mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/11/18 18:31:58

Browse source
This commit is contained in:
motikan2010-bot 2024-11-19 03:31:58 +09:00
parent 0e6b14af7d
commit 1b5cd51d16
42 changed files with 361 additions and 229 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2016/CVE-2016-5195.json
View file

@ -807,10 +807,10 @@
"description": "编译好的脏牛漏洞CVE-2016-5195EXP",
"fork": false,
"created_at": "2018-05-27T08:06:50Z",
"updated_at": "2024-05-31T01:12:44Z",
"updated_at": "2024-11-18T14:36:38Z",
"pushed_at": "2018-05-27T08:24:17Z",
"stargazers_count": 131,
"watchers_count": 131,
"stargazers_count": 132,
"watchers_count": 132,
"has_discussions": false,
"forks_count": 38,
"allow_forking": true,
@ -819,7 +819,7 @@
"topics": [],
"visibility": "public",
"forks": 38,
"watchers": 131,
"watchers": 132,
"score": 0,
"subscribers_count": 1
},

31
2017/CVE-2017-0213.json
View file

@ -185,37 +185,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 194031587,
"name": "CVE-2017-0213-Exploit",
"full_name": "Jos675\/CVE-2017-0213-Exploit",
"owner": {
"login": "Jos675",
"id": 35967664,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35967664?v=4",
"html_url": "https:\/\/github.com\/Jos675",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Jos675\/CVE-2017-0213-Exploit",
"description": "Binary",
"fork": false,
"created_at": "2019-06-27T05:56:35Z",
"updated_at": "2024-08-12T19:50:30Z",
"pushed_at": "2019-07-04T04:25:15Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 453258406,
"name": "CVE-2017-0213",

6
2017/CVE-2017-20165.json
View file

@ -14,8 +14,8 @@
"description": "Fork of the send module to deal with CVE-2017-20165",
"fork": false,
"created_at": "2023-01-11T10:20:27Z",
"updated_at": "2024-11-03T12:30:55Z",
"pushed_at": "2024-11-03T12:30:53Z",
"updated_at": "2024-11-18T16:40:35Z",
"pushed_at": "2024-11-18T16:45:41Z",
"stargazers_count": 13,
"watchers_count": 13,
"has_discussions": false,
@ -32,6 +32,6 @@
"forks": 12,
"watchers": 13,
"score": 0,
"subscribers_count": 14
"subscribers_count": 13
}
]

8
2018/CVE-2018-0101.json
View file

@ -45,10 +45,10 @@
"description": "A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.",
"fork": false,
"created_at": "2018-02-08T15:52:50Z",
"updated_at": "2024-09-21T11:38:09Z",
"updated_at": "2024-11-18T12:46:53Z",
"pushed_at": "2018-11-23T11:47:10Z",
"stargazers_count": 50,
"watchers_count": 50,
"stargazers_count": 49,
"watchers_count": 49,
"has_discussions": false,
"forks_count": 23,
"allow_forking": true,
@ -66,7 +66,7 @@
],
"visibility": "public",
"forks": 23,
"watchers": 50,
"watchers": 49,
"score": 0,
"subscribers_count": 9
}

8
2018/CVE-2018-15473.json
View file

@ -92,10 +92,10 @@
"description": "Exploit written in Python for CVE-2018-15473 with threading and export formats",
"fork": false,
"created_at": "2018-08-21T00:09:56Z",
"updated_at": "2024-11-13T06:49:33Z",
"updated_at": "2024-11-18T16:46:23Z",
"pushed_at": "2024-07-12T08:47:49Z",
"stargazers_count": 521,
"watchers_count": 521,
"stargazers_count": 520,
"watchers_count": 520,
"has_discussions": false,
"forks_count": 183,
"allow_forking": true,
@ -104,7 +104,7 @@
"topics": [],
"visibility": "public",
"forks": 183,
"watchers": 521,
"watchers": 520,
"score": 0,
"subscribers_count": 21
},

