From 0b99cc00b6924424878909855e36f75779845791 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Tue, 22 Feb 2022 09:15:26 +0900 Subject: [PATCH] Auto Update 2022/02/22 00:15:26 --- 2017/CVE-2017-9248.json | 4 ++-- 2019/CVE-2019-18935.json | 4 ++-- 2019/CVE-2019-7406.json | 29 +++++++++++++++++++++++++++++ 2020/CVE-2020-2501.json | 29 +++++++++++++++++++++++++++++ 2020/CVE-2020-4464.json | 4 ++-- 2020/CVE-2020-7247.json | 2 +- 2021/CVE-2021-1965.json | 8 ++++---- 2021/CVE-2021-22204.json | 8 ++++---- 2021/CVE-2021-27965.json | 27 +++++++++++++++++++++++++++ 2021/CVE-2021-33044.json | 27 +++++++++++++++++++++++++++ 2021/CVE-2021-3490.json | 8 ++++---- 2021/CVE-2021-3560.json | 35 +++++++++++++++++++++++++++++++---- 2021/CVE-2021-40444.json | 27 --------------------------- 2021/CVE-2021-41773.json | 27 --------------------------- 2021/CVE-2021-42278.json | 16 ++++++++-------- 2021/CVE-2021-42574.json | 4 ++-- 2021/CVE-2021-44228.json | 10 +++++----- 2021/CVE-2021-44832.json | 29 ----------------------------- 2022/CVE-2022-23131.json | 8 ++++---- README.md | 17 ++++++++++++++--- 20 files changed, 195 insertions(+), 128 deletions(-) create mode 100644 2019/CVE-2019-7406.json create mode 100644 2020/CVE-2020-2501.json diff --git a/2017/CVE-2017-9248.json b/2017/CVE-2017-9248.json index d629c4b9a8..d8a440c4ee 100644 --- a/2017/CVE-2017-9248.json +++ b/2017/CVE-2017-9248.json @@ -44,12 +44,12 @@ "pushed_at": "2018-08-14T07:47:02Z", "stargazers_count": 85, "watchers_count": 85, - "forks_count": 25, + "forks_count": 26, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 25, + "forks": 26, "watchers": 85, "score": 0 }, diff --git a/2019/CVE-2019-18935.json b/2019/CVE-2019-18935.json index e0205738cf..2376f1c1fb 100644 --- a/2019/CVE-2019-18935.json +++ b/2019/CVE-2019-18935.json @@ -44,12 +44,12 @@ "pushed_at": "2021-11-10T21:19:47Z", "stargazers_count": 231, "watchers_count": 231, - "forks_count": 67, + "forks_count": 68, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 67, + "forks": 68, "watchers": 231, "score": 0 }, diff --git a/2019/CVE-2019-7406.json b/2019/CVE-2019-7406.json new file mode 100644 index 0000000000..1be2aba931 --- /dev/null +++ b/2019/CVE-2019-7406.json @@ -0,0 +1,29 @@ +[ + { + "id": 462035961, + "name": "alonzzzo", + "full_name": "Alonzozzz\/alonzzzo", + "owner": { + "login": "Alonzozzz", + "id": 100165245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100165245?v=4", + "html_url": "https:\/\/github.com\/Alonzozzz" + }, + "html_url": "https:\/\/github.com\/Alonzozzz\/alonzzzo", + "description": "Changelog CVE-2021-33044,CVE-2021-33045 Identity authentication bypass vulnerability found in some Dahua products CVE-2021-27248,CVE-2021-27249,CVE-2021-27250,CVE-2021-34860,CVE-2021-34861,CVE-2021-34862,CVE-2021-34863 Multiple vulnerabilities in DAP-2020 H\/W rev. Ax with F\/W v1.01 and below HTTP Path Traversal CVE-2019-7406 RCE vulnerability in TP-Link Wi-Fi Extenders via a malformed user agent field in HTTP headers CVE-2020-2501,CVE-2021-28797 Stack Buffer Overflow in QNAP Surveillance Station CVE-2021-34730 Critical UPnP Service Flaw on Cisco Small Business RV Series Routers CVE-2020-35785 Multiple HTTP authentication vulnerabilities on DGN2200v1", + "fork": false, + "created_at": "2022-02-21T21:22:43Z", + "updated_at": "2022-02-21T21:22:43Z", + "pushed_at": "2022-02-21T21:23:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2501.json b/2020/CVE-2020-2501.json new file