mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-29 02:54:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/03/10 18:26:39

Browse source
This commit is contained in:
motikan2010-bot 2024-03-11 03:26:39 +09:00
parent 347344cdd2
commit 27242c60fe
21 changed files with 142 additions and 129 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
2015/CVE-2015-6620.json
View file

@ -27,7 +27,7 @@
"forks": 16,
"watchers": 39,
"score": 0,
"subscribers_count": 6
"subscribers_count": 5
},
{
"id": 54961298,

30
2016/CVE-2016-0792.json
View file

@ -39,36 +39,6 @@
"score": 0,
"subscribers_count": 4
},
{
"id": 125023802,
"name": "java-deserialization-exploits",
"full_name": "R0B1NL1N\/java-deserialization-exploits",
"owner": {
"login": "R0B1NL1N",
"id": 37288034,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37288034?v=4",
"html_url": "https:\/\/github.com\/R0B1NL1N"
},
"html_url": "https:\/\/github.com\/R0B1NL1N\/java-deserialization-exploits",
"description": "Exploit for Jenkins serialization vulnerability - CVE-2016-0792",
"fork": false,
"created_at": "2018-03-13T09:15:32Z",
"updated_at": "2022-08-25T21:33:41Z",
"pushed_at": "2018-03-13T09:15:59Z",
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 12,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 12,
"watchers": 10,
"score": 0,
"subscribers_count": 1
},
{
"id": 403984253,
"name": "CVE-2016-0792",

2
2016/CVE-2016-5195.json
View file

@ -281,7 +281,7 @@
"forks": 125,
"watchers": 303,
"score": 0,
"subscribers_count": 15
"subscribers_count": 16
},
{
"id": 71787126,

32
2017/CVE-2017-15428.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 769963067,
"name": "CVE-2017-15428",
"full_name": "Michelangelo-S\/CVE-2017-15428",
"owner": {
"login": "Michelangelo-S",
"id": 119981311,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119981311?v=4",
"html_url": "https:\/\/github.com\/Michelangelo-S"
},
"html_url": "https:\/\/github.com\/Michelangelo-S\/CVE-2017-15428",
"description": "An exploit for CVE-2017-15428",
"fork": false,
"created_at": "2024-03-10T14:53:53Z",
"updated_at": "2024-03-10T15:05:09Z",
"pushed_at": "2024-03-10T15:03:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

4
2017/CVE-2017-7494.json
View file

@ -78,7 +78,7 @@
"stargazers_count": 367,
"watchers_count": 367,
"has_discussions": false,
"forks_count": 111,
"forks_count": 99,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -90,7 +90,7 @@
"sambacry"
],
"visibility": "public",
"forks": 111,
"forks": 99,
"watchers": 367,
"score": 0,
"subscribers_count": 11

4
2021/CVE-2021-1675.json
View file

@ -306,13 +306,13 @@
"stargazers_count": 965,
"watchers_count": 965,
"has_discussions": false,
"forks_count": 228,
"forks_count": 229,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 228,
"forks": 229,
"watchers": 965,
"score": 0,
"subscribers_count": 26

8
2021/CVE-2021-3129.json
View file

@ -197,10 +197,10 @@
"description": "Laravel <= v8.4.2 debug mode: Remote code execution (CVE-2021-3129)",
"fork": false,
"created_at": "2021-02-18T05:42:13Z",
"updated_at": "2024-02-29T05:29:04Z",
"updated_at": "2024-03-10T15:40:44Z",
"pushed_at": "2021-12-14T05:12:17Z",
"stargazers_count": 132,
"watchers_count": 132,
"stargazers_count": 133,
"watchers_count": 133,
"has_discussions": false,
"forks_count": 62,
"allow_forking": true,
@ -209,7 +209,7 @@
"topics": [],
"visibility": "public",
"forks": 62,
"watchers": 132,
"watchers": 133,
"score": 0,
"subscribers_count": 1
},

8
2021/CVE-2021-44228.json
View file

@ -3666,10 +3666,10 @@
"description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ",
"fork": false,
"created_at": "2021-12-13T03:57:50Z",
"updated_at": "2024-03-10T01:35:12Z",
"updated_at": "2024-03-10T16:16:31Z",
"pushed_at": "2022-11-23T18:23:24Z",
"stargazers_count": 3339,
"watchers_count": 3339,
"stargazers_count": 3340,
"watchers_count": 3340,
"has_discussions": true,
"forks_count": 740,
"allow_forking": true,
@ -3678,7 +3678,7 @@
"topics": [],
"visibility": "public",
"forks": 740,
"watchers": 3339,
"watchers": 3340,
"score": 0,
"subscribers_count": 57
},