10
2019/CVE-2019-2215.json
View file

@ -76,10 +76,10 @@
"description": "Temproot for Pixel 2 and Pixel 2 XL via CVE-2019-2215",
"fork": false,
"created_at": "2019-10-14T17:27:37Z",
"updated_at": "2024-11-01T14:36:16Z",
"updated_at": "2024-11-18T18:03:26Z",
"pushed_at": "2019-10-15T01:04:08Z",
"stargazers_count": 107,
"watchers_count": 107,
"stargazers_count": 108,
"watchers_count": 108,
"has_discussions": false,
"forks_count": 48,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 48,
"watchers": 107,
"watchers": 108,
"score": 0,
"subscribers_count": 9
},
@ -629,6 +629,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

8
2021/CVE-2021-4034.json
View file

@ -812,10 +812,10 @@
"description": "CVE-2021-4034 POC and Docker and Analysis write up",
"fork": false,
"created_at": "2022-01-26T10:58:23Z",
"updated_at": "2024-08-12T20:20:05Z",
"updated_at": "2024-11-18T17:52:27Z",
"pushed_at": "2022-05-23T02:03:43Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -824,7 +824,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 10,
"watchers": 11,
"score": 0,
"subscribers_count": 2
},

8
2021/CVE-2021-40449.json
View file

@ -14,10 +14,10 @@
"description": "Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)",
"fork": false,
"created_at": "2021-10-16T16:17:44Z",
"updated_at": "2024-10-30T11:32:55Z",
"updated_at": "2024-11-18T14:33:34Z",
"pushed_at": "2021-11-11T17:09:56Z",
"stargazers_count": 461,
"watchers_count": 461,
"stargazers_count": 462,
"watchers_count": 462,
"has_discussions": false,
"forks_count": 91,
"allow_forking": true,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 91,
"watchers": 461,
"watchers": 462,
"score": 0,
"subscribers_count": 13
},

8
2022/CVE-2022-21894.json
View file

@ -14,10 +14,10 @@
"description": "baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability",
"fork": false,
"created_at": "2022-08-09T15:53:48Z",
"updated_at": "2024-11-04T19:00:07Z",
"updated_at": "2024-11-18T14:24:44Z",
"pushed_at": "2023-09-27T06:44:27Z",
"stargazers_count": 293,
"watchers_count": 293,
"stargazers_count": 295,
"watchers_count": 295,
"has_discussions": false,
"forks_count": 60,
"allow_forking": true,
@ -34,7 +34,7 @@
],
"visibility": "public",
"forks": 60,
"watchers": 293,
"watchers": 295,
"score": 0,
"subscribers_count": 12
},

8
2022/CVE-2022-25479.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK) ",
"fork": false,
"created_at": "2024-09-17T06:28:17Z",
"updated_at": "2024-11-15T17:29:23Z",
"updated_at": "2024-11-18T12:42:17Z",
"pushed_at": "2024-10-16T22:27:13Z",
"stargazers_count": 44,
"watchers_count": 44,
"stargazers_count": 45,
"watchers_count": 45,
"has_discussions": false,
"forks_count": 9,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 9,
"watchers": 44,
"watchers": 45,
"score": 0,
"subscribers_count": 1
}

8
2022/CVE-2022-25765.json
View file

@ -148,10 +148,10 @@
"description": "Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6",
"fork": false,
"created_at": "2023-01-29T10:36:40Z",
"updated_at": "2024-06-20T01:01:24Z",
"updated_at": "2024-11-18T15:37:59Z",
"pushed_at": "2023-01-29T11:01:27Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -160,7 +160,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 1
},

8
2022/CVE-2022-29464.json
View file

@ -14,10 +14,10 @@
"description": "WSO2 RCE (CVE-2022-29464) exploit and writeup.",
"fork": false,
"created_at": "2022-04-20T21:23:52Z",
"updated_at": "2024-11-14T02:20:52Z",
"updated_at": "2024-11-18T14:59:45Z",
"pushed_at": "2022-04-27T05:52:43Z",
"stargazers_count": 367,
"watchers_count": 367,
"stargazers_count": 369,
"watchers_count": 369,
"has_discussions": false,
"forks_count": 90,
"allow_forking": true,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 90,
"watchers": 367,
"watchers": 369,
"score": 0,
"subscribers_count": 8
},

