From 1aaa9ffb8c02187b61a401173fa734623d35292f Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Thu, 1 Dec 2022 09:18:13 +0900 Subject: [PATCH] Auto Update 2022/12/01 00:18:13 --- 2016/CVE-2016-4004.json | 31 +++++++++++++++++++++ 2018/CVE-2018-1133.json | 2 +- 2018/CVE-2018-2893.json | 8 +++--- 2019/CVE-2019-0708.json | 8 +++--- 2019/CVE-2019-12725.json | 8 +++--- 2019/CVE-2019-1652.json | 4 +-- 2019/CVE-2019-9978.json | 8 +++--- 2020/CVE-2020-0688.json | 8 +++--- 2020/CVE-2020-0796.json | 29 -------------------- 2020/CVE-2020-11896.json | 29 ++++++++++++++++++++ 2020/CVE-2020-11978.json | 8 +++--- 2020/CVE-2020-14882.json | 8 +++--- 2020/CVE-2020-5377.json | 31 +++++++++++++++++++++ 2020/CVE-2020-5902.json | 58 ---------------------------------------- 2020/CVE-2020-7461.json | 29 ++++++++++++++++++++ 2021/CVE-2021-21514.json | 31 +++++++++++++++++++++ 2021/CVE-2021-22005.json | 8 +++--- 2021/CVE-2021-24084.json | 4 +-- 2021/CVE-2021-26855.json | 16 +++++------ 2021/CVE-2021-28482.json | 8 +++--- 2021/CVE-2021-42278.json | 8 +++--- 2021/CVE-2021-44228.json | 37 ++----------------------- 2022/CVE-2022-21661.json | 8 +++--- 2022/CVE-2022-24112.json | 2 +- 2022/CVE-2022-25765.json | 8 +++--- 2022/CVE-2022-2588.json | 8 +++--- 2022/CVE-2022-29464.json | 8 +++--- 2022/CVE-2022-30190.json | 4 +-- 2022/CVE-2022-30525.json | 8 +++--- 2022/CVE-2022-31898.json | 4 +-- 2022/CVE-2022-39197.json | 29 -------------------- README.md | 31 +++++++++++++++++---- 32 files changed, 257 insertions(+), 234 deletions(-) create mode 100644 2016/CVE-2016-4004.json create mode 100644 2020/CVE-2020-5377.json create mode 100644 2021/CVE-2021-21514.json diff --git a/2016/CVE-2016-4004.json b/2016/CVE-2016-4004.json new file mode 100644 index 0000000000..7126cab95b --- /dev/null +++ b/2016/CVE-2016-4004.json @@ -0,0 +1,31 @@ +[ + { + "id": 572725685, + "name": "AFR-in-OMSA", + "full_name": "und3sc0n0c1d0\/AFR-in-OMSA", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/AFR-in-OMSA", + "description": "Validation of Arbitrary File Read Vulnerabilities in Dell OpenManage Server Administrator (OMSA) - CVE-2016-4004, CVE-2021-21514 and CVE-2020-5377.", + "fork": false, + "created_at": "2022-11-30T22:34:58Z", + "updated_at": "2022-11-30T22:34:58Z", + "pushed_at": "2022-11-30T22:37:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1133.json b/2018/CVE-2018-1133.json index a62ae8f5e3..069ef5c4c7 100644 --- a/2018/CVE-2018-1133.json +++ b/2018/CVE-2018-1133.json @@ -42,7 +42,7 @@ "description": "cve-2018-1133 moodle athenticated as teacher remote code execution. ", "fork": false, "created_at": "2020-12-26T08:09:19Z", - "updated_at": "2021-01-22T18:16:32Z", + "updated_at": "2022-11-30T19:19:19Z", "pushed_at": "2019-03-16T15:19:35Z", "stargazers_count": 0, "watchers_count": 0, diff --git a/2018/CVE-2018-2893.json b/2018/CVE-2018-2893.json index 26a5d468cf..21d1f67a5c 100644 --- a/2018/CVE-2018-2893.json +++ b/2018/CVE-2018-2893.json @@ -100,10 +100,10 @@ "description": "CVE-2018-2893-PoC", "fork": false, "created_at": "2018-07-22T01:15:58Z", - "updated_at": "2022-10-28T07:04:19Z", + "updated_at": "2022-11-30T19:08:04Z", "pushed_at": "2018-10-27T01:42:20Z", - "stargazers_count": 98, - "watchers_count": 98, + "stargazers_count": 99, + "watchers_count": 99, "has_discussions": false, "forks_count": 37, "allow_forking": true, @@ -112,7 +112,7 @@ "topics": [], "visibility": "public", "forks": 37, - "watchers": 98, + "watchers": 99, "score": 0 }, { diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index aa050ce8f2..16e25a43ed 