mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2023/10/18 00:31:02

Browse source
This commit is contained in:
motikan2010-bot 2023-10-18 09:31:03 +09:00
parent 5a1d616fee
commit 10cbebbf32
50 changed files with 782 additions and 121 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
2007/CVE-2007-2447.json
View file

@ -674,7 +674,7 @@
"fork": false,
"created_at": "2022-10-14T09:01:29Z",
"updated_at": "2023-02-06T13:44:49Z",
"pushed_at": "2022-10-14T09:06:12Z",
"pushed_at": "2023-10-17T19:34:27Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,

4
2016/CVE-2016-0792.json
View file

@ -83,8 +83,8 @@
"description": "Modified Verion of CVE-2016-0792",
"fork": false,
"created_at": "2021-09-07T13:14:16Z",
"updated_at": "2023-02-06T13:44:49Z",
"pushed_at": "2021-09-07T13:57:08Z",
"updated_at": "2023-10-17T19:27:14Z",
"pushed_at": "2023-10-17T19:27:09Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,

32
2016/CVE-2016-2118.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 56461631,
"name": "cfengine-CVE-2016-2118",
"full_name": "nickanderson\/cfengine-CVE-2016-2118",
"owner": {
"login": "nickanderson",
"id": 202896,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/202896?v=4",
"html_url": "https:\/\/github.com\/nickanderson"
},
"html_url": "https:\/\/github.com\/nickanderson\/cfengine-CVE-2016-2118",
"description": "An example detection and remediation policy.",
"fork": false,
"created_at": "2016-04-17T22:22:04Z",
"updated_at": "2016-04-18T02:57:44Z",
"pushed_at": "2016-04-19T14:24:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
}
]

32
2016/CVE-2016-3141.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 56758577,
"name": "CVE-2016-3141",
"full_name": "peternguyen93\/CVE-2016-3141",
"owner": {
"login": "peternguyen93",
"id": 1802870,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1802870?v=4",
"html_url": "https:\/\/github.com\/peternguyen93"
},
"html_url": "https:\/\/github.com\/peternguyen93\/CVE-2016-3141",
"description": "CVE-2016-3141",
"fork": false,
"created_at": "2016-04-21T08:59:05Z",
"updated_at": "2023-03-11T18:41:15Z",
"pushed_at": "2016-04-23T15:55:01Z",
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 15,
"score": 0,
"subscribers_count": 3
}
]

4
2018/CVE-2018-14847.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 495,
"watchers_count": 495,
"has_discussions": false,
"forks_count": 473,
"forks_count": 472,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 473,
"forks": 472,
"watchers": 495,
"score": 0,
"subscribers_count": 58

8
2018/CVE-2018-7600.json
View file

@ -43,10 +43,10 @@
"description": "💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002",
"fork": false,
"created_at": "2018-03-30T14:23:18Z",
"updated_at": "2023-09-28T10:49:25Z",
"updated_at": "2023-10-17T18:59:03Z",
"pushed_at": "2019-03-29T11:25:57Z",
"stargazers_count": 346,
"watchers_count": 346,
"stargazers_count": 345,
"watchers_count": 345,
"has_discussions": false,
"forks_count": 116,
"allow_forking": true,
@ -62,7 +62,7 @@
],
"visibility": "public",
"forks": 116,
"watchers": 346,
"watchers": 345,
"score": 0,
"subscribers_count": 78
},

8
2019/CVE-2019-13272.json
View file

@ -13,10 +13,10 @@
"description": "Linux 4.10 < 5.1.17 PTRACE_TRACEME local root",
"fork": false,
"created_at": "2019-07-31T04:51:43Z",
"updated_at": "2023-10-01T09:14:23Z",
"updated_at": "2023-10-17T19:45:47Z",
"pushed_at": "2019-08-01T16:02:59Z",
"stargazers_count": 313,
"watchers_count": 313,
"stargazers_count": 314,
"watchers_count": 314,
"has_discussions": false,
"forks_count": 116,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 116,
"watchers": 313,
"watchers": 314,
"score": 0,
"subscribers_count": 8
},

2
2019/CVE-2019-19781.json
View file

@ -1349,7 +1349,7 @@
"fork": false,
"created_at": "2020-07-30T17:37:40Z",
"updated_at": "2023-09-28T11:18:31Z",
"pushed_at": "2023-10-03T02:27:40Z",
"pushed_at": "2023-10-17T23:30:10Z",
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,

8
2019/CVE-2019-6340.json
View file

@ -103,10 +103,10 @@
"description": "CVE-2019-6340 POC Drupal rce",
"fork": false,
"created_at": "2019-02-25T07:47:16Z",
"updated_at": "2023-09-28T10:58:46Z",
"updated_at": "2023-10-17T18:59:05Z",
"pushed_at": "2019-02-25T08:57:14Z",
"stargazers_count": 15,
"watchers_count": 15,
"stargazers_count": 14,
"watchers_count": 14,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 15,
"watchers": 14,
"score": 0,
"subscribers_count": 3
},

32
2020/CVE-2020-0910.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 339823743,
"name": "CVE-2020-0910",
"full_name": "kfmgang\/CVE-2020-0910",
"owner": {
"login": "kfmgang",
"id": 20864985,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20864985?v=4",
"html_url": "https:\/\/github.com\/kfmgang"
},
"html_url": "https:\/\/github.com\/kfmgang\/CVE-2020-0910",
"description": "Exploit PoC RCE - Windows Hyper-V Remote Code Execution Reverse Shell",
"fork": false,
"created_at": "2021-02-17T18:50:02Z",
"updated_at": "2022-11-03T01:08:49Z",
"pushed_at": "2020-04-22T01:10:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