8
2022/CVE-2022-46463.json
View file

@ -45,10 +45,10 @@
"description": "harbor unauthorized detection",
"fork": false,
"created_at": "2023-03-21T10:40:19Z",
"updated_at": "2024-11-18T07:46:05Z",
"updated_at": "2024-11-18T14:27:57Z",
"pushed_at": "2024-11-02T09:29:29Z",
"stargazers_count": 25,
"watchers_count": 25,
"stargazers_count": 26,
"watchers_count": 26,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 25,
"watchers": 26,
"score": 0,
"subscribers_count": 2
}

8
2023/CVE-2023-21554.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2023-21554 Windows MessageQueuing PoC分析见 https:\/\/www.zoemurmure.top\/posts\/cve_2023_21554\/",
"fork": false,
"created_at": "2023-05-18T10:30:49Z",
"updated_at": "2024-10-29T04:37:17Z",
"updated_at": "2024-11-18T13:26:39Z",
"pushed_at": "2023-05-18T10:38:57Z",
"stargazers_count": 53,
"watchers_count": 53,
"stargazers_count": 54,
"watchers_count": 54,
"has_discussions": false,
"forks_count": 15,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 15,
"watchers": 53,
"watchers": 54,
"score": 0,
"subscribers_count": 2
},

8
2023/CVE-2023-21768.json
View file

@ -14,10 +14,10 @@
"description": "LPE exploit for CVE-2023-21768",
"fork": false,
"created_at": "2023-03-07T23:00:27Z",
"updated_at": "2024-11-11T19:40:46Z",
"updated_at": "2024-11-18T14:23:05Z",
"pushed_at": "2023-07-10T16:35:49Z",
"stargazers_count": 480,
"watchers_count": 480,
"stargazers_count": 481,
"watchers_count": 481,
"has_discussions": false,
"forks_count": 163,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 163,
"watchers": 480,
"watchers": 481,
"score": 0,
"subscribers_count": 10
},

8
2023/CVE-2023-25157.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2023-25157 - GeoServer SQL Injection - PoC",
"fork": false,
"created_at": "2023-06-06T14:05:09Z",
"updated_at": "2024-10-02T00:01:36Z",
"updated_at": "2024-11-18T14:55:48Z",
"pushed_at": "2023-07-14T10:40:17Z",
"stargazers_count": 163,
"watchers_count": 163,
"stargazers_count": 162,
"watchers_count": 162,
"has_discussions": false,
"forks_count": 33,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 33,
"watchers": 163,
"watchers": 162,
"score": 0,
"subscribers_count": 2
},

8
2023/CVE-2023-44487.json
View file

@ -14,10 +14,10 @@
"description": "Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487",
"fork": false,
"created_at": "2023-10-10T14:20:42Z",
"updated_at": "2024-11-13T18:00:48Z",
"updated_at": "2024-11-18T14:16:25Z",
"pushed_at": "2024-01-08T11:12:08Z",
"stargazers_count": 224,
"watchers_count": 224,
"stargazers_count": 225,
"watchers_count": 225,
"has_discussions": false,
"forks_count": 49,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 49,
"watchers": 224,
"watchers": 225,
"score": 0,
"subscribers_count": 6
},

8
2024/CVE-2024-0044.json
View file

@ -14,10 +14,10 @@
"description": "Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability remotely",
"fork": false,
"created_at": "2024-06-18T09:22:59Z",
"updated_at": "2024-11-18T06:27:33Z",
"updated_at": "2024-11-18T16:13:48Z",
"pushed_at": "2024-07-31T01:29:36Z",
"stargazers_count": 62,
"watchers_count": 62,
"stargazers_count": 63,
"watchers_count": 63,
"has_discussions": false,
"forks_count": 13,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 13,
"watchers": 62,
"watchers": 63,
"score": 0,
"subscribers_count": 4
},