8
2023/CVE-2023-29360.json
View file

@ -13,10 +13,10 @@
"description": "Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver",
"fork": false,
"created_at": "2023-09-24T21:59:23Z",
"updated_at": "2024-03-10T00:48:22Z",
"updated_at": "2024-03-10T16:27:05Z",
"pushed_at": "2023-10-12T19:18:32Z",
"stargazers_count": 119,
"watchers_count": 119,
"stargazers_count": 120,
"watchers_count": 120,
"has_discussions": false,
"forks_count": 31,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 31,
"watchers": 119,
"watchers": 120,
"score": 0,
"subscribers_count": 2
}

32
2023/CVE-2023-33137.json
View file

@ -1,32 +0,0 @@
[
{
"id": 739906526,
"name": "CVE-2023-33137",
"full_name": "JaqueMalman\/CVE-2023-33137",
"owner": {
"login": "JaqueMalman",
"id": 9538089,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9538089?v=4",
"html_url": "https:\/\/github.com\/JaqueMalman"
},
"html_url": "https:\/\/github.com\/JaqueMalman\/CVE-2023-33137",
"description": "Tentando desesperadamente simular uma cve para o trabalho da disciplina de segurança da pós.",
"fork": false,
"created_at": "2024-01-06T22:40:19Z",
"updated_at": "2024-01-06T22:41:15Z",
"pushed_at": "2024-01-06T22:41:11Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
}
]

4
2023/CVE-2023-45866.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 31,
"watchers_count": 31,
"has_discussions": false,
"forks_count": 10,
"forks_count": 11,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 10,
"forks": 11,
"watchers": 31,
"score": 0,
"subscribers_count": 3

4
2023/CVE-2023-4596.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 23,
"watchers_count": 23,
"has_discussions": false,
"forks_count": 6,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -29,7 +29,7 @@
"poc"
],
"visibility": "public",
"forks": 6,
"forks": 5,
"watchers": 23,
"score": 0,
"subscribers_count": 1

8
2023/CVE-2023-46805.json
View file

@ -13,10 +13,10 @@
"description": "Scanner for CVE-2023-46805 - Ivanti Connect Secure",
"fork": false,
"created_at": "2024-01-14T18:30:11Z",
"updated_at": "2024-03-07T01:24:30Z",
"updated_at": "2024-03-10T17:00:35Z",
"pushed_at": "2024-01-24T07:15:43Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 2
},

8
2023/CVE-2023-50386.json
View file

@ -13,10 +13,10 @@
"description": "Apache Solr Backup\/Restore APIs RCE Poc (CVE-2023-50386)",
"fork": false,
"created_at": "2024-02-29T08:57:47Z",
"updated_at": "2024-03-09T21:01:52Z",
"updated_at": "2024-03-10T15:57:55Z",
"pushed_at": "2024-02-29T12:54:56Z",
"stargazers_count": 48,
"watchers_count": 48,
"stargazers_count": 50,
"watchers_count": 50,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 48,
"watchers": 50,
"score": 0,
"subscribers_count": 2
}

37
2023/CVE-2023-6000.json Normal file
View file

@ -0,0 +1,37 @@
[
{
"id": 769992502,
"name": "CVE-2023-6000",
"full_name": "rxerium\/CVE-2023-6000",
"owner": {
"login": "rxerium",
"id": 59293085,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59293085?v=4",
"html_url": "https:\/\/github.com\/rxerium"
},
"html_url": "https:\/\/github.com\/rxerium\/CVE-2023-6000",
"description": "The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks.",
"fork": false,
"created_at": "2024-03-10T16:20:22Z",
"updated_at": "2024-03-10T16:28:44Z",
"pushed_at": "2024-03-10T16:27:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cybersecurity",
"popup-builder",
"vulnerability",
"wordpress"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

12
2024/CVE-2024-21413.json
View file

@ -43,19 +43,19 @@
"description": "Microsoft-Outlook-Remote-Code-Execution-Vulnerability",
"fork": false,
"created_at": "2024-02-16T15:17:59Z",
"updated_at": "2024-03-10T09:26:10Z",
"updated_at": "2024-03-10T16:37:56Z",
"pushed_at": "2024-02-19T20:00:35Z",
"stargazers_count": 521,
"watchers_count": 521,
"stargazers_count": 524,
"watchers_count": 524,
"has_discussions": false,
"forks_count": 118,
"forks_count": 120,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 118,
"watchers": 521,
"forks": 120,
"watchers": 524,
"score": 0,
"subscribers_count": 6
},