60
2020/CVE-2020-10148.json
View file

@ -28,5 +28,65 @@
"watchers": 6,
"score": 0,
"subscribers_count": 2
},
{
"id": 326335788,
"name": "CVE-2020-10148-Solarwinds-Orion",
"full_name": "Udyz\/CVE-2020-10148-Solarwinds-Orion",
"owner": {
"login": "Udyz",
"id": 39673284,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39673284?v=4",
"html_url": "https:\/\/github.com\/Udyz"
},
"html_url": "https:\/\/github.com\/Udyz\/CVE-2020-10148-Solarwinds-Orion",
"description": null,
"fork": false,
"created_at": "2021-01-03T05:35:07Z",
"updated_at": "2023-09-28T11:23:36Z",
"pushed_at": "2021-01-03T05:37:15Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 2
},
{
"id": 327010904,
"name": "CVE-2020-10148",
"full_name": "B1anda0\/CVE-2020-10148",
"owner": {
"login": "B1anda0",
"id": 74232513,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74232513?v=4",
"html_url": "https:\/\/github.com\/B1anda0"
},
"html_url": "https:\/\/github.com\/B1anda0\/CVE-2020-10148",
"description": "SolarWinds Orion API 远程代码执行漏洞批量检测脚本",
"fork": false,
"created_at": "2021-01-05T13:42:36Z",
"updated_at": "2023-02-26T04:18:15Z",
"pushed_at": "2021-01-05T13:56:11Z",
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 10,
"score": 0,
"subscribers_count": 1
}
]

38
2020/CVE-2020-1472.json
View file

@ -103,10 +103,10 @@
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
"fork": false,
"created_at": "2020-09-14T16:56:51Z",
"updated_at": "2023-10-15T20:32:27Z",
"updated_at": "2023-10-17T22:03:52Z",
"pushed_at": "2020-11-03T09:45:24Z",
"stargazers_count": 1082,
"watchers_count": 1082,
"stargazers_count": 1083,
"watchers_count": 1083,
"has_discussions": false,
"forks_count": 283,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 283,
"watchers": 1082,
"watchers": 1083,
"score": 0,
"subscribers_count": 35
},
@ -1334,6 +1334,36 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 325937253,
"name": "zerologon",
"full_name": "wrathfulDiety\/zerologon",
"owner": {
"login": "wrathfulDiety",
"id": 36190613,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36190613?v=4",
"html_url": "https:\/\/github.com\/wrathfulDiety"
},
"html_url": "https:\/\/github.com\/wrathfulDiety\/zerologon",
"description": "zerologon script to exploit CVE-2020-1472 CVSS 10\/10",
"fork": false,
"created_at": "2021-01-01T07:38:58Z",
"updated_at": "2021-01-17T15:08:53Z",
"pushed_at": "2021-01-03T15:43:26Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 327729919,
"name": "ZeroLogon-Exploitation-Check",

8
2020/CVE-2020-14883.json
View file

@ -133,10 +133,10 @@
"description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection\/QiZhiBaoLeiJi-AnyUserLogin\/QiAnXin-WangKangFirewall-RCE\/金山-V8-终端安全系统\/NCCloud-SQLinjection\/ShowDoc-RCE",
"fork": false,
"created_at": "2021-03-11T22:49:17Z",
"updated_at": "2023-10-17T08:23:58Z",
"updated_at": "2023-10-17T19:15:06Z",
"pushed_at": "2023-05-11T14:36:58Z",
"stargazers_count": 1074,
"watchers_count": 1074,
"stargazers_count": 1075,
"watchers_count": 1075,
"has_discussions": false,
"forks_count": 329,
"allow_forking": true,
@ -149,7 +149,7 @@
],
"visibility": "public",
"forks": 329,
"watchers": 1074,
"watchers": 1075,
"score": 0,
"subscribers_count": 37
}

30
2020/CVE-2020-17518.json
View file

@ -1,4 +1,34 @@
[
{
"id": 327323010,
"name": "CVE-2020-17518",
"full_name": "QmF0c3UK\/CVE-2020-17518",
"owner": {
"login": "QmF0c3UK",
"id": 29447678,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29447678?v=4",
"html_url": "https:\/\/github.com\/QmF0c3UK"
},
"html_url": "https:\/\/github.com\/QmF0c3UK\/CVE-2020-17518",
"description": null,
"fork": false,
"created_at": "2021-01-06T13:40:06Z",
"updated_at": "2023-09-28T11:23:42Z",
"pushed_at": "2021-01-06T13:41:04Z",
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 9,
"score": 0,
"subscribers_count": 2
},
{
"id": 328278486,
"name": "CVE-2020-17518",

30
2020/CVE-2020-17519.json
View file

@ -29,6 +29,36 @@
"score": 0,
"subscribers_count": 2
},
{
"id": 327323355,
"name": "CVE-2020-17519",
"full_name": "QmF0c3UK\/CVE-2020-17519",
"owner": {
"login": "QmF0c3UK",
"id": 29447678,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29447678?v=4",
"html_url": "https:\/\/github.com\/QmF0c3UK"
},
"html_url": "https:\/\/github.com\/QmF0c3UK\/CVE-2020-17519",
"description": null,
"fork": false,
"created_at": "2021-01-06T13:41:24Z",
"updated_at": "2023-09-28T11:23:42Z",
"pushed_at": "2021-01-06T13:41:58Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 2,
"score": 0,
"subscribers_count": 3
},
{
"id": 327361663,
"name": "apache-flink-directory-traversal.nse",