33
2024/CVE-2024-10015.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 890490572,
"name": "CVE-2024-10015",
"full_name": "windz3r0day\/CVE-2024-10015",
"owner": {
"login": "windz3r0day",
"id": 179751303,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4",
"html_url": "https:\/\/github.com\/windz3r0day",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-10015",
"description": "CVE-2024-10015 poc exploit",
"fork": false,
"created_at": "2024-11-18T16:53:43Z",
"updated_at": "2024-11-18T17:37:49Z",
"pushed_at": "2024-11-18T17:37:45Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

33
2024/CVE-2024-10386.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 890467338,
"name": "CVE-2024-10386",
"full_name": "zetraxz\/CVE-2024-10386",
"owner": {
"login": "zetraxz",
"id": 186395163,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186395163?v=4",
"html_url": "https:\/\/github.com\/zetraxz",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/zetraxz\/CVE-2024-10386",
"description": null,
"fork": false,
"created_at": "2024-11-18T16:07:33Z",
"updated_at": "2024-11-18T16:18:20Z",
"pushed_at": "2024-11-18T16:10:27Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

12
2024/CVE-2024-10924.json
View file

@ -14,10 +14,10 @@
"description": " Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 9.1.1.1 Authentication Bypass",
"fork": false,
"created_at": "2024-11-14T16:59:52Z",
"updated_at": "2024-11-18T11:21:02Z",
"updated_at": "2024-11-18T17:45:22Z",
"pushed_at": "2024-11-14T17:00:59Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
@ -45,8 +45,8 @@
"description": "CVE-2024-10924 Authentication Bypass Using an Alternate Path or Channel (CWE-288)",
"fork": false,
"created_at": "2024-11-17T21:29:58Z",
"updated_at": "2024-11-17T21:35:57Z",
"pushed_at": "2024-11-17T21:35:29Z",
"updated_at": "2024-11-18T14:30:09Z",
"pushed_at": "2024-11-18T14:29:56Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,

8
2024/CVE-2024-21762.json
View file

@ -45,10 +45,10 @@
"description": "This script performs vulnerability scanning for CVE-2024-21762, a Fortinet SSL VPN remote code execution vulnerability. It checks whether a given server is vulnerable to this CVE by sending specific requests and analyzing the responses.",
"fork": false,
"created_at": "2024-03-11T12:28:05Z",
"updated_at": "2024-11-03T21:28:49Z",
"updated_at": "2024-11-18T14:52:52Z",
"pushed_at": "2024-03-25T11:28:23Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-30088.json
View file

@ -76,10 +76,10 @@
"description": "该漏洞存在于 NtQueryInformationToken 函数中特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。",
"fork": false,
"created_at": "2024-07-05T16:02:56Z",
"updated_at": "2024-10-20T00:37:25Z",
"updated_at": "2024-11-18T16:05:20Z",
"pushed_at": "2024-07-05T16:06:16Z",
"stargazers_count": 32,
"watchers_count": 32,
"stargazers_count": 33,
"watchers_count": 33,
"has_discussions": false,
"forks_count": 14,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 14,
"watchers": 32,
"watchers": 33,
"score": 0,
"subscribers_count": 1
},

4
2024/CVE-2024-32002.json
View file

@ -81,7 +81,7 @@
"stargazers_count": 513,
"watchers_count": 513,
"has_discussions": false,
"forks_count": 143,
"forks_count": 144,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -92,7 +92,7 @@
"rce"
],
"visibility": "public",
"forks": 143,
"forks": 144,
"watchers": 513,
"score": 0,
"subscribers_count": 3

8
2024/CVE-2024-3400.json
View file

@ -76,10 +76,10 @@
"description": "CVE-2024-3400",
"fork": false,
"created_at": "2024-04-13T14:00:31Z",
"updated_at": "2024-11-12T13:59:18Z",
"updated_at": "2024-11-18T17:41:54Z",
"pushed_at": "2024-04-18T07:11:17Z",
"stargazers_count": 62,
"watchers_count": 62,
"stargazers_count": 63,
"watchers_count": 63,
"has_discussions": false,
"forks_count": 24,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 24,
"watchers": 62,
"watchers": 63,
"score": 0,
"subscribers_count": 2
},

