diff --git a/2009/CVE-2009-0229.json b/2009/CVE-2009-0229.json new file mode 100644 index 0000000000..72d012c2f3 --- /dev/null +++ b/2009/CVE-2009-0229.json @@ -0,0 +1,25 @@ +[ + { + "id": 264008888, + "name": "CVE-2009-0229-PoC", + "full_name": "zveriu\/CVE-2009-0229-PoC", + "owner": { + "login": "zveriu", + "id": 3428446, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3428446?v=4", + "html_url": "https:\/\/github.com\/zveriu" + }, + "html_url": "https:\/\/github.com\/zveriu\/CVE-2009-0229-PoC", + "description": "PoC for CVE-2009-0229 \"Print Spooler Read File Vulnerability\" LPE AFR (related to CVE-2020-1048)", + "fork": false, + "created_at": "2020-05-14T19:40:50Z", + "updated_at": "2020-05-20T20:29:49Z", + "pushed_at": "2020-05-15T11:32:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2009/CVE-2009-0473.json b/2009/CVE-2009-0473.json new file mode 100644 index 0000000000..6ac621511b --- /dev/null +++ b/2009/CVE-2009-0473.json @@ -0,0 +1,25 @@ +[ + { + "id": 67456167, + "name": "CVE-2009-0473-check", + "full_name": "akbarq\/CVE-2009-0473-check", + "owner": { + "login": "akbarq", + "id": 7432727, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7432727?v=4", + "html_url": "https:\/\/github.com\/akbarq" + }, + "html_url": "https:\/\/github.com\/akbarq\/CVE-2009-0473-check", + "description": "Simple script to exploit open redirection vulnerability in Rockwell ControlLogix 1756-ENBT\/A", + "fork": false, + "created_at": "2016-09-05T23:08:29Z", + "updated_at": "2020-11-18T21:23:08Z", + "pushed_at": "2016-09-06T02:48:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2009/CVE-2009-0689.json b/2009/CVE-2009-0689.json new file mode 100644 index 0000000000..cf780a7ffe --- /dev/null +++ b/2009/CVE-2009-0689.json @@ -0,0 +1,25 @@ +[ + { + "id": 162229782, + "name": "str2hax", + "full_name": "Fullmetal5\/str2hax", + "owner": { + "login": "Fullmetal5", + "id": 3742968, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3742968?v=4", + "html_url": "https:\/\/github.com\/Fullmetal5" + }, + "html_url": "https:\/\/github.com\/Fullmetal5\/str2hax", + "description": "An implementation of CVE-2009-0689 for the Nintendo Wii.", + "fork": false, + "created_at": "2018-12-18T04:24:43Z", + "updated_at": "2020-09-27T17:24:55Z", + "pushed_at": "2019-09-30T23:38:11Z", + "stargazers_count": 32, + "watchers_count": 32, + "forks_count": 7, + "forks": 7, + "watchers": 32, + "score": 0 + } +] \ No newline at end of file diff --git a/2009/CVE-2009-1151.json b/2009/CVE-2009-1151.json new file mode 100644 index 0000000000..e3f8c2f3ba --- /dev/null +++ b/2009/CVE-2009-1151.json @@ -0,0 +1,25 @@ +[ + { + "id": 120135334, + "name": "pocs", + "full_name": "minervais\/pocs", + "owner": { + "login": "minervais", + "id": 47587685, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/47587685?v=4", + "html_url": "https:\/\/github.com\/minervais" + }, + "html_url": "https:\/\/github.com\/minervais\/pocs", + "description": "phpMyAdmin '\/scripts\/setup.php' PHP Code Injection RCE PoC (CVE-2009-1151)", + "fork": false, + "created_at": "2018-02-03T22:26:09Z", + "updated_at": "2020-09-15T14:40:41Z", + "pushed_at": "2019-07-18T20:27:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2009/CVE-2009-1244.json b/2009/CVE-2009-1244.json new file mode 100644 index 0000000000..de05e8ad94 --- /dev/null +++ b/2009/CVE-2009-1244.json @@ -0,0 +1,25 @@ +[ + { + "id": 191334884, + "name": "vmware_exploit_pack_CVE-2009-1244", + "full_name": "piotrbania\/vmware_exploit_pack_CVE-2009-1244", + "owner": { + "login": "piotrbania", + "id": 