32
2020/CVE-2020-1937.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 327320676,
"name": "apache_kylin",
"full_name": "shanika04\/apache_kylin",
"owner": {
"login": "shanika04",
"id": 73774345,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4",
"html_url": "https:\/\/github.com\/shanika04"
},
"html_url": "https:\/\/github.com\/shanika04\/apache_kylin",
"description": "CVE-2020-1937",
"fork": false,
"created_at": "2021-01-06T13:31:20Z",
"updated_at": "2021-01-06T13:41:05Z",
"pushed_at": "2021-01-06T13:40:54Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
}
]

32
2020/CVE-2020-25498.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 327073339,
"name": "CVE-2020-25498",
"full_name": "the-girl-who-lived\/CVE-2020-25498",
"owner": {
"login": "the-girl-who-lived",
"id": 42164898,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42164898?v=4",
"html_url": "https:\/\/github.com\/the-girl-who-lived"
},
"html_url": "https:\/\/github.com\/the-girl-who-lived\/CVE-2020-25498",
"description": "Stored XSS via CSRF in Beetel 777VR1 Router ",
"fork": false,
"created_at": "2021-01-05T17:38:52Z",
"updated_at": "2021-01-09T06:55:14Z",
"pushed_at": "2021-01-05T19:48:06Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}
]

32
2020/CVE-2020-29583.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 326532749,
"name": "scan_CVE-2020-29583",
"full_name": "ruppde\/scan_CVE-2020-29583",
"owner": {
"login": "ruppde",
"id": 46819580,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46819580?v=4",
"html_url": "https:\/\/github.com\/ruppde"
},
"html_url": "https:\/\/github.com\/ruppde\/scan_CVE-2020-29583",
"description": "Scanner for Zyxel products which are potentially vulnerable due to an undocumented user account (CVE-2020-29583)",
"fork": false,
"created_at": "2021-01-04T00:56:55Z",
"updated_at": "2023-03-15T18:45:41Z",
"pushed_at": "2021-01-04T22:55:37Z",
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 12,
"score": 0,
"subscribers_count": 3
}
]

32
2020/CVE-2020-35262.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 327099437,
"name": "CVE-2020-35262",
"full_name": "the-girl-who-lived\/CVE-2020-35262",
"owner": {
"login": "the-girl-who-lived",
"id": 42164898,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42164898?v=4",
"html_url": "https:\/\/github.com\/the-girl-who-lived"
},
"html_url": "https:\/\/github.com\/the-girl-who-lived\/CVE-2020-35262",
"description": "Cross Site Scripting (XSS) in Digisol DG-HR3400 Router",
"fork": false,
"created_at": "2021-01-05T19:32:31Z",
"updated_at": "2023-09-28T11:23:40Z",
"pushed_at": "2021-01-05T19:46:55Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}
]

32
2020/CVE-2020-35717.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 325946157,
"name": "cve-2020-35717",
"full_name": "hmartos\/cve-2020-35717",
"owner": {
"login": "hmartos",
"id": 13253656,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13253656?v=4",
"html_url": "https:\/\/github.com\/hmartos"
},
"html_url": "https:\/\/github.com\/hmartos\/cve-2020-35717",
"description": "Showcase repository for CVE-2020-35717",
"fork": false,
"created_at": "2021-01-01T08:53:53Z",
"updated_at": "2023-03-09T00:13:18Z",
"pushed_at": "2021-01-01T08:54:35Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}
]

30
2020/CVE-2020-7961.json
View file

@ -179,6 +179,36 @@
"score": 0,
"subscribers_count": 2
},
{
"id": 326194141,
"name": "CVE-2020-7961-Mass",
"full_name": "Udyz\/CVE-2020-7961-Mass",
"owner": {
"login": "Udyz",
"id": 39673284,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39673284?v=4",
"html_url": "https:\/\/github.com\/Udyz"
},
"html_url": "https:\/\/github.com\/Udyz\/CVE-2020-7961-Mass",
"description": "CVE-20207961 Mass exploit for Script Kiddies",
"fork": false,
"created_at": "2021-01-02T13:57:59Z",
"updated_at": "2023-09-28T11:23:35Z",
"pushed_at": "2021-01-03T10:54:20Z",
"stargazers_count": 18,
"watchers_count": 18,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 18,
"score": 0,
"subscribers_count": 3
},
{
"id": 329711989,
"name": "CVE-2020-7961",

30
2020/CVE-2020-8165.json
View file

@ -89,6 +89,36 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 326508613,
"name": "CVE-2020-8165",
"full_name": "hybryx\/CVE-2020-8165",
"owner": {
"login": "hybryx",
"id": 43386553,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43386553?v=4",
"html_url": "https:\/\/github.com\/hybryx"
},
"html_url": "https:\/\/github.com\/hybryx\/CVE-2020-8165",
"description": null,
"fork": false,
"created_at": "2021-01-03T21:59:09Z",
"updated_at": "2021-02-03T02:11:09Z",
"pushed_at": "2021-01-03T22:07:27Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"score": 0,
"subscribers_count": 2
},
{
"id": 329810247,
"name": "CVE-2020-8165",