16
2024/CVE-2024-35250.json
View file

@ -14,10 +14,10 @@
"description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver",
"fork": false,
"created_at": "2024-10-13T19:30:20Z",
"updated_at": "2024-11-16T10:12:33Z",
"updated_at": "2024-11-18T16:02:16Z",
"pushed_at": "2024-11-12T15:28:48Z",
"stargazers_count": 205,
"watchers_count": 205,
"stargazers_count": 206,
"watchers_count": 206,
"has_discussions": false,
"forks_count": 45,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 45,
"watchers": 205,
"watchers": 206,
"score": 0,
"subscribers_count": 6
},
@ -45,10 +45,10 @@
"description": "Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星,谢谢。) ",
"fork": false,
"created_at": "2024-10-15T07:23:47Z",
"updated_at": "2024-11-15T02:34:31Z",
"updated_at": "2024-11-18T15:16:55Z",
"pushed_at": "2024-10-21T04:15:27Z",
"stargazers_count": 26,
"watchers_count": 26,
"stargazers_count": 25,
"watchers_count": 25,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -61,7 +61,7 @@
],
"visibility": "public",
"forks": 2,
"watchers": 26,
"watchers": 25,
"score": 0,
"subscribers_count": 1
}

31
2024/CVE-2024-38063.json
View file

@ -823,5 +823,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 890443568,
"name": "CVE-2024-38063",
"full_name": "selenagomez25\/CVE-2024-38063",
"owner": {
"login": "selenagomez25",
"id": 92699085,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92699085?v=4",
"html_url": "https:\/\/github.com\/selenagomez25",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/selenagomez25\/CVE-2024-38063",
"description": "poc for exploiting cve-2024-38063",
"fork": false,
"created_at": "2024-11-18T15:20:24Z",
"updated_at": "2024-11-18T15:24:36Z",
"pushed_at": "2024-11-18T15:21:09Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-40431.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK) ",
"fork": false,
"created_at": "2024-09-17T06:28:17Z",
"updated_at": "2024-11-15T17:29:23Z",
"updated_at": "2024-11-18T12:42:17Z",
"pushed_at": "2024-10-16T22:27:13Z",
"stargazers_count": 44,
"watchers_count": 44,
"stargazers_count": 45,
"watchers_count": 45,
"has_discussions": false,
"forks_count": 9,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 9,
"watchers": 44,
"watchers": 45,
"score": 0,
"subscribers_count": 1
}

33
2024/CVE-2024-42346.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 890535432,
"name": "CVE-2024-42346",
"full_name": "partywavesec\/CVE-2024-42346",
"owner": {
"login": "partywavesec",
"id": 98420665,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98420665?v=4",
"html_url": "https:\/\/github.com\/partywavesec",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/partywavesec\/CVE-2024-42346",
"description": "CVE-2024-42346 POC",
"fork": false,
"created_at": "2024-11-18T18:31:03Z",
"updated_at": "2024-11-18T18:31:07Z",
"pushed_at": "2024-11-18T18:31:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-44258.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-44258",
"fork": false,
"created_at": "2024-10-29T09:45:03Z",
"updated_at": "2024-11-18T01:06:55Z",
"updated_at": "2024-11-18T17:38:41Z",
"pushed_at": "2024-11-02T19:20:44Z",
"stargazers_count": 48,
"watchers_count": 48,
"stargazers_count": 49,
"watchers_count": 49,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 48,
"watchers": 49,
"score": 0,
"subscribers_count": 1
}

16
2024/CVE-2024-4577.json
View file

@ -548,10 +548,10 @@
"description": "[漏洞复现] 全球首款利用PHP默认环境XAMPP的CVE-2024-4577 PHP-CGI RCE 漏洞 EXP。",
"fork": false,
"created_at": "2024-06-08T13:04:45Z",
"updated_at": "2024-10-29T12:43:20Z",
"updated_at": "2024-11-18T16:13:49Z",
"pushed_at": "2024-07-21T20:27:03Z",
"stargazers_count": 119,
"watchers_count": 119,
"stargazers_count": 120,
"watchers_count": 120,
"has_discussions": false,
"forks_count": 30,
"allow_forking": true,
@ -560,7 +560,7 @@
"topics": [],
"visibility": "public",
"forks": 30,
"watchers": 119,
"watchers": 120,
"score": 0,
"subscribers_count": 1
},
@ -1656,10 +1656,10 @@
"description": "CVE-2024-4577 RCE PoC",
"fork": false,
"created_at": "2024-11-06T05:30:33Z",
"updated_at": "2024-11-16T16:14:19Z",
"updated_at": "2024-11-18T18:24:35Z",
"pushed_at": "2024-11-15T09:01:10Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -1668,7 +1668,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 6,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-49328.json
View file

