mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2022/05/12 18:18:19

Browse source
This commit is contained in:
motikan2010-bot 2022-05-13 03:18:19 +09:00
parent f4d9d19fb0
commit 150c8b76cd
35 changed files with 271 additions and 193 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
2002/CVE-2002-20001.json
View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2021-08-31T09:51:12Z",
"updated_at": "2022-05-11T20:58:08Z",
"pushed_at": "2022-05-06T08:11:45Z",
"pushed_at": "2022-05-12T14:31:23Z",
"stargazers_count": 95,
"watchers_count": 95,
"forks_count": 8,

29
2013/CVE-2013-2596.json
View file

@ -1,29 +0,0 @@
[
{
"id": 11447847,
"name": "libfb_mem_exploit",
"full_name": "hiikezoe\/libfb_mem_exploit",
"owner": {
"login": "hiikezoe",
"id": 188175,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188175?v=4",
"html_url": "https:\/\/github.com\/hiikezoe"
},
"html_url": "https:\/\/github.com\/hiikezoe\/libfb_mem_exploit",
"description": "CVE-2013-2596 exploit for android",
"fork": false,
"created_at": "2013-07-16T11:24:09Z",
"updated_at": "2021-08-04T05:58:22Z",
"pushed_at": "2013-07-17T03:18:50Z",
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 23,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 23,
"watchers": 5,
"score": 0
}
]

8
2014/CVE-2014-6271.json
View file

@ -1071,10 +1071,10 @@
"description": "Shellshock exploit + vulnerable environment",
"fork": false,
"created_at": "2016-12-07T23:38:50Z",
"updated_at": "2022-05-06T00:54:08Z",
"updated_at": "2022-05-12T13:47:15Z",
"pushed_at": "2017-10-30T22:46:11Z",
"stargazers_count": 130,
"watchers_count": 130,
"stargazers_count": 131,
"watchers_count": 131,
"forks_count": 52,
"allow_forking": true,
"is_template": false,
@ -1088,7 +1088,7 @@
],
"visibility": "public",
"forks": 52,
"watchers": 130,
"watchers": 131,
"score": 0
},
{

4
2016/CVE-2016-3714.json
View file

@ -98,12 +98,12 @@
"pushed_at": "2016-05-29T17:27:10Z",
"stargazers_count": 19,
"watchers_count": 19,
"forks_count": 7,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 7,
"forks": 8,
"watchers": 19,
"score": 0
},

8
2017/CVE-2017-12149.json
View file

@ -94,17 +94,17 @@
"description": "Jboss Java Deserialization RCE (CVE-2017-12149)",
"fork": false,
"created_at": "2019-08-22T21:06:09Z",
"updated_at": "2021-12-08T16:51:00Z",
"updated_at": "2022-05-12T15:53:05Z",
"pushed_at": "2019-08-22T21:08:14Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 7,
"watchers_count": 7,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 8,
"watchers": 7,
"score": 0
},
{

4
2018/CVE-2018-15473.json
View file

@ -114,12 +114,12 @@
"pushed_at": "2019-03-24T11:20:27Z",
"stargazers_count": 46,
"watchers_count": 46,
"forks_count": 18,
"forks_count": 19,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 18,
"forks": 19,
"watchers": 46,
"score": 0
},

8
2018/CVE-2018-8897.json
View file

@ -94,17 +94,17 @@
"description": "Implements the POP\/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).",
"fork": false,
"created_at": "2018-08-08T20:04:56Z",
"updated_at": "2022-02-17T02:17:51Z",
"updated_at": "2022-05-12T15:00:00Z",
"pushed_at": "2018-08-08T20:12:20Z",
"stargazers_count": 112,
"watchers_count": 112,
"stargazers_count": 113,
"watchers_count": 113,
"forks_count": 25,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 25,
"watchers": 112,
"watchers": 113,
"score": 0
}
]