12
2024/CVE-2024-21762.json
View file

@ -43,19 +43,19 @@
"description": "Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762",
"fork": false,
"created_at": "2024-02-28T21:16:10Z",
"updated_at": "2024-03-10T08:01:36Z",
"updated_at": "2024-03-10T17:26:23Z",
"pushed_at": "2024-03-01T20:02:52Z",
"stargazers_count": 53,
"watchers_count": 53,
"stargazers_count": 55,
"watchers_count": 55,
"has_discussions": false,
"forks_count": 5,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 53,
"forks": 6,
"watchers": 55,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-21893.json
View file

@ -43,10 +43,10 @@
"description": "CVE-2024-21893 to CVE-2024-21887 Exploit Toolkit",
"fork": false,
"created_at": "2024-02-03T11:33:40Z",
"updated_at": "2024-03-04T18:00:58Z",
"updated_at": "2024-03-10T16:58:28Z",
"pushed_at": "2024-02-03T11:48:37Z",
"stargazers_count": 11,
"watchers_count": 11,
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 11,
"watchers": 12,
"score": 0,
"subscribers_count": 1
}

4
2024/CVE-2024-23897.json
View file

@ -48,13 +48,13 @@
"stargazers_count": 95,
"watchers_count": 95,
"has_discussions": false,
"forks_count": 8,
"forks_count": 9,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 8,
"forks": 9,
"watchers": 95,
"score": 0,
"subscribers_count": 1

22
2024/CVE-2024-27198.json
View file

@ -13,10 +13,10 @@
"description": "Proof of Concept for Authentication Bypass in JetBrains TeamCity Pre-2023.11.4",
"fork": false,
"created_at": "2024-03-04T22:44:36Z",
"updated_at": "2024-03-10T06:33:24Z",
"updated_at": "2024-03-10T13:34:24Z",
"pushed_at": "2024-03-05T20:53:11Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 1
},
@ -103,12 +103,12 @@
"description": "CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4",
"fork": false,
"created_at": "2024-03-06T03:15:03Z",
"updated_at": "2024-03-10T06:14:48Z",
"updated_at": "2024-03-10T17:47:27Z",
"pushed_at": "2024-03-08T15:09:48Z",
"stargazers_count": 48,
"watchers_count": 48,
"stargazers_count": 49,
"watchers_count": 49,
"has_discussions": false,
"forks_count": 15,
"forks_count": 16,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -120,8 +120,8 @@
"teamcity"
],
"visibility": "public",
"forks": 15,
"watchers": 48,
"forks": 16,
"watchers": 49,
"score": 0,
"subscribers_count": 2
},
@ -140,7 +140,7 @@
"fork": false,
"created_at": "2024-03-07T15:12:56Z",
"updated_at": "2024-03-07T16:44:20Z",
"pushed_at": "2024-03-07T15:36:03Z",
"pushed_at": "2024-03-10T16:57:07Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

22
README.md
View file

@ -2014,6 +2014,13 @@
- [pedrojosenavasperez/cve-2023-5966](https://github.com/pedrojosenavasperez/cve-2023-5966)
### CVE-2023-6000 (2024-01-01)
<code>The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks.
</code>
- [rxerium/CVE-2023-6000](https://github.com/rxerium/CVE-2023-6000)
### CVE-2023-6036 (2024-02-12)
<code>The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handle_auth_request' and 'hadle_login_request'. This makes it possible for non authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.
@ -4504,13 +4511,6 @@
- [LOURC0D3/CVE-2023-32961](https://github.com/LOURC0D3/CVE-2023-32961)
### CVE-2023-33137 (2023-06-13)
<code>Microsoft Excel Remote Code Execution Vulnerability
</code>
- [JaqueMalman/CVE-2023-33137](https://github.com/JaqueMalman/CVE-2023-33137)
### CVE-2023-33242 (2023-08-09)
<code>Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed signature.
@ -35618,6 +35618,13 @@
- [sudosammy/CVE-2017-15394](https://github.com/sudosammy/CVE-2017-15394)
### CVE-2017-15428 (2019-01-09)
<code>Insufficient data validation in V8 builtins string generator could lead to out of bounds read and write access in V8 in Google Chrome prior to 62.0.3202.94 and allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
</code>
- [Michelangelo-S/CVE-2017-15428](https://github.com/Michelangelo-S/CVE-2017-15428)
### CVE-2017-15708 (2017-12-11)
<code>In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.
@ -36184,7 +36191,6 @@
</code>
- [jpiechowka/jenkins-cve-2016-0792](https://github.com/jpiechowka/jenkins-cve-2016-0792)
- [R0B1NL1N/java-deserialization-exploits](https://github.com/R0B1NL1N/java-deserialization-exploits)
- [Aviksaikat/CVE-2016-0792](https://github.com/Aviksaikat/CVE-2016-0792)
### CVE-2016-0793 (2016-04-01)