32
2020/CVE-2020-8287.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 326860293,
"name": "nodejs-http-transfer-encoding-smuggling-poc",
"full_name": "progfay\/nodejs-http-transfer-encoding-smuggling-poc",
"owner": {
"login": "progfay",
"id": 19568747,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19568747?v=4",
"html_url": "https:\/\/github.com\/progfay"
},
"html_url": "https:\/\/github.com\/progfay\/nodejs-http-transfer-encoding-smuggling-poc",
"description": "PoC of HTTP Request Smuggling in nodejs (CVE-2020-8287)",
"fork": false,
"created_at": "2021-01-05T02:09:23Z",
"updated_at": "2023-01-28T11:04:02Z",
"pushed_at": "2021-01-06T08:05:36Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}
]

30
2020/CVE-2020-9483.json
View file

@ -1,4 +1,34 @@
[
{
"id": 327318338,
"name": "apache_skywalking",
"full_name": "shanika04\/apache_skywalking",
"owner": {
"login": "shanika04",
"id": 73774345,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4",
"html_url": "https:\/\/github.com\/shanika04"
},
"html_url": "https:\/\/github.com\/shanika04\/apache_skywalking",
"description": "CVE-2020-9483 OR CVE-2020-13921",
"fork": false,
"created_at": "2021-01-06T13:22:32Z",
"updated_at": "2021-03-22T05:21:36Z",
"pushed_at": "2021-01-06T13:52:44Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 387366849,
"name": "CVE-2020-9483",

30
2020/CVE-2020-9484.json
View file

@ -239,6 +239,36 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 329004194,
"name": "CVE-2020-9484-Scanner",
"full_name": "DanQMoo\/CVE-2020-9484-Scanner",
"owner": {
"login": "DanQMoo",
"id": 29651956,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29651956?v=4",
"html_url": "https:\/\/github.com\/DanQMoo"
},
"html_url": "https:\/\/github.com\/DanQMoo\/CVE-2020-9484-Scanner",
"description": "A smol bash script I threw together pretty quickly to scan for vulnerable versions of the Apache Tomcat RCE. I'll give it some love when I have the time. ",
"fork": false,
"created_at": "2021-01-12T14:00:00Z",
"updated_at": "2022-04-17T09:09:57Z",
"pushed_at": "2020-06-10T07:08:17Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 333238894,
"name": "CVE-2020-9484",

8
2021/CVE-2021-25646.json
View file

@ -133,10 +133,10 @@
"description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection\/QiZhiBaoLeiJi-AnyUserLogin\/QiAnXin-WangKangFirewall-RCE\/金山-V8-终端安全系统\/NCCloud-SQLinjection\/ShowDoc-RCE",
"fork": false,
"created_at": "2021-03-11T22:49:17Z",
"updated_at": "2023-10-17T08:23:58Z",
"updated_at": "2023-10-17T19:15:06Z",
"pushed_at": "2023-05-11T14:36:58Z",
"stargazers_count": 1074,
"watchers_count": 1074,
"stargazers_count": 1075,
"watchers_count": 1075,
"has_discussions": false,
"forks_count": 329,
"allow_forking": true,
@ -149,7 +149,7 @@
],
"visibility": "public",
"forks": 329,
"watchers": 1074,
"watchers": 1075,
"score": 0,
"subscribers_count": 37
},

12
2021/CVE-2021-3156.json
View file

@ -804,19 +804,19 @@
"description": "Root shell PoC for CVE-2021-3156",
"fork": false,
"created_at": "2021-02-03T19:57:56Z",
"updated_at": "2023-09-28T11:24:37Z",
"updated_at": "2023-10-17T19:26:59Z",
"pushed_at": "2022-02-13T12:21:53Z",
"stargazers_count": 130,
"watchers_count": 130,
"stargazers_count": 131,
"watchers_count": 131,
"has_discussions": false,
"forks_count": 56,
"forks_count": 57,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 56,
"watchers": 130,
"forks": 57,
"watchers": 131,
"score": 0,
"subscribers_count": 1
},

8
2021/CVE-2021-31728.json
View file

@ -2,14 +2,14 @@
{
"id": 364331767,
"name": "CVE-2021-31728",
"full_name": "irql0\/CVE-2021-31728",
"full_name": "irql\/CVE-2021-31728",
"owner": {
"login": "irql0",
"login": "irql",
"id": 38012156,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38012156?v=4",
"html_url": "https:\/\/github.com\/irql0"
"html_url": "https:\/\/github.com\/irql"
},
"html_url": "https:\/\/github.com\/irql0\/CVE-2021-31728",
"html_url": "https:\/\/github.com\/irql\/CVE-2021-31728",
"description": "vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.",
"fork": false,
"created_at": "2021-05-04T17:15:58Z",

2
2021/CVE-2021-34473.json
View file

@ -267,6 +267,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

4
2022/CVE-2022-20409.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 120,
"watchers_count": 120,
"has_discussions": false,
"forks_count": 19,
"forks_count": 20,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -27,7 +27,7 @@
"kernel-exploitation"
],
"visibility": "public",
"forks": 19,
"forks": 20,
"watchers": 120,
"score": 0,
"subscribers_count": 4

4
2022/CVE-2022-23093.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -36,7 +36,7 @@
"vulnerability"
],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 9,
"score": 0,
"subscribers_count": 1

4
2022/CVE-2022-3590.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 0,
"score": 0,
"subscribers_count": 1