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -3051,10 +3051,10 @@ "description": "CVE-2019-0708 (BlueKeep) proof of concept allowing pre-auth RCE on Windows7", "fork": false, "created_at": "2020-03-15T19:33:53Z", - "updated_at": "2022-11-12T14:47:09Z", + "updated_at": "2022-11-30T21:36:03Z", "pushed_at": "2022-03-28T04:10:20Z", - "stargazers_count": 91, - "watchers_count": 91, + "stargazers_count": 92, + "watchers_count": 92, "has_discussions": false, "forks_count": 17, "allow_forking": true, @@ -3063,7 +3063,7 @@ "topics": [], "visibility": "public", "forks": 17, - "watchers": 91, + "watchers": 92, "score": 0 }, { diff --git a/2019/CVE-2019-12725.json b/2019/CVE-2019-12725.json index c9916acfe9..17688fbc4e 100644 --- a/2019/CVE-2019-12725.json +++ b/2019/CVE-2019-12725.json @@ -75,10 +75,10 @@ "description": "ZeroShell 3.9.0 Remote Command Injection", "fork": false, "created_at": "2021-06-13T23:57:37Z", - "updated_at": "2022-09-29T05:42:53Z", + "updated_at": "2022-11-30T19:02:07Z", "pushed_at": "2021-06-14T00:07:52Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -87,7 +87,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0 }, { diff --git a/2019/CVE-2019-1652.json b/2019/CVE-2019-1652.json index d1b6fe264e..7e290234cd 100644 --- a/2019/CVE-2019-1652.json +++ b/2019/CVE-2019-1652.json @@ -18,7 +18,7 @@ "stargazers_count": 222, "watchers_count": 222, "has_discussions": false, - "forks_count": 70, + "forks_count": 69, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -29,7 +29,7 @@ "exploitation" ], "visibility": "public", - "forks": 70, + "forks": 69, "watchers": 222, "score": 0 } diff --git a/2019/CVE-2019-9978.json b/2019/CVE-2019-9978.json index 8b0092d079..70b94cdf91 100644 --- a/2019/CVE-2019-9978.json +++ b/2019/CVE-2019-9978.json @@ -45,10 +45,10 @@ "description": "CVE-2019-9978 - (PoC) RCE in Social WarFare Plugin (<=3.5.2)", "fork": false, "created_at": "2019-05-03T05:57:44Z", - "updated_at": "2022-10-13T15:20:35Z", + "updated_at": "2022-11-30T19:00:16Z", "pushed_at": "2021-06-26T08:28:02Z", - "stargazers_count": 17, - "watchers_count": 17, + "stargazers_count": 18, + "watchers_count": 18, "has_discussions": false, "forks_count": 8, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 8, - "watchers": 17, + "watchers": 18, "score": 0 }, { diff --git a/2020/CVE-2020-0688.json b/2020/CVE-2020-0688.json index d7391e3d41..30395f4bd2 100644 --- a/2020/CVE-2020-0688.json +++ b/2020/CVE-2020-0688.json @@ -102,10 +102,10 @@ "description": "CVE-2020-0688_EXP Auto trigger payload & encrypt method", "fork": false, "created_at": "2020-02-27T13:53:46Z", - "updated_at": "2022-11-09T18:06:30Z", + "updated_at": "2022-11-30T19:25:08Z", "pushed_at": "2020-02-27T15:57:53Z", - "stargazers_count": 143, - "watchers_count": 143, + "stargazers_count": 144, + "watchers_count": 144, "has_discussions": false, "forks_count": 66, "allow_forking": true, @@ -119,7 +119,7 @@ ], "visibility": "public", "forks": 66, - "watchers": 143, + "watchers": 144, "score": 0 }, { diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 7549b3706d..1ef416022e 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -2273,34 +2273,5 @@ "forks": 0, "watchers": 1, "score": 0 - }, - { - "id": 572293975, - "name": "-CVE-2020-0796-RCE", - "full_name": "NetJBS\/-CVE-2020-0796-RCE", - "owner": { - "login": "NetJBS", - "id": 