mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2023/08/18 18:28:14

Browse source
This commit is contained in:
motikan2010-bot 2023-08-19 03:28:14 +09:00
parent edf54c5d67
commit 2441a94dd5
29 changed files with 537 additions and 153 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2016/CVE-2016-3714.json
View file

@ -133,10 +133,10 @@
"description": "ImaegMagick Code Execution (CVE-2016-3714)",
"fork": false,
"created_at": "2016-05-07T08:21:27Z",
"updated_at": "2023-04-24T15:16:13Z",
"updated_at": "2023-08-18T15:28:12Z",
"pushed_at": "2016-05-07T17:26:47Z",
"stargazers_count": 69,
"watchers_count": 69,
"stargazers_count": 70,
"watchers_count": 70,
"has_discussions": false,
"forks_count": 40,
"allow_forking": true,
@ -145,7 +145,7 @@
"topics": [],
"visibility": "public",
"forks": 40,
"watchers": 69,
"watchers": 70,
"score": 0,
"subscribers_count": 7
},

8
2016/CVE-2016-4977.json
View file

@ -43,10 +43,10 @@
"description": "burpsuite 的Spring漏洞扫描插件。SpringVulScan支持检测路由泄露|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977",
"fork": false,
"created_at": "2022-06-19T13:16:55Z",
"updated_at": "2023-08-16T02:13:53Z",
"updated_at": "2023-08-18T13:43:50Z",
"pushed_at": "2023-01-23T13:00:34Z",
"stargazers_count": 128,
"watchers_count": 128,
"stargazers_count": 129,
"watchers_count": 129,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 128,
"watchers": 129,
"score": 0,
"subscribers_count": 2
}

2
2017/CVE-2017-5941.json
View file

@ -87,6 +87,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

8
2018/CVE-2018-9276.json
View file

@ -73,10 +73,10 @@
"description": "CVE-2018-9276 PRTG < 18.2.39 Reverse Shell (Python3 support)",
"fork": false,
"created_at": "2021-07-29T01:17:22Z",
"updated_at": "2023-06-29T19:42:22Z",
"updated_at": "2023-08-18T13:31:59Z",
"pushed_at": "2022-12-22T01:40:01Z",
"stargazers_count": 9,
"watchers_count": 9,
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 9,
"watchers": 10,
"score": 0,
"subscribers_count": 2
}

4
2019/CVE-2019-11510.json
View file

@ -304,13 +304,13 @@
"stargazers_count": 29,
"watchers_count": 29,
"has_discussions": false,
"forks_count": 8,
"forks_count": 9,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 8,
"forks": 9,
"watchers": 29,
"score": 0,
"subscribers_count": 7

4
2019/CVE-2019-2215.json
View file

@ -230,7 +230,7 @@
"stargazers_count": 38,
"watchers_count": 38,
"has_discussions": false,
"forks_count": 14,
"forks_count": 15,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -241,7 +241,7 @@
"kernel-vulnerability"
],
"visibility": "public",
"forks": 14,
"forks": 15,
"watchers": 38,
"score": 0,
"subscribers_count": 3

8
2020/CVE-2020-0796.json
View file

@ -1096,10 +1096,10 @@
"description": "CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost",
"fork": false,
"created_at": "2020-03-30T11:42:56Z",
"updated_at": "2023-08-09T00:27:25Z",
"updated_at": "2023-08-18T15:06:21Z",
"pushed_at": "2020-12-07T20:04:27Z",
"stargazers_count": 1272,
"watchers_count": 1272,
"stargazers_count": 1271,
"watchers_count": 1271,
"has_discussions": false,
"forks_count": 368,
"allow_forking": true,
@ -1114,7 +1114,7 @@
],
"visibility": "public",
"forks": 368,
"watchers": 1272,
"watchers": 1271,
"score": 0,
"subscribers_count": 34
},

18
2020/CVE-2020-1472.json
View file

@ -43,10 +43,10 @@
"description": "Test tool for CVE-2020-1472",
"fork": false,
"created_at": "2020-09-08T08:58:37Z",
"updated_at": "2023-08-15T13:13:10Z",
"updated_at": "2023-08-18T15:06:22Z",
"pushed_at": "2023-07-20T10:51:42Z",
"stargazers_count": 1628,
"watchers_count": 1628,
"stargazers_count": 1627,
"watchers_count": 1627,
"has_discussions": false,
"forks_count": 361,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 361,
"watchers": 1628,
"watchers": 1627,
"score": 0,
"subscribers_count": 90
},
@ -103,10 +103,10 @@
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
"fork": false,
"created_at": "2020-09-14T16:56:51Z",
"updated_at": "2023-08-16T16:33:32Z",
"updated_at": "2023-08-18T17:12:04Z",
"pushed_at": "2020-11-03T09:45:24Z",
"stargazers_count": 1070,
"watchers_count": 1070,
"stargazers_count": 1071,
"watchers_count": 1071,
"has_discussions": false,
"forks_count": 281,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 281,
"watchers": 1070,
"watchers": 1071,
"score": 0,
"subscribers_count": 35
},
@ -1868,7 +1868,7 @@
"fork": false,
"created_at": "2023-02-26T11:49:44Z",
"updated_at": "2023-03-06T10:23:44Z",
"pushed_at": "2023-08-02T01:32:06Z",
"pushed_at": "2023-08-18T16:55:04Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,