8
2018/CVE-2018-9276.json
View file

@ -13,17 +13,17 @@
"description": "CVE-2018-9276 PRTG < 18.2.39 Authenticated Command Injection (Reverse Shell)",
"fork": false,
"created_at": "2019-03-31T08:51:07Z",
"updated_at": "2022-01-27T05:07:25Z",
"updated_at": "2022-05-12T13:52:08Z",
"pushed_at": "2020-12-03T11:22:15Z",
"stargazers_count": 30,
"watchers_count": 30,
"stargazers_count": 31,
"watchers_count": 31,
"forks_count": 9,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 9,
"watchers": 30,
"watchers": 31,
"score": 0
},
{

8
2019/CVE-2019-0708.json
View file

@ -2861,17 +2861,17 @@
"description": "CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell",
"fork": false,
"created_at": "2020-01-21T02:22:29Z",
"updated_at": "2022-05-12T04:43:42Z",
"updated_at": "2022-05-12T13:40:59Z",
"pushed_at": "2020-01-21T03:15:41Z",
"stargazers_count": 258,
"watchers_count": 258,
"stargazers_count": 259,
"watchers_count": 259,
"forks_count": 69,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 69,
"watchers": 258,
"watchers": 259,
"score": 0
},
{

8
2019/CVE-2019-7304.json
View file

@ -13,10 +13,10 @@
"description": "Linux privilege escalation exploit via snapd (CVE-2019-7304)",
"fork": false,
"created_at": "2019-02-12T06:02:06Z",
"updated_at": "2022-05-12T02:43:02Z",
"updated_at": "2022-05-12T15:35:17Z",
"pushed_at": "2019-05-09T21:34:26Z",
"stargazers_count": 622,
"watchers_count": 622,
"stargazers_count": 623,
"watchers_count": 623,
"forks_count": 156,
"allow_forking": true,
"is_template": false,
@ -27,7 +27,7 @@
],
"visibility": "public",
"forks": 156,
"watchers": 622,
"watchers": 623,
"score": 0
},
{

8
2020/CVE-2020-0601.json
View file

@ -153,10 +153,10 @@
"description": "PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)",
"fork": false,
"created_at": "2020-01-15T23:07:41Z",
"updated_at": "2022-03-04T16:01:21Z",
"updated_at": "2022-05-12T16:55:27Z",
"pushed_at": "2020-01-20T23:33:19Z",
"stargazers_count": 875,
"watchers_count": 875,
"stargazers_count": 876,
"watchers_count": 876,
"forks_count": 222,
"allow_forking": true,
"is_template": false,
@ -165,7 +165,7 @@
],
"visibility": "public",
"forks": 222,
"watchers": 875,
"watchers": 876,
"score": 0
},
{

8
2020/CVE-2020-0683.json
View file

@ -13,17 +13,17 @@
"description": "CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege",
"fork": false,
"created_at": "2020-02-11T16:42:34Z",
"updated_at": "2022-05-10T17:16:34Z",
"updated_at": "2022-05-12T12:23:04Z",
"pushed_at": "2021-12-23T16:28:28Z",
"stargazers_count": 297,
"watchers_count": 297,
"stargazers_count": 298,
"watchers_count": 298,
"forks_count": 53,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 53,
"watchers": 297,
"watchers": 298,
"score": 0
}
]

4
2020/CVE-2020-0688.json
View file

@ -569,12 +569,12 @@
"pushed_at": "2022-05-12T04:04:15Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0
}

8
2020/CVE-2020-0787.json
View file

@ -13,17 +13,17 @@
"description": "Support ALL Windows Version",
"fork": false,
"created_at": "2020-06-16T08:57:51Z",
"updated_at": "2022-05-12T10:35:34Z",
"updated_at": "2022-05-12T12:29:44Z",
"pushed_at": "2020-09-11T07:38:22Z",
"stargazers_count": 618,
"watchers_count": 618,
"stargazers_count": 619,
"watchers_count": 619,
"forks_count": 163,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 163,
"watchers": 618,
"watchers": 619,
"score": 0
},
{