100053595, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100053595?v=4", - "html_url": "https:\/\/github.com\/NetJBS" - }, - "html_url": "https:\/\/github.com\/NetJBS\/-CVE-2020-0796-RCE", - "description": null, - "fork": false, - "created_at": "2022-11-30T00:40:45Z", - "updated_at": "2022-11-30T00:41:09Z", - "pushed_at": "2022-11-30T00:41:04Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-11896.json b/2020/CVE-2020-11896.json index 6af9a1a368..fdcffd5221 100644 --- a/2020/CVE-2020-11896.json +++ b/2020/CVE-2020-11896.json @@ -27,5 +27,34 @@ "forks": 2, "watchers": 7, "score": 0 + }, + { + "id": 572658457, + "name": "ripple20-digi-connect-exploit", + "full_name": "0xkol\/ripple20-digi-connect-exploit", + "owner": { + "login": "0xkol", + "id": 58270928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58270928?v=4", + "html_url": "https:\/\/github.com\/0xkol" + }, + "html_url": "https:\/\/github.com\/0xkol\/ripple20-digi-connect-exploit", + "description": "RCE exploit for CVE-2020-11896 (Ripple20 IP-in-IP Heap Overflow Vulnerability) targeting Digi Connect ME 9210", + "fork": false, + "created_at": "2022-11-30T18:44:25Z", + "updated_at": "2022-11-30T18:46:32Z", + "pushed_at": "2022-11-30T18:46:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-11978.json b/2020/CVE-2020-11978.json index 99b4e36236..35c10ef59e 100644 --- a/2020/CVE-2020-11978.json +++ b/2020/CVE-2020-11978.json @@ -13,10 +13,10 @@ "description": "PoC of how to exploit a RCE vulnerability of the example DAGs in Apache Airflow <1.10.11 ", "fork": false, "created_at": "2021-05-22T15:58:01Z", - "updated_at": "2022-07-23T07:58:35Z", + "updated_at": "2022-11-30T18:58:50Z", "pushed_at": "2021-06-01T18:17:15Z", - "stargazers_count": 6, - "watchers_count": 6, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 6, + "watchers": 7, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index 15db5c827c..9b5148ea80 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -671,10 +671,10 @@ "description": "CVE-2020-14882", "fork": false, "created_at": "2021-02-25T12:57:08Z", - "updated_at": "2022-07-15T09:44:00Z", + "updated_at": "2022-11-30T18:48:16Z", "pushed_at": "2021-03-01T16:34:10Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -683,7 +683,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 7, + "watchers": 8, "score": 0 }, { diff --git a/2020/CVE-2020-5377.json b/2020/CVE-2020-5377.json new file mode 100644 index 0000000000..7126cab95b --- /dev/null +++ b/2020/CVE-2020-5377.json @@ -0,0 +1,31 @@ +[ + { + "id": 572725685, + "name": "AFR-in-OMSA", + "full_name": "und3sc0n0c1d0\/AFR-in-OMSA", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/AFR-in-OMSA", + "description": "Validation of Arbitrary File Read Vulnerabilities in Dell OpenManage Server Administrator (OMSA) - CVE-2016-4004, CVE-2021-21514 and CVE-2020-5377.", + "fork": false, + "created_at": "2022-11-30T22:34:58Z", + "updated_at": "2022-11-30T22:34:58Z", + "pushed_at": "2022-11-30T22:37:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5902.json b/2020/CVE-2020-5902.json index 01fa561d1c..2eb324fd21 100644 --- a/2020/CVE-2020-5902.json +++ b/2020/CVE-2020-5902.json @@ -92,35 +92,6 @@ "watchers": 71, "score": 0 }, - { - "id": 277354676, - "name": "CVE-2020-5902-NSE", - "full_name": "rwincey\/CVE-2020-5902-NSE", - "owner": { - "login": "rwincey", - "id": 5438659, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5438659?v=4", - "html_url": "https:\/\/github.com\/rwincey" - }, - "html_url": "https:\/\/github.com\/rwincey\/CVE-2020-5902-NSE", - "description": null, - "fork": false, - "created_at": "2020-07-05T17:51:38Z", - "updated_at": "2021-09-30T13:33:15Z", - "pushed_at": "2020-07-06T17:10:45Z", - "stargazers_count": 8, - "watchers_count": 