10
2021/CVE-2021-1675.json
View file

@ -43,7 +43,7 @@
"description": "C# and Impacket implementation of PrintNightmare CVE-2021-1675\/CVE-2021-34527",
"fork": false,
"created_at": "2021-06-29T17:24:14Z",
"updated_at": "2023-08-18T01:51:01Z",
"updated_at": "2023-08-18T15:06:23Z",
"pushed_at": "2021-07-20T15:28:13Z",
"stargazers_count": 1728,
"watchers_count": 1728,
@ -972,10 +972,10 @@
"description": "Python implementation for PrintNightmare (CVE-2021-1675 \/ CVE-2021-34527)",
"fork": false,
"created_at": "2021-09-26T13:53:10Z",
"updated_at": "2023-08-11T08:39:23Z",
"updated_at": "2023-08-18T14:47:44Z",
"pushed_at": "2021-10-17T13:29:56Z",
"stargazers_count": 157,
"watchers_count": 157,
"stargazers_count": 158,
"watchers_count": 158,
"has_discussions": false,
"forks_count": 28,
"allow_forking": true,
@ -987,7 +987,7 @@
],
"visibility": "public",
"forks": 28,
"watchers": 157,
"watchers": 158,
"score": 0,
"subscribers_count": 6
},

4
2021/CVE-2021-1961.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 98,
"watchers_count": 98,
"has_discussions": false,
"forks_count": 15,
"forks_count": 16,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 15,
"forks": 16,
"watchers": 98,
"score": 0,
"subscribers_count": 7

8
2021/CVE-2021-21972.json
View file

@ -851,10 +851,10 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2023-08-18T10:47:35Z",
"updated_at": "2023-08-18T16:38:31Z",
"pushed_at": "2023-05-14T12:08:39Z",
"stargazers_count": 1040,
"watchers_count": 1040,
"stargazers_count": 1042,
"watchers_count": 1042,
"has_discussions": false,
"forks_count": 131,
"allow_forking": true,
@ -870,7 +870,7 @@
],
"visibility": "public",
"forks": 131,
"watchers": 1040,
"watchers": 1042,
"score": 0,
"subscribers_count": 10
}

8
2021/CVE-2021-4034.json
View file

@ -1305,10 +1305,10 @@
"description": "Python exploit code for CVE-2021-4034 (pwnkit)",
"fork": false,
"created_at": "2022-01-26T17:53:16Z",
"updated_at": "2023-08-09T01:31:46Z",
"updated_at": "2023-08-18T14:57:06Z",
"pushed_at": "2022-01-28T00:29:15Z",
"stargazers_count": 114,
"watchers_count": 114,
"stargazers_count": 115,
"watchers_count": 115,
"has_discussions": false,
"forks_count": 39,
"allow_forking": true,
@ -1317,7 +1317,7 @@
"topics": [],
"visibility": "public",
"forks": 39,
"watchers": 114,
"watchers": 115,
"score": 0,
"subscribers_count": 2
},

16
2021/CVE-2021-40444.json
View file

@ -223,10 +223,10 @@
"description": "CVE-2021-40444 PoC",
"fork": false,
"created_at": "2021-09-10T16:55:53Z",
"updated_at": "2023-08-16T11:57:21Z",
"updated_at": "2023-08-18T15:06:24Z",
"pushed_at": "2021-12-25T18:31:02Z",
"stargazers_count": 1492,
"watchers_count": 1492,
"stargazers_count": 1491,
"watchers_count": 1491,
"has_discussions": false,
"forks_count": 491,
"allow_forking": true,
@ -235,7 +235,7 @@
"topics": [],
"visibility": "public",
"forks": 491,
"watchers": 1492,
"watchers": 1491,
"score": 0,
"subscribers_count": 28
},
@ -523,10 +523,10 @@
"description": "CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit",
"fork": false,
"created_at": "2021-09-15T22:34:35Z",
"updated_at": "2023-08-15T08:44:08Z",
"updated_at": "2023-08-18T15:06:20Z",
"pushed_at": "2022-06-22T20:21:42Z",
"stargazers_count": 759,
"watchers_count": 759,
"stargazers_count": 758,
"watchers_count": 758,
"has_discussions": false,
"forks_count": 169,
"allow_forking": true,
@ -542,7 +542,7 @@
],
"visibility": "public",
"forks": 169,
"watchers": 759,
"watchers": 758,
"score": 0,
"subscribers_count": 19
},

8
2021/CVE-2021-41773.json
View file

@ -869,10 +869,10 @@
"description": "A framework for bug hunting or pentesting targeting websites that have CVE-2021-41773 Vulnerability in public ",
"fork": false,
"created_at": "2021-10-07T01:31:13Z",
"updated_at": "2023-03-17T09:41:58Z",
"updated_at": "2023-08-18T16:33:03Z",
"pushed_at": "2021-10-07T08:25:26Z",
"stargazers_count": 58,
"watchers_count": 58,
"stargazers_count": 59,
"watchers_count": 59,
"has_discussions": false,
"forks_count": 16,
"allow_forking": true,
@ -887,7 +887,7 @@
],
"visibility": "public",
"forks": 16,
"watchers": 58,
"watchers": 59,
"score": 0,
"subscribers_count": 2
},