@ -14,10 +14,10 @@
"description": "WP REST API FNS <= 1.0.0 - Privilege Escalation",
"fork": false,
"created_at": "2024-11-06T16:25:59Z",
"updated_at": "2024-11-14T08:16:42Z",
"updated_at": "2024-11-18T17:47:41Z",
"pushed_at": "2024-11-06T16:28:46Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-51747.json
View file

@ -14,10 +14,10 @@
"description": null,
"fork": false,
"created_at": "2024-11-15T03:40:49Z",
"updated_at": "2024-11-15T04:35:06Z",
"updated_at": "2024-11-18T12:40:30Z",
"pushed_at": "2024-11-15T04:00:38Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1
}

22
2024/CVE-2024-48904.json → 2024/CVE-2024-52316.json
View file

@ -1,8 +1,8 @@
[
{
"id": 881946880,
"name": "CVE-2024-48904",
"full_name": "famixcm\/CVE-2024-48904",
"id": 890523023,
"name": "CVE-2024-52316",
"full_name": "famixcm\/CVE-2024-52316",
"owner": {
"login": "famixcm",
"id": 186815845,
@ -10,14 +10,14 @@
"html_url": "https:\/\/github.com\/famixcm",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/famixcm\/CVE-2024-48904",
"html_url": "https:\/\/github.com\/famixcm\/CVE-2024-52316",
"description": null,
"fork": false,
"created_at": "2024-11-01T14:52:59Z",
"updated_at": "2024-11-04T10:37:23Z",
"pushed_at": "2024-11-01T14:56:16Z",
"stargazers_count": 1,
"watchers_count": 1,
"created_at": "2024-11-18T18:03:07Z",
"updated_at": "2024-11-18T18:20:32Z",
"pushed_at": "2024-11-18T18:20:28Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,8 +26,8 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1
"subscribers_count": 0
}
]

8
2024/CVE-2024-5274.json
View file

@ -45,10 +45,10 @@
"description": null,
"fork": false,
"created_at": "2024-08-29T11:58:25Z",
"updated_at": "2024-10-30T09:44:22Z",
"updated_at": "2024-11-18T18:01:48Z",
"pushed_at": "2024-08-30T01:15:43Z",
"stargazers_count": 73,
"watchers_count": 73,
"stargazers_count": 74,
"watchers_count": 74,
"has_discussions": false,
"forks_count": 12,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 12,
"watchers": 73,
"watchers": 74,
"score": 0,
"subscribers_count": 2
}

45
2024/CVE-2024-52940.json Normal file
View file

@ -0,0 +1,45 @@
[
{
"id": 879314420,
"name": "abdal-anydesk-remote-ip-detector",
"full_name": "ebrasha\/abdal-anydesk-remote-ip-detector",
"owner": {
"login": "ebrasha",
"id": 9009001,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9009001?v=4",
"html_url": "https:\/\/github.com\/ebrasha",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ebrasha\/abdal-anydesk-remote-ip-detector",
"description": "CVE-2024-52940 - A critical zero-day vulnerability in AnyDesk's \"Allow Direct Connections\" feature, discovered and registered by Ebrahim Shafiei (EbraSha), exposing public and private IP addresses. For details, visit the NVD, Tenable, or MITRE pages.",
"fork": false,
"created_at": "2024-10-27T15:29:56Z",
"updated_at": "2024-11-18T16:26:47Z",
"pushed_at": "2024-11-18T15:09:32Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"abdal",
"abdal-security-group",
"anydesk",
"anydesk-ip-leak-vulnerability",
"cve-2024-52940",
"ebrahim-shafiei",
"ebrasha",
"ip-leak",
"vulnerability",
"zero-day",
"zero-day-vulnerability"
],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-5910.json
View file