8, - "has_discussions": false, - "forks_count": 2, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 2, - "watchers": 8, - "score": 0 - }, { "id": 277360749, "name": "CVE-2020-5902", @@ -302,35 +273,6 @@ "watchers": 1, "score": 0 }, - { - "id": 277584668, - "name": "CVE-2020-5902", - "full_name": "jinnywc\/CVE-2020-5902", - "owner": { - "login": "jinnywc", - "id": 30540295, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30540295?v=4", - "html_url": "https:\/\/github.com\/jinnywc" - }, - "html_url": "https:\/\/github.com\/jinnywc\/CVE-2020-5902", - "description": "CVE-2020-5902", - "fork": false, - "created_at": "2020-07-06T15:49:46Z", - "updated_at": "2020-07-06T15:55:37Z", - "pushed_at": "2020-07-06T15:53:41Z", - "stargazers_count": 1, - "watchers_count": 1, - "has_discussions": false, - "forks_count": 1, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 1, - "watchers": 1, - "score": 0 - }, { "id": 277626606, "name": "F5-Patch", diff --git a/2020/CVE-2020-7461.json b/2020/CVE-2020-7461.json index d9b860adc0..27402d4a3a 100644 --- a/2020/CVE-2020-7461.json +++ b/2020/CVE-2020-7461.json @@ -27,5 +27,34 @@ "forks": 4, "watchers": 15, "score": 0 + }, + { + "id": 572664898, + "name": "freebsd-dhclient-poc", + "full_name": "0xkol\/freebsd-dhclient-poc", + "owner": { + "login": "0xkol", + "id": 58270928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58270928?v=4", + "html_url": "https:\/\/github.com\/0xkol" + }, + "html_url": "https:\/\/github.com\/0xkol\/freebsd-dhclient-poc", + "description": "Reproducer PoC for FreeBSD dhclient heap-based buffer overflow vulnerability when parsing DHCP option 119 (CVE-2020-7461)", + "fork": false, + "created_at": "2022-11-30T19:03:57Z", + "updated_at": "2022-11-30T19:04:41Z", + "pushed_at": "2022-11-30T19:04:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-21514.json b/2021/CVE-2021-21514.json new file mode 100644 index 0000000000..7126cab95b --- /dev/null +++ b/2021/CVE-2021-21514.json @@ -0,0 +1,31 @@ +[ + { + "id": 572725685, + "name": "AFR-in-OMSA", + "full_name": "und3sc0n0c1d0\/AFR-in-OMSA", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/AFR-in-OMSA", + "description": "Validation of Arbitrary File Read Vulnerabilities in Dell OpenManage Server Administrator (OMSA) - CVE-2016-4004, CVE-2021-21514 and CVE-2020-5377.", + "fork": false, + "created_at": "2022-11-30T22:34:58Z", + "updated_at": "2022-11-30T22:34:58Z", + "pushed_at": "2022-11-30T22:37:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22005.json b/2021/CVE-2021-22005.json index 4fc2e8bcef..bc95ab1277 100644 --- a/2021/CVE-2021-22005.json +++ b/2021/CVE-2021-22005.json @@ -42,10 +42,10 @@ "description": null, "fork": false, "created_at": "2021-12-18T08:18:50Z", - "updated_at": "2022-11-30T04:47:09Z", + "updated_at": "2022-11-30T18:28:11Z", "pushed_at": "2021-12-22T10:32:37Z", - "stargazers_count": 141, - "watchers_count": 141, + "stargazers_count": 142, + "watchers_count": 142, "has_discussions": false, "forks_count": 40, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 40, - "watchers": 141, + "watchers": 142, "score": 0 }, { diff --git a/2021/CVE-2021-24084.json b/2021/CVE-2021-24084.json index 3583c26f47..7315804df1 100644 --- a/2021/CVE-2021-24084.json +++ b/2021/CVE-2021-24084.json @@ -18,13 +18,13 @@ "stargazers_count": 35, "watchers_count": 35, "has_discussions": false, - "forks_count": 11, + "forks_count": 12, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 11, + "forks": 12, "watchers": 35, "score": 0 } diff --git a/2021/CVE-2021-26855.json