30
2023/CVE-2023-20198.json
View file

@ -178,5 +178,35 @@
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 706412262,
"name": "Cisco-IOS-XE-Scanner",
"full_name": "ZephrFish\/Cisco-IOS-XE-Scanner",
"owner": {
"login": "ZephrFish",
"id": 5783068,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4",
"html_url": "https:\/\/github.com\/ZephrFish"
},
"html_url": "https:\/\/github.com\/ZephrFish\/Cisco-IOS-XE-Scanner",
"description": "CVE-2023-20198 & 0Day Implant Scanner",
"fork": false,
"created_at": "2023-10-17T22:41:14Z",
"updated_at": "2023-10-17T22:53:16Z",
"pushed_at": "2023-10-17T23:10:02Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-20963.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-20963 PoC (Android WorkSource parcel\/unparcel logic mismatch)",
"fork": false,
"created_at": "2023-06-12T10:44:59Z",
"updated_at": "2023-10-15T02:25:50Z",
"updated_at": "2023-10-17T19:27:26Z",
"pushed_at": "2023-07-27T08:58:10Z",
"stargazers_count": 14,
"watchers_count": 14,
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 14,
"watchers": 15,
"score": 0,
"subscribers_count": 1
}

18
2023/CVE-2023-22515.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 52,
"watchers_count": 52,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"forks": 3,
"watchers": 52,
"score": 0,
"subscribers_count": 2
@ -73,12 +73,12 @@
"description": "CVE-2023-22515: Confluence Broken Access Control Exploit",
"fork": false,
"created_at": "2023-10-10T21:40:09Z",
"updated_at": "2023-10-17T18:16:03Z",
"pushed_at": "2023-10-15T18:12:43Z",
"stargazers_count": 56,
"watchers_count": 56,
"updated_at": "2023-10-17T22:55:23Z",
"pushed_at": "2023-10-17T22:04:13Z",
"stargazers_count": 59,
"watchers_count": 59,
"has_discussions": false,
"forks_count": 12,
"forks_count": 14,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -93,8 +93,8 @@
"vulnerability"
],
"visibility": "public",
"forks": 12,
"watchers": 56,
"forks": 14,
"watchers": 59,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-28121.json
View file

@ -13,10 +13,10 @@
"description": "WooCommerce Payments: Unauthorized Admin Access Exploit",
"fork": false,
"created_at": "2023-03-30T23:50:39Z",
"updated_at": "2023-09-01T14:20:35Z",
"updated_at": "2023-10-17T20:48:52Z",
"pushed_at": "2023-05-31T13:21:43Z",
"stargazers_count": 35,
"watchers_count": 35,
"stargazers_count": 36,
"watchers_count": 36,
"has_discussions": false,
"forks_count": 16,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 16,
"watchers": 35,
"watchers": 36,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-28252.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2023-06-27T12:22:05Z",
"updated_at": "2023-10-12T02:14:06Z",
"updated_at": "2023-10-17T19:36:09Z",
"pushed_at": "2023-07-10T16:57:44Z",
"stargazers_count": 144,
"watchers_count": 144,
"stargazers_count": 145,
"watchers_count": 145,
"has_discussions": false,
"forks_count": 36,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 36,
"watchers": 144,
"watchers": 145,
"score": 0,
"subscribers_count": 2
}

8
2023/CVE-2023-32243.json
View file

@ -43,10 +43,10 @@
"description": "Exploit for CVE-2023-32243 - Unauthorized Account Takeover.",
"fork": false,
"created_at": "2023-05-14T19:32:50Z",
"updated_at": "2023-10-15T16:26:40Z",
"updated_at": "2023-10-17T20:50:59Z",
"pushed_at": "2023-05-31T13:31:10Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-3460.json
View file

@ -13,10 +13,10 @@
"description": "Exploit for CVE-2023-3460. Unauthorized admin access for Ultimate Member plugin < v2.6.7",
"fork": false,
"created_at": "2023-07-05T13:44:50Z",
"updated_at": "2023-10-17T05:07:21Z",
"updated_at": "2023-10-17T20:50:19Z",
"pushed_at": "2023-07-05T13:49:03Z",
"stargazers_count": 24,
"watchers_count": 24,
"stargazers_count": 25,
"watchers_count": 25,
"has_discussions": false,
"forks_count": 9,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 9,
"watchers": 24,
"watchers": 25,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-36845.json
View file

@ -13,10 +13,10 @@
"description": "A tool to discover Juniper firewalls vulnerable to CVE-2023-36845",
"fork": false,
"created_at": "2023-09-16T09:11:21Z",
"updated_at": "2023-10-17T15:25:05Z",
"updated_at": "2023-10-17T21:32:49Z",
"pushed_at": "2023-09-17T09:14:32Z",
"stargazers_count": 52,
"watchers_count": 52,
"stargazers_count": 53,
"watchers_count": 53,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -27,7 +27,7 @@
],
"visibility": "public",
"forks": 5,
"watchers": 52,
"watchers": 53,
"score": 0,
"subscribers_count": 2
},

8
2023/CVE-2023-36874.json
View file

@ -73,10 +73,10 @@
"description": null,
"fork": false,
"created_at": "2023-08-23T12:07:40Z",
"updated_at": "2023-10-15T20:49:23Z",
"updated_at": "2023-10-17T22:16:03Z",
"pushed_at": "2023-08-23T16:46:53Z",
"stargazers_count": 194,
"watchers_count": 194,
"stargazers_count": 195,
"watchers_count": 195,
"has_discussions": false,
"forks_count": 42,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 42,
"watchers": 194,
"watchers": 195,
"score": 0,
"subscribers_count": 4
},