mode 100644 index 0000000000..1be2aba931 --- /dev/null +++ b/2020/CVE-2020-2501.json @@ -0,0 +1,29 @@ +[ + { + "id": 462035961, + "name": "alonzzzo", + "full_name": "Alonzozzz\/alonzzzo", + "owner": { + "login": "Alonzozzz", + "id": 100165245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100165245?v=4", + "html_url": "https:\/\/github.com\/Alonzozzz" + }, + "html_url": "https:\/\/github.com\/Alonzozzz\/alonzzzo", + "description": "Changelog CVE-2021-33044,CVE-2021-33045 Identity authentication bypass vulnerability found in some Dahua products CVE-2021-27248,CVE-2021-27249,CVE-2021-27250,CVE-2021-34860,CVE-2021-34861,CVE-2021-34862,CVE-2021-34863 Multiple vulnerabilities in DAP-2020 H\/W rev. Ax with F\/W v1.01 and below HTTP Path Traversal CVE-2019-7406 RCE vulnerability in TP-Link Wi-Fi Extenders via a malformed user agent field in HTTP headers CVE-2020-2501,CVE-2021-28797 Stack Buffer Overflow in QNAP Surveillance Station CVE-2021-34730 Critical UPnP Service Flaw on Cisco Small Business RV Series Routers CVE-2020-35785 Multiple HTTP authentication vulnerabilities on DGN2200v1", + "fork": false, + "created_at": "2022-02-21T21:22:43Z", + "updated_at": "2022-02-21T21:22:43Z", + "pushed_at": "2022-02-21T21:23:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-4464.json b/2020/CVE-2020-4464.json index 6d1290e39c..a71b745c24 100644 --- a/2020/CVE-2020-4464.json +++ b/2020/CVE-2020-4464.json @@ -17,12 +17,12 @@ "pushed_at": "2021-08-24T15:02:19Z", "stargazers_count": 14, "watchers_count": 14, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 2, + "forks": 3, "watchers": 14, "score": 0 } diff --git a/2020/CVE-2020-7247.json b/2020/CVE-2020-7247.json index 58edbae57c..63428153c1 100644 --- a/2020/CVE-2020-7247.json +++ b/2020/CVE-2020-7247.json @@ -235,7 +235,7 @@ "fork": false, "created_at": "2022-02-07T10:59:36Z", "updated_at": "2022-02-07T12:49:21Z", - "pushed_at": "2022-02-07T23:28:25Z", + "pushed_at": "2022-02-21T23:50:25Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, diff --git a/2021/CVE-2021-1965.json b/2021/CVE-2021-1965.json index 7c5fdc439d..012fe84d83 100644 --- a/2021/CVE-2021-1965.json +++ b/2021/CVE-2021-1965.json @@ -13,17 +13,17 @@ "description": "CVE-2021-1965 WiFi Zero Click RCE Trigger PoC", "fork": false, "created_at": "2022-02-18T14:19:58Z", - "updated_at": "2022-02-21T17:44:17Z", + "updated_at": "2022-02-21T22:55:18Z", "pushed_at": "2022-02-19T13:52:32Z", - "stargazers_count": 95, - "watchers_count": 95, + "stargazers_count": 103, + "watchers_count": 103, "forks_count": 18, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 18, - "watchers": 95, + "watchers": 103, "score": 0 }, { diff --git a/2021/CVE-2021-22204.json b/2021/CVE-2021-22204.json index 8ac7e74cfe..d708338f73 100644 --- a/2021/CVE-2021-22204.json +++ b/2021/CVE-2021-22204.json @@ -13,10 +13,10 @@ "description": "Python exploit for the CVE-2021-22204 vulnerability in Exiftool", "fork": false, "created_at": "2021-05-11T18:45:07Z", - "updated_at": "2022-02-21T01:10:54Z", + "updated_at": "2022-02-21T21:34:36Z", "pushed_at": "2021-05-20T21:42:43Z", - "stargazers_count": 46, - "watchers_count": 46, + "stargazers_count": 47, + "watchers_count": 47, "forks_count": 12, "allow_forking": true, "is_template": false, @@ -26,7 +26,7 @@ ], "visibility": "public", "forks": 12, - "watchers": 46, + "watchers": 47, "score": 0 }, { diff --git a/2021/CVE-2021-27965.json b/2021/CVE-2021-27965.json index