28
2020/CVE-2020-1472.json
View file

@ -40,17 +40,17 @@
"description": "Test tool for CVE-2020-1472",
"fork": false,
"created_at": "2020-09-08T08:58:37Z",
"updated_at": "2022-05-10T21:13:39Z",
"updated_at": "2022-05-12T13:21:00Z",
"pushed_at": "2021-12-08T10:31:54Z",
"stargazers_count": 1450,
"watchers_count": 1450,
"stargazers_count": 1451,
"watchers_count": 1451,
"forks_count": 332,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 332,
"watchers": 1450,
"watchers": 1451,
"score": 0
},
{
@ -94,17 +94,17 @@
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
"fork": false,
"created_at": "2020-09-14T16:56:51Z",
"updated_at": "2022-05-10T15:02:26Z",
"updated_at": "2022-05-12T13:21:21Z",
"pushed_at": "2020-11-03T09:45:24Z",
"stargazers_count": 924,
"watchers_count": 924,
"stargazers_count": 925,
"watchers_count": 925,
"forks_count": 260,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 260,
"watchers": 924,
"watchers": 925,
"score": 0
},
{
@ -155,17 +155,17 @@
"description": "Exploit for zerologon cve-2020-1472",
"fork": false,
"created_at": "2020-09-14T19:19:07Z",
"updated_at": "2022-05-11T13:30:28Z",
"updated_at": "2022-05-12T15:54:24Z",
"pushed_at": "2020-10-15T18:31:15Z",
"stargazers_count": 426,
"watchers_count": 426,
"stargazers_count": 427,
"watchers_count": 427,
"forks_count": 125,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 125,
"watchers": 426,
"watchers": 427,
"score": 0
},
{
@ -402,12 +402,12 @@
"pushed_at": "2020-09-16T15:03:32Z",
"stargazers_count": 76,
"watchers_count": 76,
"forks_count": 25,
"forks_count": 26,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 25,
"forks": 26,
"watchers": 76,
"score": 0
},

8
2020/CVE-2020-17519.json
View file

@ -256,10 +256,10 @@
"description": "Tool check: CVE-2021-41773, CVE-2021-42013, CVE-2020-17519",
"fork": false,
"created_at": "2021-10-13T17:03:56Z",
"updated_at": "2022-02-28T17:25:24Z",
"updated_at": "2022-05-12T17:04:25Z",
"pushed_at": "2021-10-14T21:11:44Z",
"stargazers_count": 54,
"watchers_count": 54,
"stargazers_count": 55,
"watchers_count": 55,
"forks_count": 14,
"allow_forking": true,
"is_template": false,
@ -270,7 +270,7 @@
],
"visibility": "public",
"forks": 14,
"watchers": 54,
"watchers": 55,
"score": 0
},
{

4
2020/CVE-2020-3952.json
View file

@ -71,12 +71,12 @@
"pushed_at": "2020-04-16T08:38:42Z",
"stargazers_count": 261,
"watchers_count": 261,
"forks_count": 63,
"forks_count": 64,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 63,
"forks": 64,
"watchers": 261,
"score": 0
},

8
2020/CVE-2020-5902.json
View file

@ -1002,17 +1002,17 @@
"description": "Checker CVE-2020-5902: BIG-IP versions 15.0.0 through 15.1.0.3, 14.1.0 through 14.1.2.5, 13.1.0 through 13.1.3.3, 12.1.0 through 12.1.5.1, and 11.6.1 through 11.6.5.1 suffer from Traffic Management User Interface (TMUI) arbitrary file read and command execution vulnerabilities.",
"fork": false,
"created_at": "2020-07-10T07:00:35Z",
"updated_at": "2021-11-15T05:30:30Z",
"updated_at": "2022-05-12T17:04:34Z",
"pushed_at": "2020-07-10T15:31:07Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 4,
"watchers": 5,
"score": 0
},
{