4
2023/CVE-2023-38545.json
View file

@ -168,13 +168,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1

2
2023/CVE-2023-38646.json
View file

@ -654,7 +654,7 @@
"fork": false,
"created_at": "2023-10-12T14:32:17Z",
"updated_at": "2023-10-12T14:33:25Z",
"pushed_at": "2023-10-13T20:54:04Z",
"pushed_at": "2023-10-17T22:12:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2023/CVE-2023-4169.json
View file

@ -13,10 +13,10 @@
"description": "锐捷RG-EW1200G登录绕过(CVE-2023-4415)",
"fork": false,
"created_at": "2023-10-16T05:08:06Z",
"updated_at": "2023-10-17T16:38:57Z",
"updated_at": "2023-10-17T20:56:48Z",
"pushed_at": "2023-10-17T16:39:21Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

10
2023/CVE-2023-41993.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2023-10-15T12:14:18Z",
"updated_at": "2023-10-17T18:28:22Z",
"updated_at": "2023-10-17T23:18:43Z",
"pushed_at": "2023-10-16T21:28:28Z",
"stargazers_count": 94,
"watchers_count": 94,
"stargazers_count": 99,
"watchers_count": 99,
"has_discussions": false,
"forks_count": 18,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 18,
"watchers": 94,
"watchers": 99,
"score": 0,
"subscribers_count": 4
},
@ -74,7 +74,7 @@
"fork": false,
"created_at": "2023-10-16T20:34:02Z",
"updated_at": "2023-10-17T17:22:17Z",
"pushed_at": "2023-10-17T17:14:41Z",
"pushed_at": "2023-10-17T21:04:56Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,

16
2023/CVE-2023-44487.json
View file

@ -141,10 +141,10 @@
"description": "Tool for testing mitigations and exposure to Rapid Reset DDoS (CVE-2023-44487)",
"fork": false,
"created_at": "2023-10-13T23:55:32Z",
"updated_at": "2023-10-17T08:34:44Z",
"updated_at": "2023-10-17T18:49:24Z",
"pushed_at": "2023-10-16T23:36:45Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -153,7 +153,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 10,
"watchers": 11,
"score": 0,
"subscribers_count": 1
},
@ -171,10 +171,10 @@
"description": "A python based exploit to test out rapid reset attack (CVE-2023-44487)",
"fork": false,
"created_at": "2023-10-16T11:07:50Z",
"updated_at": "2023-10-17T06:11:42Z",
"updated_at": "2023-10-17T18:51:47Z",
"pushed_at": "2023-10-16T12:32:50Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -193,7 +193,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-45603.json
View file

@ -13,10 +13,10 @@
"description": "Mass Exploit - CVE-2023-45603 - Wordpress\/plugin\/user-submitted-posts < Unauthenticated Arbitrary File Upload\/Exploit ",
"fork": false,
"created_at": "2023-10-15T01:57:25Z",
"updated_at": "2023-10-17T06:18:30Z",
"updated_at": "2023-10-17T21:03:21Z",
"pushed_at": "2023-10-15T02:16:29Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -36,7 +36,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-4863.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2023-09-21T05:22:51Z",
"updated_at": "2023-10-17T11:04:25Z",
"updated_at": "2023-10-17T22:20:54Z",
"pushed_at": "2023-10-05T23:33:49Z",
"stargazers_count": 237,
"watchers_count": 237,
"stargazers_count": 238,
"watchers_count": 238,
"has_discussions": false,
"forks_count": 38,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 38,
"watchers": 237,
"watchers": 238,
"score": 0,
"subscribers_count": 11
},

16
2023/CVE-2023-4911.json
View file

@ -43,10 +43,10 @@
"description": "PoC for CVE-2023-4911",
"fork": false,
"created_at": "2023-10-04T14:12:16Z",
"updated_at": "2023-10-17T13:05:56Z",
"updated_at": "2023-10-17T23:53:39Z",
"pushed_at": "2023-10-04T14:16:36Z",
"stargazers_count": 329,
"watchers_count": 329,
"stargazers_count": 330,
"watchers_count": 330,
"has_discussions": false,
"forks_count": 51,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 51,
"watchers": 329,
"watchers": 330,
"score": 0,
"subscribers_count": 3
},
@ -73,10 +73,10 @@
"description": "CVE-2023-4911 proof of concept",
"fork": false,
"created_at": "2023-10-04T14:32:49Z",
"updated_at": "2023-10-16T09:44:40Z",
"updated_at": "2023-10-17T23:55:04Z",
"pushed_at": "2023-10-08T23:24:24Z",
"stargazers_count": 146,
"watchers_count": 146,
"stargazers_count": 147,
"watchers_count": 147,
"has_discussions": false,
"forks_count": 26,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 26,
"watchers": 146,
"watchers": 147,
"score": 0,
"subscribers_count": 3
},

