [Sch01ar/CVE-2017-10271](https://github.com/Sch01ar/CVE-2017-10271) - [Cymmetria/weblogic_honeypot](https://github.com/Cymmetria/weblogic_honeypot) - [JackyTsuuuy/weblogic_wls_rce_poc-exp](https://github.com/JackyTsuuuy/weblogic_wls_rce_poc-exp) - [s0wr0b1ndef/Oracle-WebLogic-WLS-WSAT](https://github.com/s0wr0b1ndef/Oracle-WebLogic-WLS-WSAT) @@ -10438,6 +11813,17 @@ The ifmap service that comes bundled with Contrail has an XML External Entity (X - [gteissier/CVE-2017-10617](https://github.com/gteissier/CVE-2017-10617) +### CVE-2017-10661 (2017-08-19) + + +Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing. + + +- [GeneBlue/CVE-2017-10661_POC](https://github.com/GeneBlue/CVE-2017-10661_POC) + +### CVE-2017-10797 +- [n4xh4ck5/CVE-2017-10797](https://github.com/n4xh4ck5/CVE-2017-10797) + ### CVE-2017-10952 (2017-08-29) @@ -10500,6 +11886,14 @@ The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before - [ivanitlearning/CVE-2017-11610](https://github.com/ivanitlearning/CVE-2017-11610) - [yaunsky/CVE-2017-11610](https://github.com/yaunsky/CVE-2017-11610) +### CVE-2017-11611 (2017-09-08) + + +Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of the file name in a "create-file-popup" action, and the directory name in a "create-directory-popup" action, in the HTTP POST method to the "/plugin/file_manager/" script (aka an /admin/plugin/file_manager/browse// URI). + + +- [faizzaidi/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc](https://github.com/faizzaidi/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc) + ### CVE-2017-11774 (2017-10-13) @@ -10516,6 +11910,14 @@ Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, - [Sheisback/CVE-2017-11783](https://github.com/Sheisback/CVE-2017-11783) +### CVE-2017-11816 (2017-10-13) + + +The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Windows GDI Information Disclosure Vulnerability". + + +- [lr3800/CVE-2017-11816](https://github.com/lr3800/CVE-2017-11816) + ### CVE-2017-11826 (2017-10-13) @@ -10530,7 +11932,22 @@ Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010 Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884. +- [zhouat/cve-2017-11882](https://github.com/zhouat/cve-2017-11882) +- [embedi/CVE-2017-11882](https://github.com/embedi/CVE-2017-11882) +- [Ridter/CVE-2017-11882](https://github.com/Ridter/CVE-2017-11882) +- [BlackMathIT/2017-11882_Generator](https://github.com/BlackMathIT/2017-11882_Generator) +- [unamer/CVE-2017-11882](https://github.com/unamer/CVE-2017-11882) +- [0x09AL/CVE-2017-11882-metasploit](https://github.com/0x09AL/CVE-2017-11882-metasploit) +- [HZachev/ABC](https://github.com/HZachev/ABC) +- [starnightcyber/CVE-2017-11882](https://github.com/starnightcyber/CVE-2017-11882) +- [Grey-Li/CVE-2017-11882](https://github.com/Grey-Li/CVE-2017-11882) +- [legendsec/CVE-2017-11882-for-Kali](https://github.com/legendsec/CVE-2017-11882-for-Kali) +- [CSC-pentest/cve-2017-11882](https://github.com/CSC-pentest/cve-2017-11882) +- [Shadowshusky/CVE-2017-11882-](https://github.com/Shadowshusky/CVE-2017-11882-) - [rxwx/CVE-2018-0802](https://github.com/rxwx/CVE-2018-0802) +- [Ridter/RTF_11882_0802](https://github.com/Ridter/RTF_11882_0802) +- [likescam/CVE-2017-11882](https://github.com/likescam/CVE-2017-11882) +- [likescam/CVE-2018-0802_CVE-2017-11882](https://github.com/likescam/CVE-2018-0802_CVE-2017-11882) - [bloomer1016/CVE-2017-11882-Possible-Remcos-Malspam](https://github.com/bloomer1016/CVE-2017-11882-Possible-Remcos-Malspam) - [ChaitanyaHaritash/CVE-2017-11882](https://github.com/ChaitanyaHaritash/CVE-2017-11882) - [qy1202/https-github.com-Ridter-CVE-2017-11882-](https://github.com/qy1202/https-github.com-Ridter-CVE-2017-11882-) @@ -10557,9 +11974,19 @@ Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Wi