8
2021/CVE-2021-3129.json
View file

@ -13,17 +13,17 @@
"description": "Exploit for CVE-2021-3129",
"fork": false,
"created_at": "2021-01-13T12:52:20Z",
"updated_at": "2022-05-07T23:47:53Z",
"updated_at": "2022-05-12T12:42:18Z",
"pushed_at": "2021-01-29T13:59:07Z",
"stargazers_count": 210,
"watchers_count": 210,
"stargazers_count": 211,
"watchers_count": 211,
"forks_count": 63,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 63,
"watchers": 210,
"watchers": 211,
"score": 0
},
{

16
2021/CVE-2021-3156.json
View file

@ -71,12 +71,12 @@
"pushed_at": "2021-01-31T04:56:56Z",
"stargazers_count": 115,
"watchers_count": 115,
"forks_count": 45,
"forks_count": 44,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 45,
"forks": 44,
"watchers": 115,
"score": 0
},
@ -969,17 +969,17 @@
"description": "Sudo Baron Samedit Exploit",
"fork": false,
"created_at": "2021-03-15T17:37:02Z",
"updated_at": "2022-05-12T09:50:27Z",
"updated_at": "2022-05-12T14:30:11Z",
"pushed_at": "2022-01-13T05:48:01Z",
"stargazers_count": 496,
"watchers_count": 496,
"forks_count": 134,
"stargazers_count": 497,
"watchers_count": 497,
"forks_count": 133,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 134,
"watchers": 496,
"forks": 133,
"watchers": 497,
"score": 0
},
{

12
2021/CVE-2021-4034.json
View file

@ -73,7 +73,7 @@
"description": "CVE-2021-4034 1day",
"fork": false,
"created_at": "2022-01-25T23:51:37Z",
"updated_at": "2022-05-11T00:41:42Z",
"updated_at": "2022-05-12T13:42:50Z",
"pushed_at": "2022-01-30T14:22:23Z",
"stargazers_count": 1520,
"watchers_count": 1520,
@ -875,10 +875,10 @@
"description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation",
"fork": false,
"created_at": "2022-01-26T14:26:10Z",
"updated_at": "2022-05-11T13:37:00Z",
"updated_at": "2022-05-12T15:15:43Z",
"pushed_at": "2022-01-27T20:09:24Z",
"stargazers_count": 503,
"watchers_count": 503,
"stargazers_count": 505,
"watchers_count": 505,
"forks_count": 98,
"allow_forking": true,
"is_template": false,
@ -887,7 +887,7 @@
],
"visibility": "public",
"forks": 98,
"watchers": 503,
"watchers": 505,
"score": 0
},
{
@ -3120,7 +3120,7 @@
"description": "CVE-2021-4034 centos8可用版本",
"fork": false,
"created_at": "2022-02-15T02:34:48Z",
"updated_at": "2022-04-04T07:59:35Z",
"updated_at": "2022-05-12T16:31:20Z",
"pushed_at": "2022-02-15T02:39:28Z",
"stargazers_count": 6,
"watchers_count": 6,

2
2021/CVE-2021-41773.json
View file

@ -40,7 +40,7 @@
"description": "Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE",
"fork": false,
"created_at": "2021-10-06T02:28:41Z",
"updated_at": "2022-05-07T16:03:31Z",
"updated_at": "2022-05-12T16:02:24Z",
"pushed_at": "2021-12-22T23:54:18Z",
"stargazers_count": 20,
"watchers_count": 20,