b/2021/CVE-2021-26855.json index efb19dbc1d..33ca9dfc67 100644 --- a/2021/CVE-2021-26855.json +++ b/2021/CVE-2021-26855.json @@ -319,10 +319,10 @@ "description": "A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).", "fork": false, "created_at": "2021-03-08T11:54:32Z", - "updated_at": "2022-11-28T15:16:15Z", + "updated_at": "2022-11-30T21:11:48Z", "pushed_at": "2022-03-02T15:41:29Z", - "stargazers_count": 143, - "watchers_count": 143, + "stargazers_count": 144, + "watchers_count": 144, "has_discussions": false, "forks_count": 23, "allow_forking": true, @@ -339,7 +339,7 @@ ], "visibility": "public", "forks": 23, - "watchers": 143, + "watchers": 144, "score": 0 }, { @@ -1211,10 +1211,10 @@ "description": "Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)", "fork": false, "created_at": "2021-12-04T22:38:30Z", - "updated_at": "2022-02-22T05:29:04Z", + "updated_at": "2022-11-30T23:53:53Z", "pushed_at": "2022-02-10T15:20:42Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -1223,7 +1223,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 9, + "watchers": 7, "score": 0 }, { diff --git a/2021/CVE-2021-28482.json b/2021/CVE-2021-28482.json index 2a23464513..012cbf84fd 100644 --- a/2021/CVE-2021-28482.json +++ b/2021/CVE-2021-28482.json @@ -13,10 +13,10 @@ "description": "POC from TestANull for CVE-2021-28482 on Exchange Server", "fork": false, "created_at": "2021-05-03T13:54:36Z", - "updated_at": "2022-11-09T18:12:09Z", + "updated_at": "2022-11-30T20:28:12Z", "pushed_at": "2021-05-03T14:29:49Z", - "stargazers_count": 42, - "watchers_count": 42, + "stargazers_count": 43, + "watchers_count": 43, "has_discussions": false, "forks_count": 15, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 15, - "watchers": 42, + "watchers": 43, "score": 0 }, { diff --git a/2021/CVE-2021-42278.json b/2021/CVE-2021-42278.json index 941027496c..4585a21e9b 100644 --- a/2021/CVE-2021-42278.json +++ b/2021/CVE-2021-42278.json @@ -47,10 +47,10 @@ "description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ", "fork": false, "created_at": "2021-12-13T10:28:12Z", - "updated_at": "2022-11-30T04:44:41Z", + "updated_at": "2022-11-30T23:20:07Z", "pushed_at": "2022-11-23T07:39:55Z", - "stargazers_count": 479, - "watchers_count": 479, + "stargazers_count": 480, + "watchers_count": 480, "has_discussions": false, "forks_count": 90, "allow_forking": true, @@ -59,7 +59,7 @@ "topics": [], "visibility": "public", "forks": 90, - "watchers": 479, + "watchers": 480, "score": 0 }, { diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 6a4efd8e03..b415e103e2 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -761,39 +761,6 @@ "watchers": 11, "score": 0 }, - { - "id": 437562080, - "name": "log4j-log4shell-affected", - "full_name": "authomize\/log4j-log4shell-affected", - "owner": { - "login": "authomize", - "id": 57180096, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57180096?v=4", - "html_url": "https:\/\/github.com\/authomize" - }, - "html_url": "https:\/\/github.com\/authomize\/log4j-log4shell-affected", - "description": "Lists of affected components and affected apps\/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability ", - "fork": false, - "created_at": "2021-12-12T14:05:05Z", - "updated_at": "2022-07-06T23:37:59Z", - "pushed_at": "2021-12-19T07:40:25Z", - "stargazers_count": 49, - "watchers_count": 49, - "has_discussions": false, - "forks_count": 8, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [ - "cve-2021-44228", - "log4j", - "log4j-rce" - ], - "visibility": "public", - "forks": 