@ -14,10 +14,10 @@
"description": null,
"fork": false,
"created_at": "2024-11-13T16:09:14Z",
"updated_at": "2024-11-17T21:17:07Z",
"updated_at": "2024-11-18T16:18:22Z",
"pushed_at": "2024-11-17T21:17:03Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-6387.json
View file

@ -2652,10 +2652,10 @@
"description": "Proof of concept python script for regreSSHion exploit. ",
"fork": false,
"created_at": "2024-07-30T06:13:11Z",
"updated_at": "2024-11-03T07:43:31Z",
"updated_at": "2024-11-18T16:45:53Z",
"pushed_at": "2024-10-19T04:58:22Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": true,
"forks_count": 1,
"allow_forking": true,
@ -2664,7 +2664,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 8,
"watchers": 7,
"score": 0,
"subscribers_count": 2
},

8
2024/CVE-2024-7479.json
View file

@ -14,10 +14,10 @@
"description": "TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.",
"fork": false,
"created_at": "2024-09-29T10:58:15Z",
"updated_at": "2024-11-15T17:28:35Z",
"updated_at": "2024-11-18T18:21:07Z",
"pushed_at": "2024-10-04T09:39:09Z",
"stargazers_count": 119,
"watchers_count": 119,
"stargazers_count": 120,
"watchers_count": 120,
"has_discussions": false,
"forks_count": 19,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 19,
"watchers": 119,
"watchers": 120,
"score": 0,
"subscribers_count": 1
}

6
2024/CVE-2024-9932.json
View file

@ -14,18 +14,18 @@
"description": "Wux Blog Editor <= 3.0.0 - Unauthenticated Arbitrary File Upload",
"fork": false,
"created_at": "2024-11-05T15:00:39Z",
"updated_at": "2024-11-05T15:02:08Z",
"updated_at": "2024-11-18T17:39:14Z",
"pushed_at": "2024-11-05T15:02:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1

33
2024/CVE-2024-9954.json
View file

@ -1,33 +0,0 @@
[
{
"id": 881024523,
"name": "CVE-2024-9954",
"full_name": "famixcm\/CVE-2024-9954",
"owner": {
"login": "famixcm",
"id": 186815845,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186815845?v=4",
"html_url": "https:\/\/github.com\/famixcm",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/famixcm\/CVE-2024-9954",
"description": null,
"fork": false,
"created_at": "2024-10-30T19:31:48Z",
"updated_at": "2024-11-04T10:37:23Z",
"pushed_at": "2024-10-31T19:45:55Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}
]