8
2021/CVE-2021-42278.json
View file

@ -99,10 +99,10 @@
"description": "Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)",
"fork": false,
"created_at": "2021-12-13T23:15:05Z",
"updated_at": "2022-05-10T09:40:12Z",
"updated_at": "2022-05-12T15:16:22Z",
"pushed_at": "2022-01-13T12:35:19Z",
"stargazers_count": 224,
"watchers_count": 224,
"stargazers_count": 225,
"watchers_count": 225,
"forks_count": 31,
"allow_forking": true,
"is_template": false,
@ -111,7 +111,7 @@
],
"visibility": "public",
"forks": 31,
"watchers": 224,
"watchers": 225,
"score": 0
},
{

8
2021/CVE-2021-42287.json
View file

@ -13,17 +13,17 @@
"description": "CVE-2021-42287\/CVE-2021-42278 Scanner & Exploiter.",
"fork": false,
"created_at": "2021-12-11T19:27:30Z",
"updated_at": "2022-05-11T06:00:33Z",
"updated_at": "2022-05-12T17:08:56Z",
"pushed_at": "2021-12-16T09:50:15Z",
"stargazers_count": 1085,
"watchers_count": 1085,
"stargazers_count": 1086,
"watchers_count": 1086,
"forks_count": 288,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 288,
"watchers": 1085,
"watchers": 1086,
"score": 0
},
{

16
2021/CVE-2021-44228.json
View file

@ -1882,7 +1882,7 @@
"description": "CVE-2021-44228log4j2 burp插件 Java版本dnslog选取了非dnslog.cn域名",
"fork": false,
"created_at": "2021-12-12T01:24:39Z",
"updated_at": "2022-05-12T02:42:07Z",
"updated_at": "2022-05-12T16:11:17Z",
"pushed_at": "2021-12-11T10:39:41Z",
"stargazers_count": 13,
"watchers_count": 13,
@ -3406,17 +3406,17 @@
"description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ",
"fork": false,
"created_at": "2021-12-13T03:57:50Z",
"updated_at": "2022-05-12T06:32:29Z",
"updated_at": "2022-05-12T16:19:47Z",
"pushed_at": "2022-02-06T03:18:29Z",
"stargazers_count": 2864,
"watchers_count": 2864,
"forks_count": 706,
"stargazers_count": 2867,
"watchers_count": 2867,
"forks_count": 707,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 706,
"watchers": 2864,
"forks": 707,
"watchers": 2867,
"score": 0
},
{
@ -10375,7 +10375,7 @@
"fork": false,
"created_at": "2022-02-16T01:13:08Z",
"updated_at": "2022-02-16T01:21:29Z",
"pushed_at": "2022-05-11T10:02:56Z",
"pushed_at": "2022-05-12T13:15:57Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