51699228, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51699228?v=4", + "html_url": "https:\/\/github.com\/piotrbania" + }, + "html_url": "https:\/\/github.com\/piotrbania\/vmware_exploit_pack_CVE-2009-1244", + "description": "vmware cloudburst exploit CVE-2009-1244", + "fork": false, + "created_at": "2019-06-11T09:08:52Z", + "updated_at": "2020-04-14T09:22:50Z", + "pushed_at": "2019-06-11T13:49:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2009/CVE-2009-1330.json b/2009/CVE-2009-1330.json index 299e48dd41..39109d701a 100644 --- a/2009/CVE-2009-1330.json +++ b/2009/CVE-2009-1330.json @@ -1,4 +1,27 @@ [ + { + "id": 163585014, + "name": "CVE-2009-1330", + "full_name": "adenkiewicz\/CVE-2009-1330", + "owner": { + "login": "adenkiewicz", + "id": 1060275, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1060275?v=4", + "html_url": "https:\/\/github.com\/adenkiewicz" + }, + "html_url": "https:\/\/github.com\/adenkiewicz\/CVE-2009-1330", + "description": "Simple exploit for Easy RM to MP3 Converter 2.7.3.700 on Windows 7 32b.", + "fork": false, + "created_at": "2018-12-30T12:17:08Z", + "updated_at": "2018-12-31T10:09:34Z", + "pushed_at": "2018-12-31T09:59:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 164236833, "name": "CVE-2009-1330", diff --git a/2009/CVE-2009-2265.json b/2009/CVE-2009-2265.json new file mode 100644 index 0000000000..fea710009e --- /dev/null +++ b/2009/CVE-2009-2265.json @@ -0,0 +1,25 @@ +[ + { + "id": 300655070, + "name": "zaphoxx-coldfusion", + "full_name": "zaphoxx\/zaphoxx-coldfusion", + "owner": { + "login": "zaphoxx", + "id": 22231720, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22231720?v=4", + "html_url": "https:\/\/github.com\/zaphoxx" + }, + "html_url": "https:\/\/github.com\/zaphoxx\/zaphoxx-coldfusion", + "description": "coldfusion exploit based on https:\/\/cvedetails.com\/cve\/CVE-2009-2265\/", + "fork": false, + "created_at": "2020-10-02T15:17:21Z", + "updated_at": "2020-10-02T17:49:56Z", + "pushed_at": "2020-10-02T17:49:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2009/CVE-2009-2698.json b/2009/CVE-2009-2698.json new file mode 100644 index 0000000000..5e3a2184a0 --- /dev/null +++ b/2009/CVE-2009-2698.json @@ -0,0 +1,25 @@ +[ + { + "id": 121771822, + "name": "CVE-2009-2698", + "full_name": "xiaoxiaoleo\/CVE-2009-2698", + "owner": { + "login": "xiaoxiaoleo", + "id": 9813186, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/9813186?v=4", + "html_url": "https:\/\/github.com\/xiaoxiaoleo" + }, + "html_url": "https:\/\/github.com\/xiaoxiaoleo\/CVE-2009-2698", + "description": "CVE-2009-2698 compiled for CentOS 4.8", + "fork": false, + "created_at": "2018-02-16T16:17:24Z", + "updated_at": "2020-11-05T03:16:12Z", + "pushed_at": "2018-02-16T16:30:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2009/CVE-2009-4660.json b/2009/CVE-2009-4660.json new file mode 100644 index 0000000000..6a614b88d8 --- /dev/null +++ b/2009/CVE-2009-4660.json @@ -0,0 +1,25 @@ +[ + { + "id": 164956270, + "name": "CVE-2009-4660", + "full_name": "war4uthor\/CVE-2009-4660", + "owner": { + "login": "war4uthor", + "id": 45926018, + "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45926018?v=4", + "html_url": "https:\/\/github.com\/war4uthor" + }, + "html_url": "https:\/\/github.com\/war4uthor\/CVE-2009-4660", + "description": "CVE-2009-4660 - BigAnt Server 2.52 'USV' Remote Buffer Overflow