51
README.md
View file

@ -1899,13 +1899,6 @@
- [RandomRobbieBF/CVE-2024-9935](https://github.com/RandomRobbieBF/CVE-2024-9935)
### CVE-2024-9954 (2024-10-15)
<code>Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
</code>
- [famixcm/CVE-2024-9954](https://github.com/famixcm/CVE-2024-9954)
### CVE-2024-9955 (2024-10-15)
<code>Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
@ -1913,6 +1906,13 @@
- [amfg145/CVE-2024-9955-POC](https://github.com/amfg145/CVE-2024-9955-POC)
### CVE-2024-10015 (2024-11-16)
<code>The ConvertCalculator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'type' parameters in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
</code>
- [windz3r0day/CVE-2024-10015](https://github.com/windz3r0day/CVE-2024-10015)
### CVE-2024-10140 (2024-10-19)
<code>Eine kritische Schwachstelle wurde in code-projects Pharmacy Management System 1.0 entdeckt. Betroffen davon ist ein unbekannter Prozess der Datei /manage_supplier.php. Durch Beeinflussen des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
@ -1941,6 +1941,13 @@
- [K1nako0/CVE-2024-10355](https://github.com/K1nako0/CVE-2024-10355)
### CVE-2024-10386 (2024-10-25)
<code>CVE-2024-10386 IMPACT\n\n\n\nAn authentication\nvulnerability exists in the affected product. The vulnerability could allow a\nthreat actor with network access to send crafted messages to the device, potentially\nresulting in database manipulation.
</code>
- [zetraxz/CVE-2024-10386](https://github.com/zetraxz/CVE-2024-10386)
### CVE-2024-10410 (2024-10-27)
<code>In SourceCodester Online Hotel Reservation System 1.0 wurde eine kritische Schwachstelle entdeckt. Dabei geht es um die Funktion upload der Datei /admin/mod_room/controller.php?action=add. Dank Manipulation des Arguments image mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
@ -5201,6 +5208,7 @@
- [thanawee321/CVE-2024-38063](https://github.com/thanawee321/CVE-2024-38063)
- [AliHj98/cve-2024-38063-Anonyvader](https://github.com/AliHj98/cve-2024-38063-Anonyvader)
- [Dragkob/CVE-2024-38063](https://github.com/Dragkob/CVE-2024-38063)
- [selenagomez25/CVE-2024-38063](https://github.com/selenagomez25/CVE-2024-38063)
### CVE-2024-38077 (2024-07-09)
@ -5750,6 +5758,13 @@
- [fj016/CVE-2024-41992-PoC](https://github.com/fj016/CVE-2024-41992-PoC)
### CVE-2024-42346 (2024-09-20)
<code>Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All supported branches of Galaxy (and more back to release_20.05) were amended with the supplied patches. Users are advised to upgrade. There are no known workarounds for this vulnerability.
</code>
- [partywavesec/CVE-2024-42346](https://github.com/partywavesec/CVE-2024-42346)
### CVE-2024-42461 (2024-08-02)
<code>In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed.
@ -6415,13 +6430,6 @@
- [paragbagul111/CVE-2024-48652](https://github.com/paragbagul111/CVE-2024-48652)
### CVE-2024-48904 (2024-10-22)
<code>An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to execute arbitrary code on affected appliances.\r\n\r\nPlease note: authentication is not required in order to exploit this vulnerability.
</code>
- [famixcm/CVE-2024-48904](https://github.com/famixcm/CVE-2024-48904)
### CVE-2024-48914 (2024-10-15)
<code>Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data such as configuration files, environment variables, and other critical data stored on the server. In the same code path is an additional vector for crashing the server via a malformed URI. Patches are available in versions 3.0.5 and 2.3.3. Some workarounds are also available. One may use object storage rather than the local file system, e.g. MinIO or S3, or define middleware which detects and blocks requests with urls containing `/../`.
@ -6766,6 +6774,20 @@
- [d3sca/CVE-2024-52302](https://github.com/d3sca/CVE-2024-52302)
### CVE-2024-52316 (2024-11-18)
<code>Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta Authentication components that behave in this way.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue.
</code>
- [famixcm/CVE-2024-52316](https://github.com/famixcm/CVE-2024-52316)
### CVE-2024-52940 (2024-11-18)
<code>AnyDesk through 8.1.0 on Windows, when Allow Direct Connections is enabled, inadvertently exposes a public IP address within network traffic. The attacker must know the victim's AnyDesk ID.
</code>
- [ebrasha/abdal-anydesk-remote-ip-detector](https://github.com/ebrasha/abdal-anydesk-remote-ip-detector)
### CVE-2024-1642470
- [Symbolexe/CVE-2024-1642470](https://github.com/Symbolexe/CVE-2024-1642470)
@ -41608,7 +41630,6 @@
- [likekabin/CVE-2017-0213](https://github.com/likekabin/CVE-2017-0213)
- [jbooz1/CVE-2017-0213](https://github.com/jbooz1/CVE-2017-0213)
- [eonrickity/CVE-2017-0213](https://github.com/eonrickity/CVE-2017-0213)
- [Jos675/CVE-2017-0213-Exploit](https://github.com/Jos675/CVE-2017-0213-Exploit)
- [Anonymous-Family/CVE-2017-0213](https://github.com/Anonymous-Family/CVE-2017-0213)
### CVE-2017-0248 (2017-05-12)