89
2022/CVE-2022-1388.json
View file

@ -67,17 +67,17 @@
"description": "CVE-2022-1388 F5 BIG-IP RCE 批量检测",
"fork": false,
"created_at": "2022-05-07T17:54:08Z",
"updated_at": "2022-05-12T02:11:03Z",
"updated_at": "2022-05-12T13:32:36Z",
"pushed_at": "2022-05-09T11:15:27Z",
"stargazers_count": 65,
"watchers_count": 65,
"stargazers_count": 66,
"watchers_count": 66,
"forks_count": 20,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 65,
"watchers": 66,
"score": 0
},
{
@ -202,17 +202,17 @@
"description": "CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE",
"fork": false,
"created_at": "2022-05-09T10:22:31Z",
"updated_at": "2022-05-12T07:59:47Z",
"updated_at": "2022-05-12T17:28:58Z",
"pushed_at": "2022-05-12T05:56:13Z",
"stargazers_count": 53,
"watchers_count": 53,
"stargazers_count": 56,
"watchers_count": 56,
"forks_count": 21,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 21,
"watchers": 53,
"watchers": 56,
"score": 0
},
{
@ -283,17 +283,17 @@
"description": "Exploit and Check Script for CVE 2022-1388",
"fork": false,
"created_at": "2022-05-09T11:30:09Z",
"updated_at": "2022-05-12T12:01:26Z",
"pushed_at": "2022-05-09T17:58:13Z",
"stargazers_count": 31,
"watchers_count": 31,
"forks_count": 17,
"updated_at": "2022-05-12T14:53:15Z",
"pushed_at": "2022-05-12T16:15:24Z",
"stargazers_count": 35,
"watchers_count": 35,
"forks_count": 18,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 17,
"watchers": 31,
"forks": 18,
"watchers": 35,
"score": 0
},
{
@ -310,17 +310,17 @@
"description": "POC for CVE-2022-1388",
"fork": false,
"created_at": "2022-05-09T11:46:45Z",
"updated_at": "2022-05-12T09:03:28Z",
"updated_at": "2022-05-12T17:38:49Z",
"pushed_at": "2022-05-09T20:52:07Z",
"stargazers_count": 164,
"watchers_count": 164,
"stargazers_count": 167,
"watchers_count": 167,
"forks_count": 26,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 26,
"watchers": 164,
"watchers": 167,
"score": 0
},
{
@ -583,11 +583,11 @@
"description": "CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IPs iControl API that was assigned a CVSSv3 score of 9.8. The iControl REST API is used for the management and configuration of BIG-IP devices. CVE-2022-1388 could be exploited by an unauthenticated attacker with network access to the management port or self IP addresses of devices that use BIG-IP. Exploitation would allow the attacker to execute arbitrary system commands, create and delete files and disable services.",
"fork": false,
"created_at": "2022-05-10T04:10:46Z",
"updated_at": "2022-05-10T14:54:09Z",
"pushed_at": "2022-05-10T05:00:33Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,
"updated_at": "2022-05-12T17:04:20Z",
"pushed_at": "2022-05-12T17:06:29Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"topics": [
@ -600,8 +600,8 @@
"nuclei-templates"
],
"visibility": "public",
"forks": 0,
"watchers": 2,
"forks": 1,
"watchers": 3,
"score": 0
},
{
@ -1154,7 +1154,7 @@
"fork": false,
"created_at": "2022-05-12T12:17:11Z",
"updated_at": "2022-05-12T12:17:11Z",
"pushed_at": "2022-05-12T12:20:18Z",
"pushed_at": "2022-05-12T12:32:38Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
@ -1165,5 +1165,40 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 491598048,
"name": "CVE-2022-1388",
"full_name": "Zeyad-Azima\/CVE-2022-1388",
"owner": {
"login": "Zeyad-Azima",
"id": 62406753,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62406753?v=4",
"html_url": "https:\/\/github.com\/Zeyad-Azima"
},
"html_url": "https:\/\/github.com\/Zeyad-Azima\/CVE-2022-1388",
"description": "F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LAB",
"fork": false,
"created_at": "2022-05-12T16:54:52Z",
"updated_at": "2022-05-12T17:51:32Z",
"pushed_at": "2022-05-12T17:43:36Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [
"cve",
"cve-2022-1388",
"exploit",
"f5",
"f5-bigip",
"icontrol",
"rest-api"
],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0
}
]

8
2022/CVE-2022-21449.json
View file

@ -67,17 +67,17 @@
"description": "CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server",
"fork": false,
"created_at": "2022-04-20T20:31:15Z",
"updated_at": "2022-05-11T14:29:53Z",
"updated_at": "2022-05-12T14:31:58Z",
"pushed_at": "2022-04-21T12:04:10Z",
"stargazers_count": 109,
"watchers_count": 109,
"stargazers_count": 108,
"watchers_count": 108,
"forks_count": 24,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 24,
"watchers": 109,
"watchers": 108,
"score": 0
},
{