fcb9bab18c..0c93dd5b42 100644 --- a/2021/CVE-2021-27965.json +++ b/2021/CVE-2021-27965.json @@ -67,5 +67,32 @@ "forks": 1, "watchers": 0, "score": 0 + }, + { + "id": 462021959, + "name": "CVE-2021-27965-Win10-20H2-x64", + "full_name": "Leo-Security\/CVE-2021-27965-Win10-20H2-x64", + "owner": { + "login": "Leo-Security", + "id": 82122352, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82122352?v=4", + "html_url": "https:\/\/github.com\/Leo-Security" + }, + "html_url": "https:\/\/github.com\/Leo-Security\/CVE-2021-27965-Win10-20H2-x64", + "description": "A repository housing the exploit code for CVE-2021-27965, a stack-buffer overflow vulnerability in MsIo.sys.", + "fork": false, + "created_at": "2022-02-21T20:31:17Z", + "updated_at": "2022-02-21T20:31:17Z", + "pushed_at": "2022-02-21T20:31:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-33044.json b/2021/CVE-2021-33044.json index c558f652d7..e35639d959 100644 --- a/2021/CVE-2021-33044.json +++ b/2021/CVE-2021-33044.json @@ -52,5 +52,32 @@ "forks": 5, "watchers": 9, "score": 0 + }, + { + "id": 462035961, + "name": "alonzzzo", + "full_name": "Alonzozzz\/alonzzzo", + "owner": { + "login": "Alonzozzz", + "id": 100165245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100165245?v=4", + "html_url": "https:\/\/github.com\/Alonzozzz" + }, + "html_url": "https:\/\/github.com\/Alonzozzz\/alonzzzo", + "description": "Changelog CVE-2021-33044,CVE-2021-33045 Identity authentication bypass vulnerability found in some Dahua products CVE-2021-27248,CVE-2021-27249,CVE-2021-27250,CVE-2021-34860,CVE-2021-34861,CVE-2021-34862,CVE-2021-34863 Multiple vulnerabilities in DAP-2020 H\/W rev. Ax with F\/W v1.01 and below HTTP Path Traversal CVE-2019-7406 RCE vulnerability in TP-Link Wi-Fi Extenders via a malformed user agent field in HTTP headers CVE-2020-2501,CVE-2021-28797 Stack Buffer Overflow in QNAP Surveillance Station CVE-2021-34730 Critical UPnP Service Flaw on Cisco Small Business RV Series Routers CVE-2020-35785 Multiple HTTP authentication vulnerabilities on DGN2200v1", + "fork": false, + "created_at": "2022-02-21T21:22:43Z", + "updated_at": "2022-02-21T21:22:43Z", + "pushed_at": "2022-02-21T21:23:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-3490.json b/2021/CVE-2021-3490.json index ab1b45037b..163af4aba3 100644 --- a/2021/CVE-2021-3490.json +++ b/2021/CVE-2021-3490.json @@ -13,17 +13,17 @@ "description": null, "fork": false, "created_at": "2021-06-24T18:50:17Z", - "updated_at": "2022-02-09T20:30:46Z", + "updated_at": "2022-02-21T19:41:00Z", "pushed_at": "2021-08-25T19:26:21Z", - "stargazers_count": 212, - "watchers_count": 212, + "stargazers_count": 213, + "watchers_count": 213, "forks_count": 43, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 43, - "watchers": 212, + "watchers": 213, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-3560.json b/2021/CVE-2021-3560.json index 406fb21f5c..fe3d2e4e68 100644 --- a/2021/CVE-2021-3560.json +++ b/2021/CVE-2021-3560.json @@ -184,17 +184,17 @@ "description": "Privilege escalation with polkit - CVE-2021-3560", "fork": false, "created_at": "2021-06-19T08:15:17Z", - "updated_at": "2022-02-20T06:59:48Z", + "updated_at": "2022-02-21T22:30:03Z", "pushed_at": "2021-06-20T07:38:13Z", - "stargazers_count": 36, - "watchers_count": 36, + "stargazers_count": 37, + "watchers_count": 37, "forks_count": 20, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 20, - "watchers": 36, + "watchers": 37, "score": 0 }, { @@ -311,5 +311,32 @@ "forks": 0, "watchers": 2, "score": 0 + }, + { + "id": 462040432, + "name": "Vivald0x6f", + "full_name": "Nosferatuvjr\/Vivald0x6f", + "owner": { + "login": "Nosferatuvjr", + "id": 67665267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67665267?v=4", + "html_url": "https:\/\/github.com\/Nosferatuvjr" + }, + "html_url": "https:\/\/github.com\/Nosferatuvjr\/Vivald0x6f", + "description": "CVE-2021-3560 Polkit v0.105-26 Linux Privilege Escalation PoC by Vivald0x6f", + "fork": false, + "created_at": "2022-02-21T21:39:29Z", + "updated_at": "2022-02-21T21:51:04Z", + "pushed_at": "2022-02-21T22:37:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-40444.json b/2021/CVE-2021-40444.json index 29ac3209cc..a14f0945d2 100644 --- a/2021/CVE-2021-40444.json +++ b/2021/CVE-2021-40444.json @@ -26,33 +26,6 @@ "watchers": 1370, "score": 0 }, - { - "id": 405716870, - "name": "CVE-2021-40444_builders", - "full_name": "aslitsecurity\/CVE-2021-40444_builders", - "owner": { - "login": "aslitsecurity", - "id": 9478055, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9478055?v=4", - "html_url": "https:\/\/github.com\/aslitsecurity" - }, - "html_url": "https:\/\/github.com\/aslitsecurity\/CVE-2021-40444_builders", - "description": "This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit", - "fork": false, - "created_at": "2021-09-12T18:05:53Z", - "updated_at": "2022-02-17T13:28:29Z", - "pushed_at": "2021-10-11T20:53:19Z", - "stargazers_count": 163, - "watchers_count": 163, - "forks_count": 45, - "allow_forking": true, - "is_template": false, - "topics": [], - "visibility": "public", - "forks": 45, - "watchers": 163, - "score": 0 - }, { "id": 406942491, "name": "CVE-2021-40444", diff --git a/2021/CVE-2021-41773.json b/2021/CVE-2021-41773.json index 54fd4cd432..34a9d91b7b 100644 --- a/2021/CVE-2021-41773.json +++ b/2021/CVE-2021-41773.json @@ -255,33 +255,6 @@ "watchers": 1, "score": 0 }, - { - "id": 415041820, - "name": "CVE-2021-41773", - "full_name": "superzerosec\/CVE-2021-41773", - "owner": { - "login": "superzerosec", - "id": 57648217, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", - "html_url": "https:\/\/github.com\/superzerosec" - }, - "html_url": "https:\/\/github.com\/superzerosec\/CVE-2021-41773", - "description": "POC", - "fork": false, - "created_at": "2021-10-08T15:40:41Z", - "updated_at": "2021-10-11T22:24:14Z", - "pushed_at": "2021-10-11T22:24:12Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 1, - "allow_forking": true, - "is_template": false, - "topics": [], - "visibility": "public", - "forks": 1, - "watchers": 4, - "score": 0 - }, { "id": 415177333, "name": "apachrot", diff --git a/2021/CVE-2021-42278.json b/2021/CVE-2021-42278.json index a32597d86e..b3715c2541 100644 --- a/2021/CVE-2021-42278.json +++ b/2021/CVE-2021-42278.json @@ -13,10 +13,10 @@ "description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ", "fork": false, "created_at": "2021-12-11T15:10:30Z", - "updated_at": "2022-02-19T16:15:08Z", + "updated_at": "2022-02-21T22:17:12Z", "pushed_at": "2021-12-21T10:11:05Z", - "stargazers_count": 735, - "watchers_count": 735, + "stargazers_count": 736, + "watchers_count": 736, "forks_count": 162, "allow_forking": true, "is_template": false, @@ -28,7 +28,7 @@ ], "visibility": "public", "forks": 162, - "watchers": 735, + "watchers": 736, "score": 0 }, { @@ -99,10 +99,10 @@ "description": "Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)", "fork": false, "created_at": "2021-12-13T23:15:05Z", - "updated_at": "2022-02-17T17:15:29Z", + "updated_at": "2022-02-21T20:53:04Z", "pushed_at": "2022-01-13T12:35:19Z", - "stargazers_count": 209, - "watchers_count": 209, + "stargazers_count": 210, + "watchers_count": 210, "forks_count": 28, "allow_forking": true, "is_template": false, @@ -111,7 +111,7 @@ ], "visibility": "public", "forks": 28, - "watchers": 209, + "watchers": 210, "score": 0 }, { diff --git a/2021/CVE-2021-42574.json b/2021/CVE-2021-42574.json index 99b9b830a3..23d2df0b1b 100644 --- a/2021/CVE-2021-42574.json +++ b/2021/CVE-2021-42574.json @@ -98,7 +98,7 @@ "pushed_at": "2022-02-05T21:50:38Z", "stargazers_count": 4, "watchers_count": 4, - "forks_count": 3, + "forks_count": 2, "allow_forking": true, "is_template": false, "topics": [ @@ -110,7 +110,7 @@ "unicode-characters" ], "visibility": "public", - "forks": 3, + "forks": 2, "watchers": 4, "score": 0 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index c9bc068624..cc60ba0991 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -909,7 +909,7 @@ "pushed_at": "2022-01-22T14:55:02Z", "stargazers_count": 1247, "watchers_count": 1247, - "forks_count": 331, + "forks_count": 332, "allow_forking": true, "is_template": false, "topics": [ @@ -919,7 +919,7 @@ "security" ], "visibility": "public", - "forks": 331, + "forks": 332, "watchers": 1247, "score": 0 }, @@ -4398,7 +4398,7 @@ "fork": false, "created_at": "2021-12-13T16:04:54Z", "updated_at": "2021-12-21T02:30:06Z", - "pushed_at": "2022-01-29T19:00:03Z", + "pushed_at": "2022-02-21T23:45:03Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, @@ -4636,7 +4636,7 @@ "pushed_at": "2021-12-21T16:01:08Z", "stargazers_count": 7, "watchers_count": 7, - "forks_count": 4, + "forks_count": 3, "allow_forking": true, "is_template": false, "topics": [ @@ -4650,7 +4650,7 @@ "vulnerability" ], "visibility": "public", - "forks": 4, + "forks": 3, "watchers": 7, "score": 0 }, diff --git a/2021/CVE-2021-44832.json b/2021/CVE-2021-44832.json index 136ffb2a54..2f14a059cf 100644 --- a/2021/CVE-2021-44832.json +++ b/2021/CVE-2021-44832.json @@ -52,34 +52,5 @@ "forks": 0, "watchers": 0, "score": 0 - }, - { - "id": 443177434, - "name": "CVE-2021-44832", - "full_name": "DanielRuf\/CVE-2021-44832", - "owner": { - "login": "DanielRuf", - "id": 827205, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/827205?v=4", - "html_url": "https:\/\/github.com\/DanielRuf" - }, - "html_url": "https:\/\/github.com\/DanielRuf\/CVE-2021-44832", - "description": "CVE-2021-44832", - "fork": false, - "created_at": "2021-12-30T20:24:07Z", - "updated_at": "2022-01-01T14:18:33Z", - "pushed_at": "2021-12-30T20:28:38Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "allow_forking": true, - "is_template": false, - "topics": [ - "cve-2021-44832" - ], - "visibility": "public", - "forks": 1, - "watchers": 0, - "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-23131.json b/2022/CVE-2022-23131.json index 05174e79c5..83bdaf4460 100644 --- a/2022/CVE-2022-23131.json +++ b/2022/CVE-2022-23131.json @@ -40,17 +40,17 @@ "description": "cve-2022-23131 exp", "fork": false, "created_at": "2022-02-18T08:38:53Z", - "updated_at": "2022-02-21T16:22:40Z", + "updated_at": "2022-02-21T22:56:55Z", "pushed_at": "2022-02-21T04:27:48Z", - "stargazers_count": 54, - "watchers_count": 54, + "stargazers_count": 55, + "watchers_count": 55, "forks_count": 18, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 