8, - "watchers": 49, - "score": 0 - }, { "id": 437567489, "name": "CVE-2021-44228_IoCs", @@ -1844,7 +1811,7 @@ "stargazers_count": 360, "watchers_count": 360, "has_discussions": false, - "forks_count": 49, + "forks_count": 50, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -1856,7 +1823,7 @@ "vulnerability-scanners" ], "visibility": "public", - "forks": 49, + "forks": 50, "watchers": 360, "score": 0 }, diff --git a/2022/CVE-2022-21661.json b/2022/CVE-2022-21661.json index 56ff25c6e7..6e6bd2383e 100644 --- a/2022/CVE-2022-21661.json +++ b/2022/CVE-2022-21661.json @@ -187,10 +187,10 @@ "description": "The first poc video presenting the sql injection test from ( WordPress Core 5.8.2-'WP_Query' \/ CVE-2022-21661) ", "fork": false, "created_at": "2022-11-06T20:44:10Z", - "updated_at": "2022-11-30T16:06:49Z", + "updated_at": "2022-11-30T22:08:18Z", "pushed_at": "2022-11-23T21:09:11Z", - "stargazers_count": 5, - "watchers_count": 5, + "stargazers_count": 6, + "watchers_count": 6, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -205,7 +205,7 @@ ], "visibility": "public", "forks": 1, - "watchers": 5, + "watchers": 6, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-24112.json b/2022/CVE-2022-24112.json index 2a08e691fa..de4b5d0c95 100644 --- a/2022/CVE-2022-24112.json +++ b/2022/CVE-2022-24112.json @@ -100,7 +100,7 @@ "description": "CVE-2022-24112: Apache APISIX Remote Code Execution Vulnerability", "fork": false, "created_at": "2022-03-08T17:08:52Z", - "updated_at": "2022-10-20T15:28:09Z", + "updated_at": "2022-11-30T20:18:32Z", "pushed_at": "2022-03-08T17:12:37Z", "stargazers_count": 5, "watchers_count": 5, diff --git a/2022/CVE-2022-25765.json b/2022/CVE-2022-25765.json index f45e6e9ee0..a7c4358339 100644 --- a/2022/CVE-2022-25765.json +++ b/2022/CVE-2022-25765.json @@ -13,10 +13,10 @@ "description": "A Shell exploit for CVE-2022-25765", "fork": false, "created_at": "2022-11-29T09:25:13Z", - "updated_at": "2022-11-29T09:26:01Z", + "updated_at": "2022-11-30T21:24:23Z", "pushed_at": "2022-11-29T09:25:58Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-2588.json b/2022/CVE-2022-2588.json index 232d3e17d7..10c6bf603c 100644 --- a/2022/CVE-2022-2588.json +++ b/2022/CVE-2022-2588.json @@ -13,10 +13,10 @@ "description": "exploit for CVE-2022-2588", "fork": false, "created_at": "2022-08-11T06:01:24Z", - "updated_at": "2022-11-29T06:41:35Z", + "updated_at": "2022-11-30T19:36:50Z", "pushed_at": "2022-10-27T16:35:08Z", - "stargazers_count": 380, - "watchers_count": 380, + "stargazers_count": 381, + "watchers_count": 381, "has_discussions": false, "forks_count": 53, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 53, - "watchers": 380, + "watchers": 381, "score": 0 }, { diff --git a/2022/CVE-2022-29464.json b/2022/CVE-2022-29464.json index fc3efb6ebc..9a1b02e25d 100644 --- a/2022/CVE-2022-29464.json +++ b/2022/CVE-2022-29464.json @@ -13,10 +13,10 @@ "description": "WSO2 RCE (CVE-2022-29464) exploit and writeup.", "fork": false, "created_at": "2022-04-20T21:23:52Z", - "updated_at": "2022-11-24T11:25:28Z", + "updated_at": "2022-11-30T20:17:35Z", "pushed_at": "2022-04-27T05:52:43Z", - "stargazers_count": 323, - "watchers_count": 323, + "stargazers_count": 324, + "watchers_count": 324, "has_discussions": false, "forks_count": 76, "allow_forking": true, @@ -27,7 +27,7 @@ ], "visibility": "public", "forks": 76, - "watchers": 323, + "watchers": 324, "score": 0 }, { diff --git a/2022/CVE-2022-30190.json b/2022/CVE-2022-30190.json index 9bdbc9c45f..810850eb65 100644 --- a/2022/CVE-2022-30190.json +++ b/2022/CVE-2022-30190.json @@ -1542,7 +1542,7 @@ "stargazers_count": 17, "watchers_count": 17, "has_discussions": false, - "forks_count": 11, + "forks_count": 12, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -1558,7 +1558,7 @@ "word" ], "visibility": "public", - "forks": 11, + "forks": 12, "watchers": 17, "score": 0 }, diff --git a/2022/CVE-2022-30525.json b/2022/CVE-2022-30525.json index 86fed0c4d7..3334e9279e 100644 --- a/2022/CVE-2022-30525.json +++ b/2022/CVE-2022-30525.json @@ -366,10 +366,10 @@ "description": "A OS Command Injection Vulnerability in the CGI Program of Zyxel", "fork": false, "created_at": "2022-06-12T19:04:41Z", - "updated_at": "2022-06-12T19:13:13Z", + "updated_at": "2022-11-30T20:16:19Z", "pushed_at": "2022-06-12T19:27:56Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -378,7 +378,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0 }, { diff --git a/2022/CVE-2022-31898.json b/2022/CVE-2022-31898.json index af76bda0a6..6f73f3eba3 100644 --- a/2022/CVE-2022-31898.json +++ b/2022/CVE-2022-31898.json @@ -18,7 +18,7 @@ "stargazers_count": 11, "watchers_count": 11, "has_discussions": false, - "forks_count": 3, + "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -29,7 +29,7 @@ "gl-inet" ], "visibility": "public", - "forks": 3, + "forks": 4, "watchers": 11, "score": 0 } diff --git a/2022/CVE-2022-39197.json b/2022/CVE-2022-39197.json index 95176bcca1..703b08a976 100644 --- a/2022/CVE-2022-39197.json +++ b/2022/CVE-2022-39197.json @@ -383,34 +383,5 @@ "forks": 0, "watchers": 1, "score": 0 - }, - { - "id": 572526199, - "name": "coablt_strike_4.5", - "full_name": "Trinity-SYT-SECURITY\/coablt_strike_4.5", - "owner": { - "login": "Trinity-SYT-SECURITY", - "id": 96654161, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96654161?v=4", - "html_url": "https:\/\/github.com\/Trinity-SYT-SECURITY" - }, - "html_url": "https:\/\/github.com\/Trinity-SYT-SECURITY\/coablt_strike_4.5", - "description": "可以利用這個版本做CVE-2022-39197 RCE POC,以及其他的漏洞測試,請在解壓前關閉防毒軟體,不然會被查殺", - "fork": false, - "created_at": "2022-11-30T13:16:43Z", - "updated_at": "2022-11-30T14:51:35Z", - "pushed_at": "2022-11-30T13:43:10Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0 } ] \ No newline at end of file diff --git a/README.md b/README.md index d896dace59..5973d7cdfb 100644 --- a/README.md +++ b/README.md @@ -4161,7 +4161,6 @@ An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Stri - [PyterSmithDarkGhost/CVE-2022-39197-POC](https://github.com/PyterSmithDarkGhost/CVE-2022-39197-POC) - [TheCryingGame/CVE-2022-39197-RCE](https://github.com/TheCryingGame/CVE-2022-39197-RCE) - [adeljck/CVE-2022-39197](https://github.com/adeljck/CVE-2022-39197) -- [Trinity-SYT-SECURITY/coablt_strike_4.5](https://github.com/Trinity-SYT-SECURITY/coablt_strike_4.5) ### CVE-2022-39425 (2022-10-18) @@ -6016,6 +6015,14 @@ Grav Admin Plugin is an HTML user interface that provides a way to configure Gra - [CsEnox/CVE-2021-21425](https://github.com/CsEnox/CVE-2021-21425) - [frknktlca/GravCMS_Nmap_Script](https://github.com/frknktlca/GravCMS_Nmap_Script) +### CVE-2021-21514 (2021-03-02) + + +Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request. + + +- [und3sc0n0c1d0/AFR-in-OMSA](https://github.com/und3sc0n0c1d0/AFR-in-OMSA) + ### CVE-2021-21551 (2021-05-04) @@ -8706,7 +8713,6 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12 - [CodeShield-Security/Log4JShell-Bytecode-Detector](https://github.com/CodeShield-Security/Log4JShell-Bytecode-Detector) - [dtact/divd-2021-00038--log4j-scanner](https://github.com/dtact/divd-2021-00038--log4j-scanner) - [Malwar3Ninja/Exploitation-of-Log4j2-CVE-2021-44228](https://github.com/Malwar3Ninja/Exploitation-of-Log4j2-CVE-2021-44228) -- [authomize/log4j-log4shell-affected](https://github.com/authomize/log4j-log4shell-affected) - [guardicode/CVE-2021-44228_IoCs](https://github.com/guardicode/CVE-2021-44228_IoCs) - [nccgroup/log4j-jndi-be-gone](https://github.com/nccgroup/log4j-jndi-be-gone) - [qingtengyun/cve-2021-44228-qingteng-online-patch](https://github.com/qingtengyun/cve-2021-44228-qingteng-online-patch) @@ -10028,7 +10034,6 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - [vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796-](https://github.com/vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796-) - [arzuozkan/CVE-2020-0796](https://github.com/arzuozkan/CVE-2020-0796) - [SEHandler/CVE-2020-0796](https://github.com/SEHandler/CVE-2020-0796) -- [NetJBS/-CVE-2020-0796-RCE](https://github.com/NetJBS/-CVE-2020-0796-RCE) ### CVE-2020-0797 (2020-03-12) @@ -10761,6 +10766,14 @@ In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulne - [GUI/legacy-rails-CVE-2020-5267-patch](https://github.com/GUI/legacy-rails-CVE-2020-5267-patch) +### CVE-2020-5377 (2020-07-28) + + +Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management station. + + +- [und3sc0n0c1d0/AFR-in-OMSA](https://github.com/und3sc0n0c1d0/AFR-in-OMSA) + ### CVE-2020-5398 (2020-01-16) @@ -10838,14 +10851,12 @@ In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12. - [aqhmal/CVE-2020-5902-Scanner](https://github.com/aqhmal/CVE-2020-5902-Scanner) - [jas502n/CVE-2020-5902](https://github.com/jas502n/CVE-2020-5902) - [yassineaboukir/CVE-2020-5902](https://github.com/yassineaboukir/CVE-2020-5902) -- [rwincey/CVE-2020-5902-NSE](https://github.com/rwincey/CVE-2020-5902-NSE) - [un4gi/CVE-2020-5902](https://github.com/un4gi/CVE-2020-5902) - [yasserjanah/CVE-2020-5902](https://github.com/yasserjanah/CVE-2020-5902) - [dunderhay/CVE-2020-5902](https://github.com/dunderhay/CVE-2020-5902) - [r0ttenbeef/cve-2020-5902](https://github.com/r0ttenbeef/cve-2020-5902) - [lijiaxing1997/CVE-2020-5902-POC-EXP](https://github.com/lijiaxing1997/CVE-2020-5902-POC-EXP) - [0xAbdullah/CVE-2020-5902](https://github.com/0xAbdullah/CVE-2020-5902) -- [jinnywc/CVE-2020-5902](https://github.com/jinnywc/CVE-2020-5902) - [GoodiesHQ/F5-Patch](https://github.com/GoodiesHQ/F5-Patch) - [jiansiting/CVE-2020-5902](https://github.com/jiansiting/CVE-2020-5902) - [wdlid/CVE-2020-5902-fix](https://github.com/wdlid/CVE-2020-5902-fix) @@ -11087,6 +11098,7 @@ In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE - [knqyf263/CVE-2020-7461](https://github.com/knqyf263/CVE-2020-7461) +- [0xkol/freebsd-dhclient-poc](https://github.com/0xkol/freebsd-dhclient-poc) ### CVE-2020-7471 (2020-02-03) @@ -12172,6 +12184,7 @@ The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to - [Fans0n-Fan/Treck20-Related](https://github.com/Fans0n-Fan/Treck20-Related) +- [0xkol/ripple20-digi-connect-exploit](https://github.com/0xkol/ripple20-digi-connect-exploit) ### CVE-2020-11898 (2020-06-17) @@ -25282,6 +25295,14 @@ Stack-based buffer overflow in the NTP time-server interface on Meinberg IMS-LAN - [securifera/CVE-2016-3962-Exploit](https://github.com/securifera/CVE-2016-3962-Exploit) +### CVE-2016-4004 (2016-04-12) + + +Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file parameter to ViewFile. + + +- [und3sc0n0c1d0/AFR-in-OMSA](https://github.com/und3sc0n0c1d0/AFR-in-OMSA) + ### CVE-2016-4010 (2017-01-23)