8
2022/CVE-2022-21999.json
View file

@ -13,10 +13,10 @@
"description": "Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)",
"fork": false,
"created_at": "2022-02-08T17:25:44Z",
"updated_at": "2023-08-12T14:43:07Z",
"updated_at": "2023-08-18T15:06:18Z",
"pushed_at": "2022-02-09T16:54:09Z",
"stargazers_count": 720,
"watchers_count": 720,
"stargazers_count": 719,
"watchers_count": 719,
"has_discussions": false,
"forks_count": 154,
"allow_forking": true,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 154,
"watchers": 720,
"watchers": 719,
"score": 0,
"subscribers_count": 16
}

8
2022/CVE-2022-22954.json
View file

@ -766,10 +766,10 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2023-08-18T10:47:35Z",
"updated_at": "2023-08-18T16:38:31Z",
"pushed_at": "2023-05-14T12:08:39Z",
"stargazers_count": 1040,
"watchers_count": 1040,
"stargazers_count": 1042,
"watchers_count": 1042,
"has_discussions": false,
"forks_count": 131,
"allow_forking": true,
@ -785,7 +785,7 @@
],
"visibility": "public",
"forks": 131,
"watchers": 1040,
"watchers": 1042,
"score": 0,
"subscribers_count": 10
},

8
2022/CVE-2022-29072.json
View file

@ -13,10 +13,10 @@
"description": "7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.",
"fork": false,
"created_at": "2022-04-15T22:59:03Z",
"updated_at": "2023-08-13T16:29:47Z",
"updated_at": "2023-08-18T15:06:19Z",
"pushed_at": "2022-04-22T11:26:31Z",
"stargazers_count": 691,
"watchers_count": 691,
"stargazers_count": 690,
"watchers_count": 690,
"has_discussions": false,
"forks_count": 109,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 109,
"watchers": 691,
"watchers": 690,
"score": 0,
"subscribers_count": 26
},

4
2022/CVE-2022-34265.json
View file

@ -78,13 +78,13 @@
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 4,
"score": 0,
"subscribers_count": 0

8
2022/CVE-2022-39197.json
View file

@ -321,10 +321,10 @@
"description": "CobaltStrike <= 4.7.1 RCE",
"fork": false,
"created_at": "2022-10-14T11:46:01Z",
"updated_at": "2023-08-16T08:58:39Z",
"updated_at": "2023-08-18T14:36:27Z",
"pushed_at": "2022-10-25T05:32:54Z",
"stargazers_count": 347,
"watchers_count": 347,
"stargazers_count": 348,
"watchers_count": 348,
"has_discussions": false,
"forks_count": 83,
"allow_forking": true,
@ -333,7 +333,7 @@
"topics": [],
"visibility": "public",
"forks": 83,
"watchers": 347,
"watchers": 348,
"score": 0,
"subscribers_count": 7
},

32
2022/CVE-2022-45808.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 680205273,
"name": "CVE-2022-45808",
"full_name": "RandomRobbieBF\/CVE-2022-45808",
"owner": {
"login": "RandomRobbieBF",
"id": 51722811,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4",
"html_url": "https:\/\/github.com\/RandomRobbieBF"
},
"html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-45808",
"description": "LearnPress Plugin < 4.2.0 - Unauthenticated SQLi",
"fork": false,
"created_at": "2023-08-18T15:43:50Z",
"updated_at": "2023-08-18T15:43:50Z",
"pushed_at": "2023-08-18T15:45:18Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

32
2022/CVE-2022-47615.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 680191554,
"name": "CVE-2022-47615",
"full_name": "RandomRobbieBF\/CVE-2022-47615",
"owner": {
"login": "RandomRobbieBF",
"id": 51722811,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4",
"html_url": "https:\/\/github.com\/RandomRobbieBF"
},
"html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-47615",
"description": "LearnPress Plugin < 4.2.0 - Unauthenticated LFI Description ",
"fork": false,
"created_at": "2023-08-18T15:04:36Z",
"updated_at": "2023-08-18T15:14:25Z",
"pushed_at": "2023-08-18T15:14:22Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-21839.json
View file

@ -48,10 +48,10 @@
"description": null,
"fork": false,
"created_at": "2023-02-21T16:08:56Z",
"updated_at": "2023-08-08T01:39:33Z",
"updated_at": "2023-08-18T17:44:11Z",
"pushed_at": "2023-02-26T06:43:18Z",
"stargazers_count": 201,
"watchers_count": 201,
"stargazers_count": 202,
"watchers_count": 202,
"has_discussions": false,
"forks_count": 45,
"allow_forking": true,
@ -60,7 +60,7 @@
"topics": [],
"visibility": "public",
"forks": 45,
"watchers": 201,
"watchers": 202,
"score": 0,
"subscribers_count": 3
},