Vulnerability. Tested on Windows XP Professional SP3.", + "fork": false, + "created_at": "2019-01-09T23:47:50Z", + "updated_at": "2019-01-09T23:50:58Z", + "pushed_at": "2019-01-09T23:50:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2009/CVE-2009-5147.json b/2009/CVE-2009-5147.json index 8175461fe0..e4a7718767 100644 --- a/2009/CVE-2009-5147.json +++ b/2009/CVE-2009-5147.json @@ -21,5 +21,28 @@ "forks": 0, "watchers": 0, "score": 0 + }, + { + "id": 183373457, + "name": "-Ruby-dl-handle.c-CVE-2009-5147-", + "full_name": "zhangyongbo100\/-Ruby-dl-handle.c-CVE-2009-5147-", + "owner": { + "login": "zhangyongbo100", + "id": 49974023, + "avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/49974023?v=4", + "html_url": "https:\/\/github.com\/zhangyongbo100" + }, + "html_url": "https:\/\/github.com\/zhangyongbo100\/-Ruby-dl-handle.c-CVE-2009-5147-", + "description": null, + "fork": false, + "created_at": "2019-04-25T06:46:50Z", + "updated_at": "2020-05-20T03:19:01Z", + "pushed_at": "2019-04-25T06:49:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2015/CVE-2015-5995.json b/2015/CVE-2015-5995.json index c1fca39bdb..e3f0bbc62c 100644 --- a/2015/CVE-2015-5995.json +++ b/2015/CVE-2015-5995.json @@ -13,13 +13,13 @@ "description": "An exploitation tool to extract passwords using CVE-2015-5995.", "fork": false, "created_at": "2018-10-04T18:20:47Z", - "updated_at": "2020-04-14T02:00:17Z", + "updated_at": "2020-11-25T23:16:27Z", "pushed_at": "2018-10-05T17:16:04Z", - "stargazers_count": 6, - "watchers_count": 6, - "forks_count": 3, - "forks": 3, - "watchers": 6, + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 4, + "forks": 4, + "watchers": 7, "score": 0 } ] \ No newline at end of file diff --git a/2016/CVE-2016-7200.json b/2016/CVE-2016-7200.json index fa7db9497f..078e4bb701 100644 --- a/2016/CVE-2016-7200.json +++ b/2016/CVE-2016-7200.json @@ -13,13 +13,13 @@ "description": "Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201)", "fork": false, "created_at": "2017-01-04T23:41:27Z", - "updated_at": "2020-10-06T05:44:39Z", + "updated_at": "2020-11-26T01:47:08Z", "pushed_at": "2017-01-04T23:42:46Z", - "stargazers_count": 133, - "watchers_count": 133, + "stargazers_count": 134, + "watchers_count": 134, "forks_count": 51, "forks": 51, - "watchers": 133, + "watchers": 134, "score": 0 } ] \ No newline at end of file diff --git a/2016/CVE-2016-8610.json b/2016/CVE-2016-8610.json index 97ff0332b6..25f740a455 100644 --- a/2016/CVE-2016-8610.json +++ b/2016/CVE-2016-8610.json @@ -13,13 +13,13 @@ "description": "CVE-2016-8610 (SSL Death Alert) PoC", "fork": false, "created_at": "2016-12-27T10:09:43Z", - "updated_at": "2020-11-11T09:30:38Z", + "updated_at": "2020-11-25T22:40:16Z", "pushed_at": "2016-12-28T10:12:29Z", - "stargazers_count": 23, - "watchers_count": 23, - "forks_count": 14, - "forks": 14, - "watchers": 23, + "stargazers_count": 24, + "watchers_count": 24, + "forks_count": 15, + "forks": 15, + "watchers": 24, "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-0213.json b/2017/CVE-2017-0213.json index a587c303a8..299507984a 100644 --- a/2017/CVE-2017-0213.json +++ b/2017/CVE-2017-0213.