In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data. +- [sevck/CVE-2017-12149](https://github.com/sevck/CVE-2017-12149) - [yunxu1/jboss-_CVE-2017-12149](https://github.com/yunxu1/jboss-_CVE-2017-12149) +- [1337g/CVE-2017-12149](https://github.com/1337g/CVE-2017-12149) - [jreppiks/CVE-2017-12149](https://github.com/jreppiks/CVE-2017-12149) +### CVE-2017-12426 (2017-08-14) + + +GitLab Community Edition (CE) and Enterprise Edition (EE) before 8.17.8, 9.0.x before 9.0.13, 9.1.x before 9.1.10, 9.2.x before 9.2.10, 9.3.x before 9.3.10, and 9.4.x before 9.4.4 might allow remote attackers to execute arbitrary code via a crafted SSH URL in a project import. + + +- [sm-paul-schuette/CVE-2017-12426](https://github.com/sm-paul-schuette/CVE-2017-12426) + ### CVE-2017-12542 (2018-02-15) @@ -10569,6 +11996,14 @@ A authentication bypass and execution of code vulnerability in HPE Integrated Li - [skelsec/CVE-2017-12542](https://github.com/skelsec/CVE-2017-12542) - [sk1dish/ilo4-rce-vuln-scanner](https://github.com/sk1dish/ilo4-rce-vuln-scanner) +### CVE-2017-12611 (2017-09-20) + + +In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack. + + +- [brianwrf/S2-053-CVE-2017-12611](https://github.com/brianwrf/S2-053-CVE-2017-12611) + ### CVE-2017-12615 (2017-09-19) @@ -10576,6 +12011,11 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e. - [breaktoprotect/CVE-2017-12615](https://github.com/breaktoprotect/CVE-2017-12615) +- [mefulton/cve-2017-12615](https://github.com/mefulton/cve-2017-12615) +- [zi0Black/POC-CVE-2017-12615-or-CVE-2017-12717](https://github.com/zi0Black/POC-CVE-2017-12615-or-CVE-2017-12717) +- [wsg00d/cve-2017-12615](https://github.com/wsg00d/cve-2017-12615) +- [BeyondCy/CVE-2017-12615](https://github.com/BeyondCy/CVE-2017-12615) +- [1337g/CVE-2017-12615](https://github.com/1337g/CVE-2017-12615) - [Shellkeys/CVE-2017-12615](https://github.com/Shellkeys/CVE-2017-12615) - [cved-sources/cve-2017-12615](https://github.com/cved-sources/cve-2017-12615) - [ianxtianxt/CVE-2017-12615](https://github.com/ianxtianxt/CVE-2017-12615) @@ -10587,6 +12027,8 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e. When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. +- [cyberheartmi9/CVE-2017-12617](https://github.com/cyberheartmi9/CVE-2017-12617) +- [devcoinfet/CVE-2017-12617](https://github.com/devcoinfet/CVE-2017-12617) - [qiantu88/CVE-2017-12617](https://github.com/qiantu88/CVE-2017-12617) - [ygouzerh/CVE-2017-12617](https://github.com/ygouzerh/CVE-2017-12617) @@ -10617,6 +12059,14 @@ CouchDB administrative users can configure the database server via HTTP(S). Some - [F1uffyGoat/F1uffyCouchDB](https://github.com/F1uffyGoat/F1uffyCouchDB) - [RedTeamWing/CVE-2017-12636](https://github.com/RedTeamWing/CVE-2017-12636) +### CVE-2017-12792 (2017-10-02) + + +Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP 1.5 allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) linkname, (2) url, or (3) title parameter in an add action to linksmanage.php. + + +- [ZZS2017/cve-2017-12792](https://github.com/ZZS2017/cve-2017-12792) + ### CVE-2017-12842 (2020-03-16) @@ -10625,6 +12075,22 @@ Bitcoin Core before 0.14 allows an attacker to create an ostensibly valid SPV pr - [nondejus/CVE-2017-12842](https://github.com/nondejus/CVE-2017-12842) +### CVE-2017-12852 (2017-08-15) + + +The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack. + + +- [BT123/numpy-1.13.1](https://github.com/BT123/numpy-1.13.1) + +### CVE-2017-12943 (2017-08-18) + + +D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password. + + +- [aymankhalfatni/D-Link](https://github.com/aymankhalfatni/D-Link) + ### CVE-2017-12945 (2019-11-27) @@ -10633,12 +12099,22 @@ Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 - [aress31/cve-2017-12945](https://github.com/aress31/cve-2017-12945) +### CVE-2017-13089 (2017-10-27) + + +The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. + + +- [r1b/CVE-2017-13089](https://github.com/r1b/CVE-2017-13089) +- [mzeyong/CVE-2017-13089](https://github.com/mzeyong/CVE-2017-13089) + ### CVE-2017-13156 (2017-12-06) An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847. +- [xyzAsian/Janus-CVE-2017-13156](https://github.com/xyzAsian/Janus-CVE-2017-13156) - [caxmd/CVE-2017-13156](https://github.com/caxmd/CVE-2017-13156) - [giacomoferretti/janus-toolkit](https://github.com/giacomoferretti/janus-toolkit) - [tea9/CVE-2017-13156-Janus](https://github.com/tea9/CVE-2017-13156-Janus) @@ -10651,6 +12127,54 @@ In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds - [tamirzb/CVE-2017-13253](https://github.com/tamirzb/CVE-2017-13253) +### CVE-2017-13672 (2017-09-01) + + +QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update. + + +- [DavidBuchanan314/CVE-2017-13672](https://github.com/DavidBuchanan314/CVE-2017-13672) + +### CVE-2017-13868 (2017-12-25) + + +An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. + + +- [bazad/ctl_ctloutput-leak](https://github.com/bazad/ctl_ctloutput-leak) + +### CVE-2017-13872 (2017-11-29) + + +An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry of the root user name. + + +- [giovannidispoto/CVE-2017-13872-Patch](https://github.com/giovannidispoto/CVE-2017-13872-Patch) + +### CVE-2017-14105 (2017-09-01) + + +HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An authenticated, local attacker - even restricted as a tenant - can add a jsp at HiveManager/tomcat/webapps/hm/domains/$yourtenant/maps (it will be exposed at the web interface). + + +- [theguly/CVE-2017-14105](https://github.com/theguly/CVE-2017-14105) + +### CVE-2017-14262 (2017-09-11) + + +On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter. + + +- [zzz66686/CVE-2017-14262](https://github.com/zzz66686/CVE-2017-14262) + +### CVE-2017-14263 (2017-09-11) + + +Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManager.addUser request to the /RPC2 URI. The attacker can login to the device with that new user account to fully control the device. + + +- [zzz66686/CVE-2017-14263](https://github.com/zzz66686/CVE-2017-14263) + ### CVE-2017-14322 (2017-10-18) @@ -10659,6 +12183,14 @@ The function in charge to check whether the user is already logged in init.php i - [joesmithjaffa/CVE-2017-14322](https://github.com/joesmithjaffa/CVE-2017-14322) +### CVE-2017-14491 (2017-10-02) + + +Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. + + +- [skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491](https://github.com/skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491) + ### CVE-2017-14493 (2017-10-02) @@ -10713,10 +12245,30 @@ In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results dire The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS. +- [lva/Infineon-CVE-2017-15361](https://github.com/lva/Infineon-CVE-2017-15361) +- [titanous/rocacheck](https://github.com/titanous/rocacheck) +- [jnpuskar/RocaCmTest](https://github.com/jnpuskar/RocaCmTest) - [nsacyber/Detect-CVE-2017-15361-TPM](https://github.com/nsacyber/Detect-CVE-2017-15361-TPM) - [0xxon/zeek-plugin-roca](https://github.com/0xxon/zeek-plugin-roca) +- [0xxon/roca](https://github.com/0xxon/roca) - [Elbarbons/Attacco-ROCA-sulla-vulnerabilita-CVE-2017-15361](https://github.com/Elbarbons/Attacco-ROCA-sulla-vulnerabilita-CVE-2017-15361) +### CVE-2017-15394 (2018-02-07) + + +Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension. + + +- [sudosammy/CVE-2017-15394](https://github.com/sudosammy/CVE-2017-15394) + +### CVE-2017-15708 (2017-12-11) + + +In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version. + + +- [HuSoul/CVE-2017-15708](https://github.com/HuSoul/CVE-2017-15708) + ### CVE-2017-15715 (2018-03-26) @@ -10731,6 +12283,7 @@ In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface. +- [xxnbyy/CVE-2017-15944-POC](https://github.com/xxnbyy/CVE-2017-15944-POC) - [surajraghuvanshi/PaloAltoRceDetectionAndExploit](https://github.com/surajraghuvanshi/PaloAltoRceDetectionAndExploit) - [yukar1z0e/CVE-2017-15944](https://github.com/yukar1z0e/CVE-2017-15944) @@ -10753,6 +12306,14 @@ The safe-eval module describes itself as a safer version of eval. By accessing t ### CVE-2017-16245 - [AOCorsaire/CVE-2017-16245](https://github.com/AOCorsaire/CVE-2017-16245) +### CVE-2017-16524 (2017-11-06) + + +Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing Local File Read Vulnerability referenced as CVE-2015-8279, which allows remote attackers to read the web-interface credentials via a request for the cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI. + + +- [realistic-security/CVE-2017-16524](https://github.com/realistic-security/CVE-2017-16524) + ### CVE-2017-16567 (2017-11-09) @@ -10793,6 +12354,14 @@ An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel all - [breaktoprotect/CVE-2017-16778-Intercom-DTMF-Injection](https://github.com/breaktoprotect/CVE-2017-16778-Intercom-DTMF-Injection) +### CVE-2017-16806 (2017-11-13) + + +The Process function in RemoteTaskServer/WebServer/HttpServer.cs in Ulterius before 1.9.5.0 allows HTTP server directory traversal. + + +- [rickoooooo/ulteriusExploit](https://github.com/rickoooooo/ulteriusExploit) + ### CVE-2017-16943 (2017-11-25) @@ -10815,6 +12384,14 @@ The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4 - [littlebin404/CVE-2017-16995](https://github.com/littlebin404/CVE-2017-16995) - [Lumindu/CVE-2017-16995-Linux-Kernel---BPF-Sign-Extension-Local-Privilege-Escalation-](https://github.com/Lumindu/CVE-2017-16995-Linux-Kernel---BPF-Sign-Extension-Local-Privilege-Escalation-) +### CVE-2017-16997 (2017-12-17) + + +elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution. + + +- [Xiami2012/CVE-2017-16997-poc](https://github.com/Xiami2012/CVE-2017-16997-poc) + ### CVE-2017-17099 (2017-12-03) @@ -10829,6 +12406,7 @@ There exists an unauthenticated SEH based Buffer Overflow vulnerability in the H Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code. +- [1337g/CVE-2017-17215](https://github.com/1337g/CVE-2017-17215) - [wilfred-wulbou/HG532d-RCE-Exploit](https://github.com/wilfred-wulbou/HG532d-RCE-Exploit) ### CVE-2017-17309 (2018-06-14) @@ -10845,6 +12423,7 @@ Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath. +- [maxbitcoin/Jackson-CVE-2017-17485](https://github.com/maxbitcoin/Jackson-CVE-2017-17485) - [tafamace/CVE-2017-17485](https://github.com/tafamace/CVE-2017-17485) - [x7iaob/cve-2017-17485](https://github.com/x7iaob/cve-2017-17485) - [Al1ex/CVE-2017-17485](https://github.com/Al1ex/CVE-2017-17485) @@ -10855,9 +12434,18 @@ FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthe Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0. +- [1337g/CVE-2017-17562](https://github.com/1337g/CVE-2017-17562) - [ivanitlearning/CVE-2017-17562](https://github.com/ivanitlearning/CVE-2017-17562) - [crispy-peppers/Goahead-CVE-2017-17562](https://github.com/crispy-peppers/Goahead-CVE-2017-17562) +### CVE-2017-17692 (2017-12-21) + + +Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property. + + +- [lr3800/CVE-2017-17692](https://github.com/lr3800/CVE-2017-17692) + ### CVE-2017-18044 (2018-01-19) @@ -10882,6 +12470,14 @@ bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an - [moznualom2/-link-https-bitcoincore.org-en-2019-11-08-CVE-2017-18350-link-](https://github.com/moznualom2/-link-https-bitcoincore.org-en-2019-11-08-CVE-2017-18350-link-) +### CVE-2017-18486 (2019-08-09) + + +Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the shared secret used by the server for remote authentication. The shared secret