30
2023/CVE-2023-24329.json
View file

@ -28,5 +28,35 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 680228161,
"name": "CVE-2023-24329-codeql-test",
"full_name": "Pandante-Central\/CVE-2023-24329-codeql-test",
"owner": {
"login": "Pandante-Central",
"id": 128833419,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128833419?v=4",
"html_url": "https:\/\/github.com\/Pandante-Central"
},
"html_url": "https:\/\/github.com\/Pandante-Central\/CVE-2023-24329-codeql-test",
"description": null,
"fork": false,
"created_at": "2023-08-18T16:53:11Z",
"updated_at": "2023-08-18T16:55:17Z",
"pushed_at": "2023-08-18T17:34:22Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-27372.json
View file

@ -13,10 +13,10 @@
"description": "SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.",
"fork": false,
"created_at": "2023-06-19T14:36:47Z",
"updated_at": "2023-08-16T13:56:52Z",
"updated_at": "2023-08-18T15:05:05Z",
"pushed_at": "2023-06-22T07:19:36Z",
"stargazers_count": 48,
"watchers_count": 48,
"stargazers_count": 49,
"watchers_count": 49,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -40,7 +40,7 @@
],
"visibility": "public",
"forks": 5,
"watchers": 48,
"watchers": 49,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-34312.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-34312",
"fork": false,
"created_at": "2023-05-27T12:44:42Z",
"updated_at": "2023-08-10T08:50:52Z",
"updated_at": "2023-08-18T15:06:39Z",
"pushed_at": "2023-05-27T12:45:10Z",
"stargazers_count": 402,
"watchers_count": 402,
"stargazers_count": 403,
"watchers_count": 403,
"has_discussions": false,
"forks_count": 75,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 75,
"watchers": 402,
"watchers": 403,
"score": 0,
"subscribers_count": 3
},

4
2023/CVE-2023-3519.json
View file

@ -327,13 +327,13 @@
"stargazers_count": 35,
"watchers_count": 35,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"forks": 3,
"watchers": 35,
"score": 0,
"subscribers_count": 3

8
2023/CVE-2023-36899.json
View file

@ -43,10 +43,10 @@
"description": "CVE-2023-36899漏洞的复现环境和工具针对ASP.NET框架中的无cookie会话身份验证绕过。",
"fork": false,
"created_at": "2023-08-15T23:36:17Z",
"updated_at": "2023-08-17T14:00:02Z",
"updated_at": "2023-08-18T17:09:21Z",
"pushed_at": "2023-08-15T23:37:11Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 10,
"watchers": 11,
"score": 0,
"subscribers_count": 2
}

32
2023/CVE-2023-38890.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 680223099,
"name": "CVE-2023-38890",
"full_name": "akshadjoshi\/CVE-2023-38890",
"owner": {
"login": "akshadjoshi",
"id": 106912619,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106912619?v=4",
"html_url": "https:\/\/github.com\/akshadjoshi"
},
"html_url": "https:\/\/github.com\/akshadjoshi\/CVE-2023-38890",
"description": "poc",
"fork": false,
"created_at": "2023-08-18T16:37:39Z",
"updated_at": "2023-08-18T16:37:40Z",
"pushed_at": "2023-08-18T16:50:47Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