18, - "watchers": 54, + "watchers": 55, "score": 0 }, { diff --git a/README.md b/README.md index 7d4ca03dcf..234db74b4c 100644 --- a/README.md +++ b/README.md @@ -764,6 +764,7 @@ It was found that polkit could be tricked into bypassing the credential checks f - [chenaotian/CVE-2021-3560](https://github.com/chenaotian/CVE-2021-3560) - [n3onhacks/CVE-2021-3560](https://github.com/n3onhacks/CVE-2021-3560) - [f4T1H21/CVE-2021-3560-Polkit-DBus](https://github.com/f4T1H21/CVE-2021-3560-Polkit-DBus) +- [Nosferatuvjr/Vivald0x6f](https://github.com/Nosferatuvjr/Vivald0x6f) ### CVE-2021-3572 (2021-11-10) @@ -1975,6 +1976,7 @@ The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 ha - [mathisvickie/CVE-2021-27965](https://github.com/mathisvickie/CVE-2021-27965) - [Crystalware/CVE-2021-27965](https://github.com/Crystalware/CVE-2021-27965) +- [Leo-Security/CVE-2021-27965-Win10-20H2-x64](https://github.com/Leo-Security/CVE-2021-27965-Win10-20H2-x64) ### CVE-2021-28079 (2021-04-26) @@ -2457,6 +2459,7 @@ The identity authentication bypass vulnerability found in some Dahua products du - [bp2008/DahuaLoginBypass](https://github.com/bp2008/DahuaLoginBypass) - [dorkerdevil/CVE-2021-33044](https://github.com/dorkerdevil/CVE-2021-33044) +- [Alonzozzz/alonzzzo](https://github.com/Alonzozzz/alonzzzo) ### CVE-2021-33558 (2021-05-27) @@ -2829,7 +2832,6 @@ Microsoft MSHTML Remote Code Execution Vulnerability - [lockedbyte/CVE-2021-40444](https://github.com/lockedbyte/CVE-2021-40444) -- [aslitsecurity/CVE-2021-40444_builders](https://github.com/aslitsecurity/CVE-2021-40444_builders) - [klezVirus/CVE-2021-40444](https://github.com/klezVirus/CVE-2021-40444) - [kal1gh0st/CVE-2021-40444_CAB_archives](https://github.com/kal1gh0st/CVE-2021-40444_CAB_archives) - [factionsypho/TIC4301_Project](https://github.com/factionsypho/TIC4301_Project) @@ -3013,7 +3015,6 @@ A flaw was found in a change made to path normalization in Apache HTTP Server 2. - [shiomiyan/CVE-2021-41773](https://github.com/shiomiyan/CVE-2021-41773) - [shellreaper/CVE-2021-41773](https://github.com/shellreaper/CVE-2021-41773) - [corelight/CVE-2021-41773](https://github.com/corelight/CVE-2021-41773) -- [superzerosec/CVE-2021-41773](https://github.com/superzerosec/CVE-2021-41773) - [im-hanzou/apachrot](https://github.com/im-hanzou/apachrot) - [scarmandef/CVE-2021-41773](https://github.com/scarmandef/CVE-2021-41773) - [0xAlmighty/CVE-2021-41773-PoC](https://github.com/0xAlmighty/CVE-2021-41773-PoC) @@ -3974,7 +3975,6 @@ Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases - [cckuailong/log4j_RCE_CVE-2021-44832](https://github.com/cckuailong/log4j_RCE_CVE-2021-44832) - [name/log4j](https://github.com/name/log4j) -- [DanielRuf/CVE-2021-44832](https://github.com/DanielRuf/CVE-2021-44832) ### CVE-2021-45007 (2022-02-20) @@ -5037,6 +5037,14 @@ An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows ### CVE-2020-2333 - [section-c/CVE-2020-2333](https://github.com/section-c/CVE-2020-2333) +### CVE-2020-2501 (2021-02-16) + + +A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS) + + +- [Alonzozzz/alonzzzo](https://github.com/Alonzozzz/alonzzzo) + ### CVE-2020-2546 (2020-01-15) @@ -10312,6 +10320,9 @@ Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely - [ngpentest007/CVE-2019-7357](https://github.com/ngpentest007/CVE-2019-7357) +### CVE-2019-7406 +- [Alonzozzz/alonzzzo](https://github.com/Alonzozzz/alonzzzo) + ### CVE-2019-7482 (2019-12-18)