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2017-06-29T18:49:44Z", - "updated_at": "2020-03-29T00:05:56Z", + "updated_at": "2020-11-25T23:12:09Z", "pushed_at": "2017-06-07T17:09:19Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 6, + "forks": 6, + "watchers": 1, "score": 0 }, { @@ -105,13 +105,13 @@ "description": "A version of CVE-2017-0213 that I plan to use with an Empire stager", "fork": false, "created_at": "2018-03-21T04:13:29Z", - "updated_at": "2018-03-21T04:20:49Z", + "updated_at": "2020-11-25T23:04:06Z", "pushed_at": "2018-03-21T04:20:46Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 2, - "forks": 2, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, "score": 0 }, { @@ -128,13 +128,13 @@ "description": "Fixed No Virus Manual Automatic Loader exe no zip because zip picks up the anti virus detector.", "fork": false, "created_at": "2018-04-10T18:34:17Z", - "updated_at": "2020-02-23T21:10:36Z", + "updated_at": "2020-11-25T23:03:02Z", "pushed_at": "2018-04-17T23:14:39Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 4, - "forks": 4, - "watchers": 1, + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 5, + "forks": 5, + "watchers": 2, "score": 0 }, { @@ -151,13 +151,13 @@ "description": "Binary", "fork": false, "created_at": "2019-06-27T05:56:35Z", - "updated_at": "2019-07-04T04:25:16Z", + "updated_at": "2020-11-25T23:11:22Z", "pushed_at": "2019-07-04T04:25:15Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-9805.json b/2017/CVE-2017-9805.json index aeb4c32b93..9f20a06004 100644 --- a/2017/CVE-2017-9805.json +++ b/2017/CVE-2017-9805.json @@ -105,13 +105,13 @@ "description": "Exploit script for Apache Struts2 REST Plugin XStream RCE (CVE-2017-9805)", "fork": false, "created_at": "2017-11-24T14:46:35Z", - "updated_at": "2020-08-23T14:42:02Z", + "updated_at": "2020-11-25T21:45:36Z", "pushed_at": "2018-02-09T00:22:16Z", - "stargazers_count": 10, - "watchers_count": 10, - "forks_count": 6, - "forks": 6, - "watchers": 10, + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 7, + "forks": 7, + "watchers": 11, "score": 0 }, { @@ -151,13 +151,13 @@ "description": "Better Exploit Code For CVE 2017 9805 apache struts", "fork": false, "created_at": "2017-12-04T18:23:53Z", - "updated_at": "2019-09-28T07:29:05Z", + "updated_at": "2020-11-25T21:45:43Z", "pushed_at": "2017-12-23T14:07:59Z", - "stargazers_count": 20, - "watchers_count": 20, - "forks_count": 7, - "forks": 7, - "watchers": 20, + "stargazers_count": 21, + "watchers_count": 21, + "forks_count": 8, + "forks": 8, + "watchers": 21, "score": 0 }, { diff --git a/2018/CVE-2018-6389.json b/2018/CVE-2018-6389.json index 9f9aee459b..fee0381e4c 100644 --- a/2018/CVE-2018-6389.json +++ b/2018/CVE-2018-6389.json @@ -473,8 +473,8 @@ "description": null, "fork": false, "created_at": "2020-10-18T14:01:59Z", - "updated_at": "2020-11-19T14:21:32Z", - "pushed_at": "2020-11-19T14:21:30Z", + "updated_at": "2020-11-25T22:30:31Z", + "pushed_at": "2020-11-25T22:30:29Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 1, diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index 54a05c93ad..7508b5d364 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -1278,13 +1278,13 @@ "description": "A quick scanner for the CVE-2019-0708 \"BlueKeep\" vulnerability.", "fork": false, "created_at": "2019-05-23T22:50:12Z", - "updated_at": "2020-11-24T05:53:19Z", + "updated_at": "2020-11-26T02:30:21Z", "pushed_at": "2019-06-22T21:48:45Z", - "stargazers_count": 775, - "watchers_count": 775, + "stargazers_count": 777, + "watchers_count": 777, "forks_count": 190, "forks": 190, - "watchers": 775, + "watchers": 777, "score": 0 }, { diff --git a/2019/CVE-2019-15858.json b/2019/CVE-2019-15858.json index d2ed7f4a29..8cfae6b055 100644 --- a/2019/CVE-2019-15858.json +++ b/2019/CVE-2019-15858.json @@ -13,13 +13,13 @@ "description": "Unauthenticated RCE at Woody Ad Snippets \/ CVE-2019-15858 (PoC)", "fork": false, "created_at": "2019-09-12T21:52:55Z", - "updated_at": "2020-06-09T18:27:58Z", + "updated_at": "2020-11-25T23:33:18Z", "pushed_at": "2019-09-12T22:19:47Z", - "stargazers_count": 26, - "watchers_count": 26, + "stargazers_count": 27, + "watchers_count": 27, "forks_count": 6, "forks": 6, - "watchers": 26, + "watchers": 27, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-1653.json b/2019/CVE-2019-1653.json index 7f6c86397b..c55983f19a 100644 --- a/2019/CVE-2019-1653.json +++ b/2019/CVE-2019-1653.json @@ -36,13 +36,13 @@ "description": "Just a PoC tool to extract password using CVE-2019-1653.", "fork": false, "created_at": "2019-04-01T07:40:01Z", - "updated_at": "2019-04-02T04:57:33Z", + "updated_at": "2020-11-25T23:13:59Z", "pushed_at": "2019-04-01T07:50:48Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 3, - "forks": 3, - "watchers": 3, + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 4, + "forks": 4, + "watchers": 4, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index 4fd24af6a0..139deeccee 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -40,8 +40,8 @@ "pushed_at": "2020-11-07T05:55:00Z", "stargazers_count": 2090, "watchers_count": 2090, - "forks_count": 577, - "forks": 577, + "forks_count": 578, + "forks": 578, "watchers": 2090, "score": 0 }, diff --git a/2020/CVE-2020-1034.json b/2020/CVE-2020-1034.json index f20fa966a7..9c6dbfc9df 100644 --- a/2020/CVE-2020-1034.json +++ b/2020/CVE-2020-1034.json @@ -13,13 +13,13 @@ "description": "PoC demonstrating the use of cve-2020-1034 for privilege escalation", "fork": false, "created_at": "2020-11-23T10:24:07Z", - "updated_at": "2020-11-25T17:03:29Z", + "updated_at": "2020-11-26T03:02:25Z", "pushed_at": "2020-11-23T11:20:28Z", - "stargazers_count": 47, - "watchers_count": 47, + "stargazers_count": 48, + "watchers_count": 48, "forks_count": 10, "forks": 10, - "watchers": 47, + "watchers": 48, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-10977.json b/2020/CVE-2020-10977.json index 83e8984f49..1e7f9fb98d 100644 --- a/2020/CVE-2020-10977.json +++ b/2020/CVE-2020-10977.json @@ -21,5 +21,28 @@ "forks": 0, "watchers": 6, "score": 0 + }, + { + "id": 316070312, + "name": "CVE-2020-10977.py", + "full_name": "JustMichi\/CVE-2020-10977.py", + "owner": { + "login": "JustMichi", + "id": 10670516, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/10670516?v=4", + "html_url": "https:\/\/github.com\/JustMichi" + }, + "html_url": "https:\/\/github.com\/JustMichi\/CVE-2020-10977.py", + "description": "authenticated arbitrary file read for Gitlab (CVE-2020-10977)", + "fork": false, + "created_at": "2020-11-25T22:48:26Z", + "updated_at": "2020-11-25T23:01:56Z", + "pushed_at": "2020-11-25T23:01:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-13942.json b/2020/CVE-2020-13942.json index 6d3c3080ed..4c55938026 100644 --- a/2020/CVE-2020-13942.json +++ b/2020/CVE-2020-13942.json @@ -36,13 +36,13 @@ "description": "CVE-2020-13942 unauthenticated RCE POC through MVEL and OGNL injection", "fork": false, "created_at": "2020-11-19T08:22:17Z", - "updated_at": "2020-11-25T18:25:15Z", + "updated_at": "2020-11-25T22:40:09Z", "pushed_at": "2020-11-20T21:34:10Z", - "stargazers_count": 16, - "watchers_count": 16, + "stargazers_count": 17, + "watchers_count": 17, "forks_count": 7, "forks": 7, - "watchers": 16, + "watchers": 17, "score": 0 }, { diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 6a6f6b204c..9587753e5d 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -36,13 +36,13 @@ "description": "Test tool for CVE-2020-1472", "fork": false, "created_at": "2020-09-08T08:58:37Z", - "updated_at": "2020-11-22T18:17:41Z", + "updated_at": "2020-11-26T02:52:59Z", "pushed_at": "2020-10-21T12:10:28Z", - "stargazers_count": 1187, - "watchers_count": 1187, + "stargazers_count": 1188, + "watchers_count": 1188, "forks_count": 271, "forks": 271, - "watchers": 1187, + "watchers": 1188, "score": 0 }, { @@ -82,13 +82,13 @@ "description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura", "fork": false, "created_at": "2020-09-14T16:56:51Z", - "updated_at": "2020-11-25T09:39:16Z", + "updated_at": "2020-11-26T02:22:02Z", "pushed_at": "2020-11-03T09:45:24Z", - "stargazers_count": 708, - "watchers_count": 708, + "stargazers_count": 709, + "watchers_count": 709, "forks_count": 202, "forks": 202, - "watchers": 708, + "watchers": 709, "score": 0 }, { @@ -105,13 +105,13 @@ "description": "Exploit Code for CVE-2020-1472 aka Zerologon", "fork": false, "created_at": "2020-09-14T16:57:49Z", - "updated_at": "2020-11-25T09:33:33Z", + "updated_at": "2020-11-25T22:02:47Z", "pushed_at": "2020-11-05T16:37:20Z", - "stargazers_count": 147, - "watchers_count": 147, + "stargazers_count": 148, + "watchers_count": 148, "forks_count": 36, "forks": 36, - "watchers": 147, + "watchers": 148, "score": 0 }, { @@ -128,13 +128,13 @@ "description": "Exploit for zerologon cve-2020-1472", "fork": false, "created_at": "2020-09-14T19:19:07Z", - "updated_at": "2020-11-25T09:35:47Z", + "updated_at": "2020-11-25T23:52:42Z", "pushed_at": "2020-10-15T18:31:15Z", - "stargazers_count": 235, - "watchers_count": 235, + "stargazers_count": 236, + "watchers_count": 236, "forks_count": 87, "forks": 87, - "watchers": 235, + "watchers": 236, "score": 0 }, { diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index 6c23f07433..61079424fe 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -17,8 +17,8 @@ "pushed_at": "2020-11-07T05:55:00Z", "stargazers_count": 2090, "watchers_count": 2090, - "forks_count": 577, - "forks": 577, + "forks_count": 578, + "forks": 578, "watchers": 2090, "score": 0 }, @@ -36,13 +36,13 @@ "description": "Vulmap - Web漏洞扫描和验证工具,可对Web容器、Web服务器、Web中间件以及CMS等Web程序进行漏洞扫描,并且具备漏洞利用功能。 相关测试人员可以使用vulmap检测目标是否存在特定漏洞,并且可以使用漏洞利用功能验证漏洞是否真实存在。CVE-2020-14882, CVE-2020-2555, CVE-2020-2883", "fork": false, "created_at": "2020-10-09T06:34:36Z", - "updated_at": "2020-11-25T14:08:25Z", + "updated_at": "2020-11-26T01:16:17Z", "pushed_at": "2020-11-10T02:58:25Z", - "stargazers_count": 371, - "watchers_count": 371, + "stargazers_count": 372, + "watchers_count": 372, "forks_count": 71, "forks": 71, - "watchers": 371, + "watchers": 372, "score": 0 }, { @@ -93,19 +93,19 @@ }, { "id": 308184758, - "name": "McMaster-University-0-day-Blind-Command-Injection", - "full_name": "Umarovm\/McMaster-University-0-day-Blind-Command-Injection", + "name": "-Patched-McMaster-University-Blind-Command-Injection", + "full_name": "Umarovm\/-Patched-McMaster-University-Blind-Command-Injection", "owner": { "login": "Umarovm", "id": 25722145, "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25722145?v=4", "html_url": "https:\/\/github.com\/Umarovm" }, - "html_url": "https:\/\/github.com\/Umarovm\/McMaster-University-0-day-Blind-Command-Injection", + "html_url": "https:\/\/github.com\/Umarovm\/-Patched-McMaster-University-Blind-Command-Injection", "description": "(patched) This