378
README.md
View file

@ -960,6 +960,7 @@
</code>
- [H4R335HR/CVE-2023-24329-PoC](https://github.com/H4R335HR/CVE-2023-24329-PoC)
- [Pandante-Central/CVE-2023-24329-codeql-test](https://github.com/Pandante-Central/CVE-2023-24329-codeql-test)
### CVE-2023-24362
- [cavetownie/CVE-2023-24362](https://github.com/cavetownie/CVE-2023-24362)
@ -2710,6 +2711,9 @@
### CVE-2023-38836
- [1337kid/CVE-2023-38836](https://github.com/1337kid/CVE-2023-38836)
### CVE-2023-38890
- [akshadjoshi/CVE-2023-38890](https://github.com/akshadjoshi/CVE-2023-38890)
### CVE-2023-39115 (2023-08-16)
<code>install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document.
@ -8528,6 +8532,13 @@
- [p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE](https://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE)
- [yuriisanin/CVE-2022-45771](https://github.com/yuriisanin/CVE-2022-45771)
### CVE-2022-45808 (2023-01-24)
<code>SQL Injection vulnerability in LearnPress WordPress LMS Plugin &lt;= 4.1.7.3.2 versions.
</code>
- [RandomRobbieBF/CVE-2022-45808](https://github.com/RandomRobbieBF/CVE-2022-45808)
### CVE-2022-45934 (2022-11-26)
<code>An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
@ -8736,6 +8747,13 @@
- [hyp3rlinx/CVE-2022-47529](https://github.com/hyp3rlinx/CVE-2022-47529)
### CVE-2022-47615 (2023-01-24)
<code>Local File Inclusion vulnerability in LearnPress WordPress LMS Plugin &lt;= 4.1.7.3.2 versions.
</code>
- [RandomRobbieBF/CVE-2022-47615](https://github.com/RandomRobbieBF/CVE-2022-47615)
### CVE-2022-47872 (2023-02-01)
<code>maccms10 2021.1000.2000 is vulnerable to Server-side request forgery (SSRF).
@ -25179,7 +25197,11 @@
- [tafamace/CVE-2018-7489](https://github.com/tafamace/CVE-2018-7489)
### CVE-2018-7600
### CVE-2018-7600 (2018-03-29)
<code>Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
</code>
- [g0rx/CVE-2018-7600-Drupal-RCE](https://github.com/g0rx/CVE-2018-7600-Drupal-RCE)
- [a2u/CVE-2018-7600](https://github.com/a2u/CVE-2018-7600)
- [dreadlocked/Drupalgeddon2](https://github.com/dreadlocked/Drupalgeddon2)
@ -25215,70 +25237,154 @@
- [anldori/CVE-2018-7600](https://github.com/anldori/CVE-2018-7600)
- [r0lh/CVE-2018-7600](https://github.com/r0lh/CVE-2018-7600)
### CVE-2018-7602
### CVE-2018-7602 (2018-07-19)
<code>A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.
</code>
- [1337g/Drupalgedon3](https://github.com/1337g/Drupalgedon3)
- [happynote3966/CVE-2018-7602](https://github.com/happynote3966/CVE-2018-7602)
- [kastellanos/CVE-2018-7602](https://github.com/kastellanos/CVE-2018-7602)
- [cyberharsh/DrupalCVE-2018-7602](https://github.com/cyberharsh/DrupalCVE-2018-7602)
### CVE-2018-7669
### CVE-2018-7669 (2018-04-27)
<code>An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 Hotfix 141178-1 and above. The 'Log Viewer' application is vulnerable to a directory traversal attack, allowing an attacker to access arbitrary files from the host Operating System using a sitecore/shell/default.aspx?xmlcontrol=LogViewerDetails&amp;file= URI. Validation is performed to ensure that the text passed to the 'file' parameter correlates to the correct log file directory. This filter can be bypassed by including a valid log filename and then appending a traditional 'dot dot' style attack.
</code>
- [palaziv/CVE-2018-7669](https://github.com/palaziv/CVE-2018-7669)
### CVE-2018-7690
### CVE-2018-7690 (2018-12-13)
<code>A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access
</code>
- [alt3kx/CVE-2018-7690](https://github.com/alt3kx/CVE-2018-7690)
### CVE-2018-7691
### CVE-2018-7691 (2018-12-13)
<code>A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access
</code>
- [alt3kx/CVE-2018-7691](https://github.com/alt3kx/CVE-2018-7691)
### CVE-2018-7747
### CVE-2018-7747 (2018-04-20)
<code>Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form.
</code>
- [mindpr00f/CVE-2018-7747](https://github.com/mindpr00f/CVE-2018-7747)
### CVE-2018-7750
### CVE-2018-7750 (2018-03-13)
<code>transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.
</code>
- [jm33-m0/CVE-2018-7750](https://github.com/jm33-m0/CVE-2018-7750)
### CVE-2018-7935
### CVE-2018-7935 (2023-02-10)
<code>There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable.
</code>
- [lawrenceamer/CVE-2018-7935](https://github.com/lawrenceamer/CVE-2018-7935)
### CVE-2018-8004
### CVE-2018-8004 (2018-08-29)
<code>There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS). This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions.
</code>
- [mosesrenegade/CVE-2018-8004](https://github.com/mosesrenegade/CVE-2018-8004)
### CVE-2018-8021
### CVE-2018-8021 (2018-11-07)
<code>Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation.
</code>
- [r3dxpl0it/Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021](https://github.com/r3dxpl0it/Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021)
### CVE-2018-8032
### CVE-2018-8032 (2018-08-02)
<code>Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
</code>
- [cairuojin/CVE-2018-8032](https://github.com/cairuojin/CVE-2018-8032)
### CVE-2018-8038
### CVE-2018-8038 (2018-07-05)
<code>Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity Provider itself when parsing certain XML-based parameters.
</code>
- [tafamace/CVE-2018-8038](https://github.com/tafamace/CVE-2018-8038)