75
README.md
View file

@ -891,6 +891,7 @@
- [d0rb/CVE-2023-20198](https://github.com/d0rb/CVE-2023-20198)
- [securityphoenix/cisco-CVE-2023-20198-tester](https://github.com/securityphoenix/cisco-CVE-2023-20198-tester)
- [emomeni/Simple-Ansible-for-CVE-2023-20198](https://github.com/emomeni/Simple-Ansible-for-CVE-2023-20198)
- [ZephrFish/Cisco-IOS-XE-Scanner](https://github.com/ZephrFish/Cisco-IOS-XE-Scanner)
### CVE-2023-20209 (2023-08-16)
@ -13852,7 +13853,7 @@
<code>Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 allows a non-privileged process to open a handle to \.\ZemanaAntiMalware, register itself with the driver by sending IOCTL 0x80002010, allocate executable memory using a flaw in IOCTL 0x80002040, install a hook with IOCTL 0x80002044 and execute the executable memory using this hook with IOCTL 0x80002014 or 0x80002018, this exposes ring 0 code execution in the context of the driver allowing the non-privileged process to elevate privileges.
</code>
- [irql0/CVE-2021-31728](https://github.com/irql0/CVE-2021-31728)
- [irql/CVE-2021-31728](https://github.com/irql/CVE-2021-31728)
### CVE-2021-31760 (2021-04-25)
@ -17796,6 +17797,13 @@
- [skasanagottu57gmailv/gerhart01](https://github.com/skasanagottu57gmailv/gerhart01)
- [MarcelloTinocor/gerhart01](https://github.com/MarcelloTinocor/gerhart01)
### CVE-2020-0910 (2020-04-15)
<code>A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.
</code>
- [kfmgang/CVE-2020-0910](https://github.com/kfmgang/CVE-2020-0910)
### CVE-2020-0976 (2020-04-15)
<code>A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0975, CVE-2020-0977.
@ -17986,6 +17994,7 @@
- [JayP232/The_big_Zero](https://github.com/JayP232/The_big_Zero)
- [b1ack0wl/CVE-2020-1472](https://github.com/b1ack0wl/CVE-2020-1472)
- [SaharAttackit/CVE-2020-1472](https://github.com/SaharAttackit/CVE-2020-1472)
- [wrathfulDiety/zerologon](https://github.com/wrathfulDiety/zerologon)
- [YossiSassi/ZeroLogon-Exploitation-Check](https://github.com/YossiSassi/ZeroLogon-Exploitation-Check)
- [sho-luv/zerologon](https://github.com/sho-luv/zerologon)
- [hell-moon/ZeroLogon-Exploit](https://github.com/hell-moon/ZeroLogon-Exploit)
@ -18027,6 +18036,13 @@
- [jpts/cve-2020-1764-poc](https://github.com/jpts/cve-2020-1764-poc)
### CVE-2020-1937 (2020-02-24)
<code>Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries.
</code>
- [shanika04/apache_kylin](https://github.com/shanika04/apache_kylin)
### CVE-2020-1938 (2020-02-24)
<code>When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.
@ -18829,6 +18845,7 @@
- [shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui](https://github.com/shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui)
- [shacojx/GLiferay-CVE-2020-7961-golang](https://github.com/shacojx/GLiferay-CVE-2020-7961-golang)
- [shacojx/POC-CVE-2020-7961-Token-iterate](https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate)
- [Udyz/CVE-2020-7961-Mass](https://github.com/Udyz/CVE-2020-7961-Mass)
- [ShutdownRepo/CVE-2020-7961](https://github.com/ShutdownRepo/CVE-2020-7961)
- [pashayogi/CVE-2020-7961-Mass](https://github.com/pashayogi/CVE-2020-7961-Mass)
@ -18877,6 +18894,7 @@
- [masahiro331/CVE-2020-8165](https://github.com/masahiro331/CVE-2020-8165)
- [umiterkol/CVE-2020-8165--Auto-Shell](https://github.com/umiterkol/CVE-2020-8165--Auto-Shell)
- [taipansec/CVE-2020-8165](https://github.com/taipansec/CVE-2020-8165)
- [hybryx/CVE-2020-8165](https://github.com/hybryx/CVE-2020-8165)
- [AssassinUKG/CVE-2020-8165](https://github.com/AssassinUKG/CVE-2020-8165)
- [progfay/CVE-2020-8165](https://github.com/progfay/CVE-2020-8165)
- [danielklim/cve-2020-8165-demo](https://github.com/danielklim/cve-2020-8165-demo)
@ -18929,6 +18947,13 @@
- [masahiro331/CVE-2020-8277](https://github.com/masahiro331/CVE-2020-8277)
- [AndrewIjano/CVE-2020-8277](https://github.com/AndrewIjano/CVE-2020-8277)
### CVE-2020-8287 (2021-01-06)
<code>Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.
</code>
- [progfay/nodejs-http-transfer-encoding-smuggling-poc](https://github.com/progfay/nodejs-http-transfer-encoding-smuggling-poc)
### CVE-2020-8289 (2020-12-26)
<code>Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is disabled leading to possible remote code execution via client update functionality.
@ -19249,6 +19274,7 @@
<code>**Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL protocol, there is a SQL injection vulnerability, which allows to access unpexcted data. Apache SkyWalking 6.0.0 to 6.6.0, 7.0.0 H2/MySQL/TiDB storage implementations don't use the appropriate way to set SQL parameters.
</code>
- [shanika04/apache_skywalking](https://github.com/shanika04/apache_skywalking)