8
2022/CVE-2022-21907.json
View file

@ -195,17 +195,17 @@
"description": "A REAL DoS exploit for CVE-2022-21907",
"fork": false,
"created_at": "2022-04-04T10:53:28Z",
"updated_at": "2022-04-30T09:53:26Z",
"updated_at": "2022-05-12T14:34:15Z",
"pushed_at": "2022-04-13T05:48:04Z",
"stargazers_count": 112,
"watchers_count": 112,
"stargazers_count": 111,
"watchers_count": 111,
"forks_count": 27,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 27,
"watchers": 112,
"watchers": 111,
"score": 0
},
{

8
2022/CVE-2022-21999.json
View file

@ -13,10 +13,10 @@
"description": "Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)",
"fork": false,
"created_at": "2022-02-08T17:25:44Z",
"updated_at": "2022-05-11T16:22:48Z",
"updated_at": "2022-05-12T15:15:30Z",
"pushed_at": "2022-02-09T16:54:09Z",
"stargazers_count": 585,
"watchers_count": 585,
"stargazers_count": 586,
"watchers_count": 586,
"forks_count": 118,
"allow_forking": true,
"is_template": false,
@ -26,7 +26,7 @@
],
"visibility": "public",
"forks": 118,
"watchers": 585,
"watchers": 586,
"score": 0
}
]

8
2022/CVE-2022-22965.json
View file

@ -859,10 +859,10 @@
"description": "Nmap Spring4Shell NSE script for Spring Boot RCE (CVE-2022-22965) ",
"fork": false,
"created_at": "2022-04-03T01:27:28Z",
"updated_at": "2022-04-06T01:28:12Z",
"updated_at": "2022-05-12T15:42:24Z",
"pushed_at": "2022-04-08T19:24:41Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
@ -876,7 +876,7 @@
],
"visibility": "public",
"forks": 3,
"watchers": 1,
"watchers": 2,
"score": 0
},
{

29
2022/CVE-2022-23253.json Normal file
View file

@ -0,0 +1,29 @@
[
{
"id": 491521893,
"name": "CVE-2022-23253-PoC",
"full_name": "nettitude\/CVE-2022-23253-PoC",
"owner": {
"login": "nettitude",
"id": 11998401,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11998401?v=4",
"html_url": "https:\/\/github.com\/nettitude"
},
"html_url": "https:\/\/github.com\/nettitude\/CVE-2022-23253-PoC",
"description": "CVE-2022-23253 PoC",
"fork": false,
"created_at": "2022-05-12T13:18:47Z",
"updated_at": "2022-05-12T13:18:47Z",
"pushed_at": "2022-05-12T13:18:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

12
2022/CVE-2022-26133.json
View file

@ -13,17 +13,17 @@
"description": "Atlassian Bitbucket Data Center RCE(CVE-2022-26133) verification and exploitation.",
"fork": false,
"created_at": "2022-05-09T12:07:51Z",
"updated_at": "2022-05-12T12:16:39Z",
"updated_at": "2022-05-12T16:59:12Z",
"pushed_at": "2022-05-11T02:02:59Z",
"stargazers_count": 83,
"watchers_count": 83,
"forks_count": 18,
"stargazers_count": 88,
"watchers_count": 88,
"forks_count": 20,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 18,
"watchers": 83,
"forks": 20,
"watchers": 88,
"score": 0
}
]

8
2022/CVE-2022-26923.json
View file

@ -13,17 +13,17 @@
"description": "Walkthrough on the exploitation of CVE-2022-26923, a vulnerability in AD Certificate Services",
"fork": false,
"created_at": "2022-05-12T02:31:50Z",
"updated_at": "2022-05-12T05:33:57Z",
"updated_at": "2022-05-12T16:30:25Z",
"pushed_at": "2022-05-12T03:24:04Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 3,
"score": 0
}
]