### CVE-2018-8039
### CVE-2018-8039 (2018-07-02)
<code>It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty(&quot;java.protocol.handler.pkgs&quot;, &quot;com.sun.net.ssl.internal.www.protocol&quot;);'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks.
</code>
- [tafamace/CVE-2018-8039](https://github.com/tafamace/CVE-2018-8039)
### CVE-2018-8045
### CVE-2018-8045 (2018-03-14)
<code>In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view.
</code>
- [luckybool1020/CVE-2018-8045](https://github.com/luckybool1020/CVE-2018-8045)
### CVE-2018-8060
### CVE-2018-8060 (2018-05-09)
<code>HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. This affects IOCTLs higher than 0x85FE2600 with the HWiNFO32 symbolic device name.
</code>
- [otavioarj/SIOCtl](https://github.com/otavioarj/SIOCtl)
### CVE-2018-8065
### CVE-2018-8065 (2018-03-12)
<code>An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access violation on the syncbrs.exe memory region that can be triggered by rapidly sending a variety of HTTP requests with long HTTP header values or long URIs.
</code>
- [EgeBalci/CVE-2018-8065](https://github.com/EgeBalci/CVE-2018-8065)
### CVE-2018-8078
### CVE-2018-8078 (2018-03-13)
<code>YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.html.
</code>
- [Jx0n0/YZMCMSxss](https://github.com/Jx0n0/YZMCMSxss)
### CVE-2018-8090
### CVE-2018-8090 (2018-07-25)
<code>Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading.
</code>
- [kernelm0de/CVE-2018-8090](https://github.com/kernelm0de/CVE-2018-8090)
### CVE-2018-8097
### CVE-2018-8097 (2018-03-14)
<code>io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter.
</code>
- [SilentVoid13/CVE-2018-8097](https://github.com/SilentVoid13/CVE-2018-8097)
### CVE-2018-8108
### CVE-2018-8108 (2018-03-14)
<code>The select component in bui through 2018-03-13 has XSS because it performs an escape operation on already-escaped text, as demonstrated by workGroupList text.
</code>
- [zlgxzswjy/BUI-select-xss](https://github.com/zlgxzswjy/BUI-select-xss)
### CVE-2018-8115
### CVE-2018-8115 (2018-05-02)
<code>A remote code execution vulnerability exists when the Windows Host Compute Service Shim (hcsshim) library fails to properly validate input while importing a container image, aka &quot;Windows Host Compute Service Shim Remote Code Execution Vulnerability.&quot; This affects Windows Host Compute.
</code>
- [aquasecurity/scan-cve-2018-8115](https://github.com/aquasecurity/scan-cve-2018-8115)
### CVE-2018-8120
### CVE-2018-8120 (2018-05-09)
<code>An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka &quot;Win32k Elevation of Privilege Vulnerability.&quot; This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166.
</code>
- [bigric3/cve-2018-8120](https://github.com/bigric3/cve-2018-8120)
- [rip1s/CVE-2018-8120](https://github.com/rip1s/CVE-2018-8120)
- [ne1llee/cve-2018-8120](https://github.com/ne1llee/cve-2018-8120)
@ -25290,10 +25396,18 @@
- [StartZYP/CVE-2018-8120](https://github.com/StartZYP/CVE-2018-8120)
- [wikiZ/cve-2018-8120](https://github.com/wikiZ/cve-2018-8120)
### CVE-2018-8172
### CVE-2018-8172 (2018-07-10)
<code>A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka &quot;Visual Studio Remote Code Execution Vulnerability.&quot; This affects Microsoft Visual Studio, Expression Blend 4.
</code>
- [SyFi/CVE-2018-8172](https://github.com/SyFi/CVE-2018-8172)
### CVE-2018-8174
### CVE-2018-8174 (2018-05-09)
<code>A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka &quot;Windows VBScript Engine Remote Code Execution Vulnerability.&quot; This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
</code>
- [0x09AL/CVE-2018-8174-msf](https://github.com/0x09AL/CVE-2018-8174-msf)
- [Yt1g3r/CVE-2018-8174_EXP](https://github.com/Yt1g3r/CVE-2018-8174_EXP)
- [SyFi/CVE-2018-8174](https://github.com/SyFi/CVE-2018-8174)
@ -25310,102 +25424,218 @@
- [lisinan988/CVE-2018-8174-exp](https://github.com/lisinan988/CVE-2018-8174-exp)
- [sinisterghost/https-github.com-iBearcat-CVE-2018-8174_EXP](https://github.com/sinisterghost/https-github.com-iBearcat-CVE-2018-8174_EXP)
### CVE-2018-8208
### CVE-2018-8208 (2018-06-14)
<code>An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka &quot;Windows Desktop Bridge Elevation of Privilege Vulnerability.&quot; This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214.
</code>
- [kaisaryousuf/CVE-2018-8208](https://github.com/kaisaryousuf/CVE-2018-8208)
### CVE-2018-8214
### CVE-2018-8214 (2018-06-14)
<code>An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka &quot;Windows Desktop Bridge Elevation of Privilege Vulnerability.&quot; This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208.
</code>
- [guwudoor/CVE-2018-8214](https://github.com/guwudoor/CVE-2018-8214)
### CVE-2018-8284
### CVE-2018-8284 (2018-07-10)
<code>A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka &quot;.NET Framework Remote Code Injection Vulnerability.&quot; This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
</code>
- [quantiti/CVE-2018-8284-Sharepoint-RCE](https://github.com/quantiti/CVE-2018-8284-Sharepoint-RCE)
### CVE-2018-8353
### CVE-2018-8353 (2018-08-15)
<code>A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka &quot;Scripting Engine Memory Corruption Vulnerability.&quot; This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.