targets McMaster University's website and takes advantage of CVE-2020-14882 in the outdated version of WebLogic Server (12.2.1.3.0), which is present in the university's subdomains, mosaic.mcmaster.ca and epprd.uts.mcmaster.ca.", "fork": false, "created_at": "2020-10-29T01:28:41Z", - "updated_at": "2020-10-31T01:09:15Z", + "updated_at": "2020-11-26T01:47:44Z", "pushed_at": "2020-10-31T01:08:56Z", "stargazers_count": 0, "watchers_count": 0, @@ -293,8 +293,8 @@ "pushed_at": "2020-11-05T03:29:09Z", "stargazers_count": 43, "watchers_count": 43, - "forks_count": 13, - "forks": 13, + "forks_count": 14, + "forks": 14, "watchers": 43, "score": 0 }, diff --git a/2020/CVE-2020-16898.json b/2020/CVE-2020-16898.json index 7e6caf520f..04c5213315 100644 --- a/2020/CVE-2020-16898.json +++ b/2020/CVE-2020-16898.json @@ -13,13 +13,13 @@ "description": "CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP\/IP Vulnerability Detection Logic and Rule", "fork": false, "created_at": "2020-10-07T19:56:09Z", - "updated_at": "2020-11-25T10:47:56Z", + "updated_at": "2020-11-26T02:29:28Z", "pushed_at": "2020-10-26T10:15:32Z", - "stargazers_count": 201, - "watchers_count": 201, + "stargazers_count": 202, + "watchers_count": 202, "forks_count": 28, "forks": 28, - "watchers": 201, + "watchers": 202, "score": 0 }, { @@ -82,13 +82,13 @@ "description": "Proof-of-Concept (PoC) script to exploit IPv6 (CVE-2020-16898).", "fork": false, "created_at": "2020-10-14T14:42:52Z", - "updated_at": "2020-10-23T09:14:05Z", + "updated_at": "2020-11-26T02:29:48Z", "pushed_at": "2020-10-14T16:56:04Z", - "stargazers_count": 17, - "watchers_count": 17, - "forks_count": 5, - "forks": 5, - "watchers": 17, + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 6, + "forks": 6, + "watchers": 18, "score": 0 }, { diff --git a/2020/CVE-2020-24227.json b/2020/CVE-2020-24227.json index 4497cf931e..3162f50d16 100644 --- a/2020/CVE-2020-24227.json +++ b/2020/CVE-2020-24227.json @@ -13,13 +13,13 @@ "description": "Playground Sessions - Storing User Credentials in Plaintext", "fork": false, "created_at": "2020-11-21T12:55:42Z", - "updated_at": "2020-11-25T04:29:32Z", + "updated_at": "2020-11-26T01:10:09Z", "pushed_at": "2020-11-21T13:18:01Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "forks_count": 0, "forks": 0, - "watchers": 2, + "watchers": 3, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-9484.json b/2020/CVE-2020-9484.json index e71cca31dd..0aecdd705a 100644 --- a/2020/CVE-2020-9484.json +++ b/2020/CVE-2020-9484.json @@ -40,8 +40,8 @@ "pushed_at": "2020-05-21T10:15:35Z", "stargazers_count": 93, "watchers_count": 93, - "forks_count": 24, - "forks": 24, + "forks_count": 25, + "forks": 25, "watchers": 93, "score": 0 }, diff --git a/README.md b/README.md index 7c844332cd..b6d1cd8810 100644 --- a/README.md +++ b/README.md @@ -1752,6 +1752,7 @@ GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an iss </code> - [thewhiteh4t/cve-2020-10977](https://github.com/thewhiteh4t/cve-2020-10977) +- [JustMichi/CVE-2020-10977.py](https://github.com/JustMichi/CVE-2020-10977.py) ### CVE-2020-11076 (2020-05-22) @@ -2357,7 +2358,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - [zhzyker/vulmap](https://github.com/zhzyker/vulmap) - [jas502n/CVE-2020-14882](https://github.com/jas502n/CVE-2020-14882) - [s1kr10s/CVE-2020-14882](https://github.com/s1kr10s/CVE-2020-14882) -- [Umarovm/McMaster-University-0-day-Blind-Command-Injection](https://github.com/Umarovm/McMaster-University-0-day-Blind-Command-Injection) +- [Umarovm/-Patched-McMaster-University-Blind-Command-Injection](https://github.com/Umarovm/-Patched-McMaster-University-Blind-Command-Injection) - [RedTeamWing/CVE-2020-14882](https://github.com/RedTeamWing/CVE-2020-14882) - [0thm4n3/cve-2020-14882](https://github.com/0thm4n3/cve-2020-14882) - [wsfengfan/cve-2020-14882](https://github.com/wsfengfan/cve-2020-14882) @@ -15685,6 +15686,46 @@ Liferay Portal through 6.2.10 allows remote authenticated users to execute arbit ## 2009 +### CVE-2009-0229 (2009-06-10) + +<code> +The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerability." +</code> + +- [zveriu/CVE-2009-0229-PoC](https://github.com/zveriu/CVE-2009-0229-PoC) + +### CVE-2009-0473 (2009-02-06) + +<code> +Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. +</code> + +- [akbarq/CVE-2009-0473-check](https://github.com/akbarq/CVE-2009-0473-check) + +### CVE-2009-0689 (2009-07-01) + +<code> +Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. +</code> + +- [Fullmetal5/str2hax](https://github.com/Fullmetal5/str2hax) + +### CVE-2009-1151 (2009-03-26) + +<code> +Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. +</code> + +- [minervais/pocs](https://github.com/minervais/pocs) + +### CVE-2009-1244 (2009-04-13) + +<code> +Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916. +</code> + +- [piotrbania/vmware_exploit_pack_CVE-2009-1244](https://github.com/piotrbania/vmware_exploit_pack_CVE-2009-1244) + ### CVE-2009-1324 (2009-04-17) <code> @@ -15699,6 +15740,7 @@ Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows r Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file. </code> +- [adenkiewicz/CVE-2009-1330](https://github.com/adenkiewicz/CVE-2009-1330) - [war4uthor/CVE-2009-1330](https://github.com/war4uthor/CVE-2009-1330) - [exploitwritter/CVE-2009-1330_EasyRMToMp3Converter](https://github.com/exploitwritter/CVE-2009-1330_EasyRMToMp3Converter) @@ -15718,6 +15760,14 @@ The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows co - [NZKoz/bigdecimal-segfault-fix](https://github.com/NZKoz/bigdecimal-segfault-fix) +### CVE-2009-2265 (2009-07-05) + +<code> +Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory. +</code> + +- [zaphoxx/zaphoxx-coldfusion](https://github.com/zaphoxx/zaphoxx-coldfusion) + ### CVE-2009-2692 (2009-08-14) <code> @@ -15726,6 +15776,14 @@ The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not in - [jdvalentini/CVE-2009-2692](https://github.com/jdvalentini/CVE-2009-2692) +### CVE-2009-2698 (2009-08-27) + +<code> +The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket. +</code> + +- [xiaoxiaoleo/CVE-2009-2698](https://github.com/xiaoxiaoleo/CVE-2009-2698) + ### CVE-2009-3103 (2009-09-08) <code> @@ -15758,6 +15816,14 @@ The loadContentFromCookie function in core/Cookie.php in Piwik before 0.5 does n - [Alexeyan/CVE-2009-4137](https://github.com/Alexeyan/CVE-2009-4137) +### CVE-2009-4660 (2010-03-03) + +<code> +Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660. +</code> + +- [war4uthor/CVE-2009-4660](https://github.com/war4uthor/CVE-2009-4660) + ### CVE-2009-5147 (2017-03-29) <code> @@ -15765,6 +15831,7 @@ DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2. </code> - [vpereira/CVE-2009-5147](https://github.com/vpereira/CVE-2009-5147) +- [zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-](https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-) ## 2008