34
2022/CVE-2022-30525.json Normal file
View file

@ -0,0 +1,34 @@
[
{
"id": 490649255,
"name": "victorian_machinery",
"full_name": "jbaines-r7\/victorian_machinery",
"owner": {
"login": "jbaines-r7",
"id": 91965877,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91965877?v=4",
"html_url": "https:\/\/github.com\/jbaines-r7"
},
"html_url": "https:\/\/github.com\/jbaines-r7\/victorian_machinery",
"description": "Proof of concept exploit for CVE-2022-30525 (Zxyel firewall command injection)",
"fork": false,
"created_at": "2022-05-10T10:31:19Z",
"updated_at": "2022-05-12T14:36:33Z",
"pushed_at": "2022-05-12T10:37:44Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [
"cve-2022-30525",
"exploit",
"poc",
"zyxel"
],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0
}
]

27
README.md
View file

@ -319,6 +319,7 @@ On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.
- [omnigodz/CVE-2022-1388](https://github.com/omnigodz/CVE-2022-1388)
- [pauloink/CVE-2022-1388](https://github.com/pauloink/CVE-2022-1388)
- [SecTheBit/CVE-2022-1388](https://github.com/SecTheBit/CVE-2022-1388)
- [Zeyad-Azima/CVE-2022-1388](https://github.com/Zeyad-Azima/CVE-2022-1388)
### CVE-2022-2333
- [shirouQwQ/CVE-2022-2333](https://github.com/shirouQwQ/CVE-2022-2333)
@ -776,6 +777,14 @@ In the case of instances where the SAML SSO authentication is enabled (non-defau
- [kh4sh3i/CVE-2022-23131](https://github.com/kh4sh3i/CVE-2022-23131)
- [Kazaf6s/CVE-2022-23131](https://github.com/Kazaf6s/CVE-2022-23131)
### CVE-2022-23253 (2022-03-09)
<code>
Point-to-Point Tunneling Protocol Denial of Service Vulnerability.
</code>
- [nettitude/CVE-2022-23253-PoC](https://github.com/nettitude/CVE-2022-23253-PoC)
### CVE-2022-23305 (2022-01-18)
<code>
@ -1568,6 +1577,14 @@ thread_call in sqbaselib.cpp in SQUIRREL 3.2 lacks a certain sq_reservestack cal
- [sprushed/CVE-2022-30292](https://github.com/sprushed/CVE-2022-30292)
### CVE-2022-30525 (2022-05-12)
<code>
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
</code>
- [jbaines-r7/victorian_machinery](https://github.com/jbaines-r7/victorian_machinery)
## 2021
### CVE-2021-0306 (2021-01-11)
@ -4836,7 +4853,7 @@ The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as param
### CVE-2021-42574 (2021-10-31)
<code>
An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers.
** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard and the Unicode Bidirectional Algorithm (all versions). Due to text display behavior when text includes left-to-right and right-to-left characters, the visual order of tokens may be different from their logical order. Additionally, control characters needed to fully support the requirements of bidirectional text can further obfuscate the logical order of tokens. Unless mitigated, an adversary could craft source code such that the ordering of tokens perceived by human reviewers does not match what will be processed by a compiler/interpreter/etc. The Unicode Consortium has documented this class of vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms, and in Unicode Standard Annex #31, Unicode Identifier and Pattern Syntax. Also, the BIDI specification allows applications to tailor the implementation in ways that can mitigate misleading visual reordering in program text; see HL4 in Unicode Standard Annex #9, Unicode Bidirectional Algorithm.
</code>
- [maweil/bidi_char_detector](https://github.com/maweil/bidi_char_detector)
@ -24031,14 +24048,6 @@ The device-initialization functionality in the MSM camera driver for the Linux k
- [fi01/libmsm_cameraconfig_exploit](https://github.com/fi01/libmsm_cameraconfig_exploit)
### CVE-2013-2596 (2013-04-12)
<code>
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
</code>
- [hiikezoe/libfb_mem_exploit](https://github.com/hiikezoe/libfb_mem_exploit)
### CVE-2013-2597 (2014-08-31)
<code>