- [Neko-chanQwQ/CVE-2020-9483](https://github.com/Neko-chanQwQ/CVE-2020-9483)
### CVE-2020-9484 (2020-05-20)
@ -19264,6 +19290,7 @@
- [osamahamad/CVE-2020-9484-Mass-Scan](https://github.com/osamahamad/CVE-2020-9484-Mass-Scan)
- [anjai94/CVE-2020-9484-exploit](https://github.com/anjai94/CVE-2020-9484-exploit)
- [PenTestical/CVE-2020-9484](https://github.com/PenTestical/CVE-2020-9484)
- [DanQMoo/CVE-2020-9484-Scanner](https://github.com/DanQMoo/CVE-2020-9484-Scanner)
- [AssassinUKG/CVE-2020-9484](https://github.com/AssassinUKG/CVE-2020-9484)
- [VICXOR/CVE-2020-9484](https://github.com/VICXOR/CVE-2020-9484)
- [DXY0411/CVE-2020-9484](https://github.com/DXY0411/CVE-2020-9484)
@ -19405,6 +19432,8 @@
</code>
- [rdoix/CVE-2020-10148-Solarwinds-Orion](https://github.com/rdoix/CVE-2020-10148-Solarwinds-Orion)
- [Udyz/CVE-2020-10148-Solarwinds-Orion](https://github.com/Udyz/CVE-2020-10148-Solarwinds-Orion)
- [B1anda0/CVE-2020-10148](https://github.com/B1anda0/CVE-2020-10148)
### CVE-2020-10189 (2020-03-06)
@ -20792,6 +20821,7 @@
<code>Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit a5264a6f41524afe8ceadf1d8ddc8c80f323ebc4 from apache/flink:master.
</code>
- [QmF0c3UK/CVE-2020-17518](https://github.com/QmF0c3UK/CVE-2020-17518)
- [murataydemir/CVE-2020-17518](https://github.com/murataydemir/CVE-2020-17518)
- [rakjong/Flink-CVE-2020-17518-getshell](https://github.com/rakjong/Flink-CVE-2020-17518-getshell)
@ -20801,6 +20831,7 @@
</code>
- [B1anda0/CVE-2020-17519](https://github.com/B1anda0/CVE-2020-17519)
- [QmF0c3UK/CVE-2020-17519](https://github.com/QmF0c3UK/CVE-2020-17519)
- [dolevf/apache-flink-directory-traversal.nse](https://github.com/dolevf/apache-flink-directory-traversal.nse)
- [hoanx4/CVE-2020-17519](https://github.com/hoanx4/CVE-2020-17519)
- [murataydemir/CVE-2020-17519](https://github.com/murataydemir/CVE-2020-17519)
@ -21273,6 +21304,13 @@
### CVE-2020-25488
- [Ko-kn3t/CVE-2020-25488](https://github.com/Ko-kn3t/CVE-2020-25488)
### CVE-2020-25498 (2021-01-06)
<code>Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and &quot;Keyword&quot; in URL Filter.
</code>
- [the-girl-who-lived/CVE-2020-25498](https://github.com/the-girl-who-lived/CVE-2020-25498)
### CVE-2020-25514 (2020-09-22)
<code>Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://&lt;site&gt;/lms/admin.php.
@ -21820,6 +21858,13 @@
- [nanopathi/linux-4.19.72_CVE-2020-29370](https://github.com/nanopathi/linux-4.19.72_CVE-2020-29370)
### CVE-2020-29583 (2020-12-22)
<code>Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.
</code>
- [ruppde/scan_CVE-2020-29583](https://github.com/ruppde/scan_CVE-2020-29583)
### CVE-2020-29599 (2020-12-07)
<code>ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.
@ -21862,6 +21907,13 @@
- [megadimenex/MegaHiDocker](https://github.com/megadimenex/MegaHiDocker)
### CVE-2020-35262 (2021-01-06)
<code>Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and &quot;Keyword&quot; in URL Filter.
</code>
- [the-girl-who-lived/CVE-2020-35262](https://github.com/the-girl-who-lived/CVE-2020-35262)
### CVE-2020-35314 (2021-04-20)
<code>A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary code and obtain a webshell via the theme/plugin installer.
@ -21952,6 +22004,13 @@
- [Al1ex/CVE-2020-35713](https://github.com/Al1ex/CVE-2020-35713)
### CVE-2020-35717 (2021-01-01)
<code>zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true).
</code>
- [hmartos/cve-2020-35717](https://github.com/hmartos/cve-2020-35717)
### CVE-2020-35728 (2020-12-26)
<code>FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).
@ -31689,6 +31748,13 @@
- [FiloSottile/CVE-2016-2107](https://github.com/FiloSottile/CVE-2016-2107)
- [tmiklas/docker-cve-2016-2107](https://github.com/tmiklas/docker-cve-2016-2107)
### CVE-2016-2118 (2016-04-12)
<code>The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka &quot;BADLOCK.&quot;
</code>
- [nickanderson/cfengine-CVE-2016-2118](https://github.com/nickanderson/cfengine-CVE-2016-2118)
### CVE-2016-2173 (2017-04-21)
<code>org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code.
@ -31810,6 +31876,13 @@
- [mxypoo/CVE-2016-3116-DropbearSSH](https://github.com/mxypoo/CVE-2016-3116-DropbearSSH)
### CVE-2016-3141 (2016-03-31)
<code>Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element.
</code>
- [peternguyen93/CVE-2016-3141](https://github.com/peternguyen93/CVE-2016-3141)
### CVE-2016-3238 (2016-07-12)
<code>The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle attackers to execute arbitrary code by providing a crafted print driver during printer installation, aka &quot;Windows Print Spooler Remote Code Execution Vulnerability.&quot;