can be used to escalate privileges by forging new tokens for any user. These tokens can be used to automatically log in as the affected user. + + +- [Kc57/JitBit_Helpdesk_Auth_Bypass](https://github.com/Kc57/JitBit_Helpdesk_Auth_Bypass) + ### CVE-2017-18635 (2019-09-25) @@ -10890,6 +12486,12 @@ An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VN - [ShielderSec/CVE-2017-18635](https://github.com/ShielderSec/CVE-2017-18635) +### CVE-2017-98505 +- [mike-williams/Struts2Vuln](https://github.com/mike-williams/Struts2Vuln) + +### CVE-2017-1000000 +- [smythtech/DWF-CVE-2017-1000000](https://github.com/smythtech/DWF-CVE-2017-1000000) + ### CVE-2017-1000083 (2017-09-05) @@ -10915,10 +12517,57 @@ Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. W A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running "git clone --recurse-submodules" to trigger the vulnerability. +- [timwr/CVE-2017-1000117](https://github.com/timwr/CVE-2017-1000117) +- [GrahamMThomas/test-git-vuln_CVE-2017-1000117](https://github.com/GrahamMThomas/test-git-vuln_CVE-2017-1000117) +- [Manouchehri/CVE-2017-1000117](https://github.com/Manouchehri/CVE-2017-1000117) +- [thelastbyte/CVE-2017-1000117](https://github.com/thelastbyte/CVE-2017-1000117) +- [alilangtest/CVE-2017-1000117](https://github.com/alilangtest/CVE-2017-1000117) +- [VulApps/CVE-2017-1000117](https://github.com/VulApps/CVE-2017-1000117) +- [greymd/CVE-2017-1000117](https://github.com/greymd/CVE-2017-1000117) +- [shogo82148/Fix-CVE-2017-1000117](https://github.com/shogo82148/Fix-CVE-2017-1000117) +- [sasairc/CVE-2017-1000117_wasawasa](https://github.com/sasairc/CVE-2017-1000117_wasawasa) +- [Shadow5523/CVE-2017-1000117-test](https://github.com/Shadow5523/CVE-2017-1000117-test) +- [bells17/CVE-2017-1000117](https://github.com/bells17/CVE-2017-1000117) +- [ieee0824/CVE-2017-1000117](https://github.com/ieee0824/CVE-2017-1000117) +- [rootclay/CVE-2017-1000117](https://github.com/rootclay/CVE-2017-1000117) +- [ieee0824/CVE-2017-1000117-sl](https://github.com/ieee0824/CVE-2017-1000117-sl) +- [takehaya/CVE-2017-1000117](https://github.com/takehaya/CVE-2017-1000117) +- [ikmski/CVE-2017-1000117](https://github.com/ikmski/CVE-2017-1000117) +- [nkoneko/CVE-2017-1000117](https://github.com/nkoneko/CVE-2017-1000117) +- [chenzhuo0618/test](https://github.com/chenzhuo0618/test) +- [siling2017/CVE-2017-1000117](https://github.com/siling2017/CVE-2017-1000117) +- [Q2h1Cg/CVE-2017-1000117](https://github.com/Q2h1Cg/CVE-2017-1000117) - [cved-sources/cve-2017-1000117](https://github.com/cved-sources/cve-2017-1000117) - [leezp/CVE-2017-1000117](https://github.com/leezp/CVE-2017-1000117) - [AnonymKing/CVE-2017-1000117](https://github.com/AnonymKing/CVE-2017-1000117) +### CVE-2017-1000250 (2017-09-12) + + +All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests. + + +- [olav-st/CVE-2017-1000250-PoC](https://github.com/olav-st/CVE-2017-1000250-PoC) + +### CVE-2017-1000251 (2017-09-12) + + +The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. + + +- [hayzamjs/Blueborne-CVE-2017-1000251](https://github.com/hayzamjs/Blueborne-CVE-2017-1000251) +- [tlatkdgus1/blueborne-CVE-2017-1000251](https://github.com/tlatkdgus1/blueborne-CVE-2017-1000251) +- [own2pwn/blueborne-CVE-2017-1000251-POC](https://github.com/own2pwn/blueborne-CVE-2017-1000251-POC) +- [marcinguy/blueborne-CVE-2017-1000251](https://github.com/marcinguy/blueborne-CVE-2017-1000251) + +### CVE-2017-1000253 (2017-10-03) + + +Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary. + + +- [RicterZ/PIE-Stack-Clash-CVE-2017-1000253](https://github.com/RicterZ/PIE-Stack-Clash-CVE-2017-1000253) + ### CVE-2017-1000353 (2018-01-29) @@ -10927,6 +12576,32 @@ Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerab - [vulhub/CVE-2017-1000353](https://github.com/vulhub/CVE-2017-1000353) +### CVE-2017-1000367 (2017-06-05) + + +Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution. + + +- [c0d3z3r0/sudo-CVE-2017-1000367](https://github.com/c0d3z3r0/sudo-CVE-2017-1000367) +- [homjxi0e/CVE-2017-1000367](https://github.com/homjxi0e/CVE-2017-1000367) +- [pucerpocok/sudo_exploit](https://github.com/pucerpocok/sudo_exploit) + +### CVE-2017-1000405 (2017-11-30) + + +The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_pmd()'s logic - pmd can become dirty without going through a COW cycle. This bug is not as severe as the original "Dirty cow" because an ext4 file (or any other regular file) cannot be mapped using THP. Nevertheless, it does allow us to overwrite read-only huge pages. For example, the zero huge page and sealed shmem files can be overwritten (since their mapping can be populated using THP). Note that after the first write page-fault to the zero page, it will be replaced with a new fresh (and zeroed) thp. + + +- [bindecy/HugeDirtyCowPOC](https://github.com/bindecy/HugeDirtyCowPOC) + +### CVE-2017-1000475 (2018-01-24) + + +FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges. + + +- [lajarajorge/CVE-2017-1000475](https://github.com/lajarajorge/CVE-2017-1000475) + ### CVE-2017-1000486 (2018-01-03) @@ -11086,6 +12761,14 @@ Incomplete blacklist vulnerability in the servlet filter restriction mechanism i - [tafamace/CVE-2016-0793](https://github.com/tafamace/CVE-2016-0793) +### CVE-2016-0800 (2016-03-01) + + +The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack. + + +- [nyctophile6/A2SV--SSL-VUL-Scan](https://github.com/nyctophile6/A2SV--SSL-VUL-Scan) + ### CVE-2016-0801 (2016-02-06) @@ -12140,6 +13823,7 @@ The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 - [scottjpack/Freak-Scanner](https://github.com/scottjpack/Freak-Scanner) - [AbhishekGhosh/FREAK-Attack-CVE-2015-0204-Testing-Script](https://github.com/AbhishekGhosh/FREAK-Attack-CVE-2015-0204-Testing-Script) - [niccoX/patch-openssl-CVE-2014-0291_CVE-2015-0204](https://github.com/niccoX/patch-openssl-CVE-2014-0291_CVE-2015-0204) +- [nyctophile6/A2SV--SSL-VUL-Scan](https://github.com/nyctophile6/A2SV--SSL-VUL-Scan) ### CVE-2015-0231 (2015-01-27) @@ -13038,6 +14722,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - [rouze-d/heartbleed](https://github.com/rouze-d/heartbleed) - [WildfootW/CVE-2014-0160_OpenSSL_1.0.1f_Heartbleed](https://github.com/WildfootW/CVE-2014-0160_OpenSSL_1.0.1f_Heartbleed) - [GuillermoEscobero/heartbleed](https://github.com/GuillermoEscobero/heartbleed) +- [nyctophile6/A2SV--SSL-VUL-Scan](https://github.com/nyctophile6/A2SV--SSL-VUL-Scan) ### CVE-2014-0166 (2014-04-09) @@ -14227,6 +15912,7 @@ The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, - [mpgn/CRIME-poc](https://github.com/mpgn/CRIME-poc) +- [nyctophile6/A2SV--SSL-VUL-Scan](https://github.com/nyctophile6/A2SV--SSL-VUL-Scan) ### CVE-2012-5106 (2014-06-20) @@ -14939,6 +16625,14 @@ Stack-based buffer overflow in War FTP Daemon 1.65, and possibly earlier, allows - [war4uthor/CVE-2007-1567](https://github.com/war4uthor/CVE-2007-1567) +### CVE-2007-1858 (2007-05-09) + + +The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts. + + +- [nyctophile6/A2SV--SSL-VUL-Scan](https://github.com/nyctophile6/A2SV--SSL-VUL-Scan) + ### CVE-2007-2447 (2007-05-14) @@ -15172,8 +16866,6 @@ Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execut - [adenkiewicz/CVE-2003-0264](https://github.com/adenkiewicz/CVE-2003-0264) - [fyoderxx/slmail-exploit](https://github.com/fyoderxx/slmail-exploit) - [war4uthor/CVE-2003-0264](https://github.com/war4uthor/CVE-2003-0264) -- [pwncone/CVE-2003-0264-SLmail-5.5](https://github.com/pwncone/CVE-2003-0264-SLmail-5.5) -- [PepeTheRital/CVE-2003-0264](https://github.com/PepeTheRital/CVE-2003-0264) ### CVE-2003-0282 (2003-05-14)