</code>
- [whereisr0da/CVE-2018-8353-POC](https://github.com/whereisr0da/CVE-2018-8353-POC)
### CVE-2018-8389
### CVE-2018-8389 (2018-08-15)
<code>A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka &quot;Scripting Engine Memory Corruption Vulnerability.&quot; This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8390.
</code>
- [sharmasandeepkr/cve-2018-8389](https://github.com/sharmasandeepkr/cve-2018-8389)
### CVE-2018-8410
### CVE-2018-8410 (2018-09-12)
<code>An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory, aka &quot;Windows Registry Elevation of Privilege Vulnerability.&quot; This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
</code>
- [trapmine/CVE-2018-8410](https://github.com/trapmine/CVE-2018-8410)
### CVE-2018-8414
### CVE-2018-8414 (2018-08-15)
<code>A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka &quot;Windows Shell Remote Code Execution Vulnerability.&quot; This affects Windows 10 Servers, Windows 10.
</code>
- [whereisr0da/CVE-2018-8414-POC](https://github.com/whereisr0da/CVE-2018-8414-POC)
### CVE-2018-8420
### CVE-2018-8420 (2018-09-12)
<code>A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka &quot;MS XML Remote Code Execution Vulnerability.&quot; This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
</code>
- [idkwim/CVE-2018-8420](https://github.com/idkwim/CVE-2018-8420)
### CVE-2018-8440
### CVE-2018-8440 (2018-09-12)
<code>An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka &quot;Windows ALPC Elevation of Privilege Vulnerability.&quot; This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
</code>
- [sourceincite/CVE-2018-8440](https://github.com/sourceincite/CVE-2018-8440)
### CVE-2018-8453
### CVE-2018-8453 (2018-10-10)
<code>An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka &quot;Win32k Elevation of Privilege Vulnerability.&quot; This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
</code>
- [Mkv4/cve-2018-8453-exp](https://github.com/Mkv4/cve-2018-8453-exp)
- [ze0r/cve-2018-8453-exp](https://github.com/ze0r/cve-2018-8453-exp)
- [thepwnrip/leHACK-Analysis-of-CVE-2018-8453](https://github.com/thepwnrip/leHACK-Analysis-of-CVE-2018-8453)
### CVE-2018-8495
### CVE-2018-8495 (2018-10-10)
<code>A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka &quot;Windows Shell Remote Code Execution Vulnerability.&quot; This affects Windows Server 2016, Windows 10, Windows 10 Servers.
</code>
- [whereisr0da/CVE-2018-8495-POC](https://github.com/whereisr0da/CVE-2018-8495-POC)
### CVE-2018-8581
### CVE-2018-8581 (2018-11-13)
<code>An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka &quot;Microsoft Exchange Server Elevation of Privilege Vulnerability.&quot; This affects Microsoft Exchange Server.
</code>
- [WyAtu/CVE-2018-8581](https://github.com/WyAtu/CVE-2018-8581)
- [qiantu88/CVE-2018-8581](https://github.com/qiantu88/CVE-2018-8581)
- [Ridter/Exchange2domain](https://github.com/Ridter/Exchange2domain)
### CVE-2018-8587
### CVE-2018-8587 (2018-12-11)
<code>A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka &quot;Microsoft Outlook Remote Code Execution Vulnerability.&quot; This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.
</code>
- [Sunqiz/CVE-2018-8587-reproduction](https://github.com/Sunqiz/CVE-2018-8587-reproduction)
### CVE-2018-8611
### CVE-2018-8611 (2018-12-11)
<code>An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka &quot;Windows Kernel Elevation of Privilege Vulnerability.&quot; This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
</code>
- [lsw29475/CVE-2018-8611](https://github.com/lsw29475/CVE-2018-8611)
### CVE-2018-8639
### CVE-2018-8639 (2018-12-11)
<code>An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka &quot;Win32k Elevation of Privilege Vulnerability.&quot; This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8641.
</code>
- [ze0r/CVE-2018-8639-exp](https://github.com/ze0r/CVE-2018-8639-exp)
- [timwhitez/CVE-2018-8639-EXP](https://github.com/timwhitez/CVE-2018-8639-EXP)
### CVE-2018-8718
### CVE-2018-8718 (2018-03-27)
<code>Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.
</code>
- [GeunSam2/CVE-2018-8718](https://github.com/GeunSam2/CVE-2018-8718)
### CVE-2018-8733
### CVE-2018-8733 (2018-04-17)
<code>Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability.
</code>
- [xfer0/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed](https://github.com/xfer0/Nagios-XI-5.2.6-9-5.3-5.4-Chained-Remote-Root-Exploit-Fixed)
### CVE-2018-8820
### CVE-2018-8820 (2018-03-28)
<code>An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the &quot;match&quot; parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some cases, the authentication requirement for the attack can be met by sending the default admin credentials.
</code>
- [hateshape/frevvomapexec](https://github.com/hateshape/frevvomapexec)
### CVE-2018-8897
### CVE-2018-8897 (2018-05-08)
<code>A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL &lt; 3, the debug exception is delivered after the transfer to CPL &lt; 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.
</code>
- [nmulasmajic/CVE-2018-8897](https://github.com/nmulasmajic/CVE-2018-8897)
- [jiazhang0/pop-mov-ss-exploit](https://github.com/jiazhang0/pop-mov-ss-exploit)
- [can1357/CVE-2018-8897](https://github.com/can1357/CVE-2018-8897)
- [nmulasmajic/syscall_exploit_CVE-2018-8897](https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897)
### CVE-2018-8941
### CVE-2018-8941 (2018-04-03)
<code>Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi.
</code>
- [SECFORCE/CVE-2018-8941](https://github.com/SECFORCE/CVE-2018-8941)
### CVE-2018-8947
### CVE-2018-8947 (2018-03-25)
<code>rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.
</code>
- [scopion/CVE-2018-8947](https://github.com/scopion/CVE-2018-8947)
### CVE-2018-8970
### CVE-2018-8970 (2018-03-24)
<code>The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: the LibreSSL documentation indicates that this special case is supported, but the BoringSSL documentation does not.
</code>
- [tiran/CVE-2018-8970](https://github.com/tiran/CVE-2018-8970)
### CVE-2018-9059
### CVE-2018-9059 (2018-04-20)
<code>Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791.
</code>
- [manojcode/easy-file-share-7.2-exploit-CVE-2018-9059](https://github.com/manojcode/easy-file-share-7.2-exploit-CVE-2018-9059)
### CVE-2018-9075
### CVE-2018-9075 (2018-09-28)
<code>For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a PersonalCloud setup, an attacker can craft a command injection payload using backtick &quot;``&quot; characters in the client:password parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter.
</code>
- [beverlymiller818/cve-2018-9075](https://github.com/beverlymiller818/cve-2018-9075)
### CVE-2018-9160
### CVE-2018-9160 (2018-03-31)
<code>SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.
</code>
- [mechanico/sickrageWTF](https://github.com/mechanico/sickrageWTF)
### CVE-2018-9206
### CVE-2018-9206 (2018-10-11)
<code>Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload &lt;= v9.22.0
</code>
- [Den1al/CVE-2018-9206](https://github.com/Den1al/CVE-2018-9206)
- [Stahlz/JQShell](https://github.com/Stahlz/JQShell)
- [cved-sources/cve-2018-9206](https://github.com/cved-sources/cve-2018-9206)
- [mi-hood/CVE-2018-9206](https://github.com/mi-hood/CVE-2018-9206)
### CVE-2018-9207
### CVE-2018-9207 (2018-11-19)
<code>Arbitrary file upload in jQuery Upload File &lt;= 4.0.2
</code>
- [cved-sources/cve-2018-9207](https://github.com/cved-sources/cve-2018-9207)
### CVE-2018-9208
### CVE-2018-9208 (2018-11-05)
<code>Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut &lt;= v1.1Beta
</code>
- [cved-sources/cve-2018-9208](https://github.com/cved-sources/cve-2018-9208)
### CVE-2018-9276
### CVE-2018-9276 (2018-07-02)
<code>An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability (both on the server and on devices) by sending malformed parameters in sensor or notification management scenarios.
</code>
- [wildkindcc/CVE-2018-9276](https://github.com/wildkindcc/CVE-2018-9276)
- [andyfeili/CVE-2018-9276](https://github.com/andyfeili/CVE-2018-9276)
- [A1vinSmith/CVE-2018-9276](https://github.com/A1vinSmith/CVE-2018-9276)
@ -25419,29 +25649,57 @@
### CVE-2018-9468
- [IOActive/AOSP-DownloadProviderHijacker](https://github.com/IOActive/AOSP-DownloadProviderHijacker)
### CVE-2018-9493
### CVE-2018-9493 (2018-10-02)
<code>In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111085900
</code>
- [IOActive/AOSP-DownloadProviderDbDumper](https://github.com/IOActive/AOSP-DownloadProviderDbDumper)
### CVE-2018-9539
### CVE-2018-9539 (2018-11-14)
<code>In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-113027383
</code>
- [tamirzb/CVE-2018-9539](https://github.com/tamirzb/CVE-2018-9539)
### CVE-2018-9546
- [IOActive/AOSP-DownloadProviderHeadersDumper](https://github.com/IOActive/AOSP-DownloadProviderHeadersDumper)
### CVE-2018-9948
### CVE-2018-9948 (2018-05-17)
<code>This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of typed arrays. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5380.
</code>
- [manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958](https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958)
- [orangepirate/cve-2018-9948-9958-exp](https://github.com/orangepirate/cve-2018-9948-9958-exp)
### CVE-2018-9950
### CVE-2018-9950 (2018-05-17)
<code>This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5413.
</code>
- [sharmasandeepkr/PS-2017-13---CVE-2018-9950](https://github.com/sharmasandeepkr/PS-2017-13---CVE-2018-9950)
### CVE-2018-9951
### CVE-2018-9951 (2018-05-17)
<code>This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CPDF_Object objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5414.
</code>
- [sharmasandeepkr/cve-2018-9951](https://github.com/sharmasandeepkr/cve-2018-9951)
### CVE-2018-9958
### CVE-2018-9958 (2018-05-17)
<code>This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5620.
</code>
- [t3rabyt3-zz/CVE-2018-9958--Exploit](https://github.com/t3rabyt3-zz/CVE-2018-9958--Exploit)
### CVE-2018-9995
### CVE-2018-9995 (2018-04-10)
<code>TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a &quot;Cookie: uid=admin&quot; header, as demonstrated by a device.rsp?opt=user&amp;cmd=list request that provides credentials within JSON data in a response.
</code>
- [ezelf/CVE-2018-9995_dvr_credentials](https://github.com/ezelf/CVE-2018-9995_dvr_credentials)
- [zzh217/CVE-2018-9995_Batch_scanning_exp](https://github.com/zzh217/CVE-2018-9995_Batch_scanning_exp)
- [Huangkey/CVE-2018-9995_check](https://github.com/Huangkey/CVE-2018-9995_check)